safety in tox: scan requirements for known bad packages

2021-06-24 11:46:43 -05:00
parent e61c55bed2
commit 509072ab78
3 changed files with 37 additions and 15 deletions
--- a/tox.ini
+++ b/tox.ini
@@ -58,6 +58,7 @@ commands =
 # again it seems the most valuable here to run against the packaged code
 commands =
    bandit {envsitepackagesdir}/incorporealcms/ -r
+    safety check -r requirements/requirements-dev.txt

 [testenv:lint]
 # run style checks