Updates and recent posts about Bandit..

Posts
Description

Link

@simme shared a link, 1 week, 6 days ago

Senior Engineering Manager, @canonical

Boring code is an organizational tell

Boring code is an organizational symptom, not an aesthetic failure. Co-change patterns in version control reveal team boundaries before any retrospective does; ownership concentration predicts defects better than code complexity metrics. With agents removing the friction that contained clever code accumulation, the incentive structures that produce boring code have never mattered more.

Activity

@simme started using tool Ubuntu , 1 week, 6 days ago.

Activity

@simme started using tool TypeScript , 1 week, 6 days ago.

Activity

@simme started using tool Python , 1 week, 6 days ago.

Activity

@simme started using tool PostgreSQL , 1 week, 6 days ago.

Activity

@simme started using tool lxd , 1 week, 6 days ago.

Activity

@simme started using tool Kubernetes , 1 week, 6 days ago.

Activity

@simme started using tool K6 , 1 week, 6 days ago.

Activity

@simme started using tool Juju , 1 week, 6 days ago.

Activity

@simme started using tool Grafana Tempo , 1 week, 6 days ago.

Bandit is an open source static analysis tool from the PyCQA that scans Python code for security vulnerabilities. It parses each file, builds an abstract syntax tree, and applies a series of plugins that detect risky patterns such as unsafe function calls, weak cryptography, shell injections, and insecure configuration. Bandit integrates with CI pipelines, pre-commit hooks, and development workflows, making it easy for teams to enforce secure coding standards. Its plugin-driven architecture and straightforward reporting make it a widely adopted tool in Python security and DevSecOps practices.