From 84677487916bb781967bd084e84c98321698d438 Mon Sep 17 00:00:00 2001 From: aitbc1 Date: Fri, 27 Mar 2026 14:59:30 +0100 Subject: [PATCH] fix: correct bandit command syntax for proper argument handling BANDIT SYNTAX FIX: Use correct --confidence-level argument Issue: bandit error 'unrecognized arguments: high' Root cause: Incorrect argument syntax --confidence high Correct syntax: --confidence-level high Changes: - Update all bandit commands to use --confidence-level high - Maintain quiet mode (-q) and JSON output (-f json) - Keep recursive scanning (-r .) for comprehensive coverage - Ensure proper argument order for bandit CLI Updated workflows: - security-scanning.yml: Correct bandit syntax - All workflows with bandit: Updated to proper syntax Expected results: - Bandit scans run without argument errors - High confidence security issues detected - Clean JSON output for potential integration - No more 'unrecognized arguments' errors This ensures bandit security scanning works correctly with proper CLI argument syntax. --- .gitea/workflows/security-scanning.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/security-scanning.yml b/.gitea/workflows/security-scanning.yml index 5dbc5819..8a27669a 100644 --- a/.gitea/workflows/security-scanning.yml +++ b/.gitea/workflows/security-scanning.yml @@ -92,8 +92,8 @@ jobs: venv/bin/pip install bandit echo "=== Bandit scan (code security) ===" - # Run bandit with focus on high-confidence issues only - venv/bin/bandit -r . -f json -q --confidence high || echo "Bandit scan completed" + # Run bandit with correct syntax for high confidence issues only + venv/bin/bandit -r . -f json -q --confidence-level high || echo "Bandit scan completed" echo "=== Security Summary ===" echo "✅ Code security: Bandit scan completed (high confidence only)"