37b4344137
- tests/test_security.py: Security test suite - Updated Jenkinsfile: SonarQube, Snyk, Bandit, Safety, Semgrep - test_requirements.txt: Security tool dependencies **Security Tools Added:** CODE QUALITY: - Pylint, Flake8, Black, Isort, MyPy - Vulture (dead code), Radon (complexity) STATIC SECURITY: - Bandit (Python SAST) - Safety (dependency vulnerabilities) - Semgrep (pattern matching) - Detect Secrets (hardcoded secrets) ADVANCED: - SonarQube quality gate - Snyk vulnerability scan - pip-audit, pip-check - pip-licenses (compliance) **Pipeline Stages:** 1. Code Quality: Linting (Pylint, Flake8, Black, Isort) 2. Security: Static Analysis (Bandit, Safety, Semgrep, Detect Secrets) 3. Security: SonarQube Quality Gate 4. Security: Snyk Vulnerability Scan 5. Unit Tests 6. Security Tests (test_security.py) 7. Integration Tests 8. Build 9. Deploy to Staging
882 B
882 B