From 3f1a229378367f98f6365516220327b96fd3ac1c Mon Sep 17 00:00:00 2001
From: Ward Van Heddeghem <wardvanheddeghem@hotmail.com>
Date: Sat, 25 May 2024 10:15:16 +0200
Subject: [PATCH] Add bandit linting

---
 examples/example.py          | 2 +-
 pyproject.toml               | 6 ++++--
 tests/tst_mijnbibliotheek.py | 1 +
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/examples/example.py b/examples/example.py
index 3d5d17b..bd9be9b 100644
--- a/examples/example.py
+++ b/examples/example.py
@@ -11,7 +11,7 @@
 # Change the following values to match your situation
 # city = "gent" # this used to be required, but is optional since January 2024
 username = "johndoe"
-password = "password"
+password = "password"  # noqa: S105
 account_id = "123456"
 
 print("\nFetching accounts...")
diff --git a/pyproject.toml b/pyproject.toml
index a4af31c..2cfaf4c 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -42,7 +42,8 @@ extend-select = [
     "SIM", # flake8-simplify, for simplified code
     "PTH", # pathlib (instead of os.path)
     "W",   # warning
-    "T2"
+    "T2",  # flake8-print (avoiding prints)
+    "S",   # bandit, security checks
 ]
 ignore = [
     "N818",   # error suffix in exception names
@@ -52,4 +53,5 @@ ignore = [
 
 [tool.ruff.lint.per-file-ignores]
 "**/tests/*" = ["T"]
-"examples/*" = ["T"]
\ No newline at end of file
+"examples/*" = ["T"]
+"**/tests*" = ["S101"] # Use of `assert` detected
diff --git a/tests/tst_mijnbibliotheek.py b/tests/tst_mijnbibliotheek.py
index ced730e..6c825f7 100644
--- a/tests/tst_mijnbibliotheek.py
+++ b/tests/tst_mijnbibliotheek.py
@@ -1,3 +1,4 @@
+# ruff: noqa: S301  # suspicious-pickle-usage
 import configparser
 import pickle
 import sys