DEV Community: Arshia Rahbari The latest articles on DEV Community by Arshia Rahbari (@20acoder12). https://dev.to/20acoder12 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3950188%2F210602fe-ba8f-43cf-b915-e4b9d92862bc.jpg DEV Community: Arshia Rahbari https://dev.to/20acoder12 en How to use bandit library? Arshia Rahbari Fri, 05 Jun 2026 17:19:43 +0000 https://dev.to/20acoder12/how-to-use-bandit-library-2e2c https://dev.to/20acoder12/how-to-use-bandit-library-2e2c <p>Bandit is a static analysis tool for finding common security issues in Python code. It is easy to use and does not require any changes to your source code. Simply run it from the terminal.</p> <h2> Here we have a tutorial on basic functions of bandit PYPI library: </h2> <ol> <li>First we add the package to our project similar to other python libraries: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip <span class="nb">install </span>bandit </code></pre> </div> <ol> <li>Then to scan a single app, go to the root of your project and write (both Win and MC): </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bandit your_app_name.py </code></pre> </div> <ol> <li>To scan all the files in the root folder of your project: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bandit <span class="nt">-r</span> <span class="nb">.</span> </code></pre> </div> <ol> <li>You can save result of bandit test in a JSON or HTML file:</li> </ol> <ul> <li>for JSON: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bandit <span class="nt">-r</span> <span class="nb">.</span> <span class="nt">-f</span> json <span class="nt">-o</span> bandit-report.json </code></pre> </div> <ul> <li>for HTML: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bandit <span class="nt">-r</span> <span class="nb">.</span> <span class="nt">-f</span> html <span class="nt">-o</span> bandit-report.html </code></pre> </div> <ol> <li>If you have folders like test or venv that you want bandit to don't check them, you can use: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bandit <span class="nt">-r</span> <span class="nb">.</span> <span class="nt">-x</span> tests,venv </code></pre> </div> <p><strong>Notice:</strong> The commands work the same on Windows and macOS.</p> <p>If you have any questions and problems, please leave a comment!</p> webdev python bandit backend