This is the docker engine we use at Codacy to have Bandit support. You can also create a docker to integrate the tool and language of your choice! See the codacy-engine-scala-seed repository for more information.
You can create the docker by doing:
The docker is ran with the following command:
docker run -it -v $srcDir:/src <DOCKER_NAME>:<DOCKER_VERSION>
We use the codacy-plugins-test to test our external tools integration. You can follow the instructions there to make sure your tool is working as expected.
What is Codacy
Codacy is an Automated Code Review Tool that monitors your technical debt, helps you improve your code quality, teaches best practices to your developers, and helps you save time in Code Reviews.
Among Codacy’s features
- Identify new Static Analysis issues
- Commit and Pull Request Analysis with GitHub, BitBucket/Stash, GitLab (and also direct git repositories)
- Auto-comments on Commits and Pull Requests
- Integrations with Slack, HipChat, Jira, YouTrack
- Track issues in Code Style, Security, Error Proneness, Performance, Unused Code and other categories
Codacy also helps keep track of Code Coverage, Code Duplication, and Code Complexity.
Free for Open Source
Codacy is free for Open Source projects.