From 403a3d38ee0c56495d9ef3e35174e864627d0aeb Mon Sep 17 00:00:00 2001
From: Eugene Davis <eugene.davis@tomtom.com>
Date: Fri, 19 Jul 2019 15:05:38 +0200
Subject: [PATCH 1/2] Add bandit option and configuration

---
 cookiecutter.json                                  | 1 +
 {{cookiecutter.project_name}}/requirements_dev.txt | 3 +++
 {{cookiecutter.project_name}}/setup.cfg            | 4 ++++
 3 files changed, 8 insertions(+)

diff --git a/cookiecutter.json b/cookiecutter.json
index d229004..7e99305 100644
--- a/cookiecutter.json
+++ b/cookiecutter.json
@@ -14,6 +14,7 @@
     "version": "0.0.1-dev",
 
     "use_black_formatter": "n",
+    "use_bandit_sec_scan": "n",
 
     "ci": "{% if cookiecutter.vs|lower == 'github' %}azure{% else %}jenkins{% endif %}",
     "ci_url": "{% if cookiecutter.ci|lower == 'azure' %}https://dev.azure.com{% else %}https://jenkins.your_org.com{% endif %}",
diff --git a/{{cookiecutter.project_name}}/requirements_dev.txt b/{{cookiecutter.project_name}}/requirements_dev.txt
index 4ef916d..d4f4a57 100644
--- a/{{cookiecutter.project_name}}/requirements_dev.txt
+++ b/{{cookiecutter.project_name}}/requirements_dev.txt
@@ -23,4 +23,7 @@ tox==3.12.1
 
 {% if cookiecutter.use_black_formatter|lower == "y" -%}
 pytest-black==0.3.7
+{% endif %}
+{% if cookiecutter.use_bandit_sec_scan|lower == "y" -%}
+pytest-bandit==0.5.1
 {% endif %}
\ No newline at end of file
diff --git a/{{cookiecutter.project_name}}/setup.cfg b/{{cookiecutter.project_name}}/setup.cfg
index 3d563ec..6d57379 100644
--- a/{{cookiecutter.project_name}}/setup.cfg
+++ b/{{cookiecutter.project_name}}/setup.cfg
@@ -26,6 +26,10 @@ test = pytest
 addopts = -s -vv --cov-report xml:build/coverage.xml --cov-report term --cov-branch --cov {{ cookiecutter.project_slug }} --junitxml=build/test_results.xml{% if cookiecutter.use_black_formatter|lower == "y" %} --black{% endif %}
 testpaths = tests{% if cookiecutter.use_black_formatter|lower == "y" %} {{ cookiecutter.project_slug }} {% endif %}
 collect_ignore = ['setup.py']
+{% if cookiecutter.use_bandit_sec_scan|lower == "y" -%}
+bandit_targets = {{ cookiecutter.project_slug }}
+bandit_recurse = true
+{% endif %}
 
 [coverage:report]
 show_missing = true

From b08c54d8cb97d32592d9b706e7d5262b8bde8e1f Mon Sep 17 00:00:00 2001
From: Eugene Davis <eugene.davis@tomtom.com>
Date: Fri, 19 Jul 2019 15:12:05 +0200
Subject: [PATCH 2/2] Fixed missing endif

---
 {{cookiecutter.project_name}}/requirements_dev.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/{{cookiecutter.project_name}}/requirements_dev.txt b/{{cookiecutter.project_name}}/requirements_dev.txt
index f42c414..c0f18f9 100644
--- a/{{cookiecutter.project_name}}/requirements_dev.txt
+++ b/{{cookiecutter.project_name}}/requirements_dev.txt
@@ -26,6 +26,7 @@ pytest-black==0.3.7
 {% endif %}
 {% if cookiecutter.use_bandit_sec_scan|lower == "y" -%}
 pytest-bandit==0.5.1
+{% endif %}
 {% if cookiecutter.use_spellcheck|lower == "y" -%}
 pyenchant==2.0.0
 {% endif %}
\ No newline at end of file