From 4c714c65a738fe173a76ee08b99cdefaa723b637 Mon Sep 17 00:00:00 2001
From: Nambi Srinivasan S <nambi.srinivasan.s@intel.com>
Date: Wed, 15 Jan 2025 11:12:03 +0530
Subject: [PATCH] testing bandit scan config file

---
 .github/workflows/bandit.yml |  2 +-
 pre_commit.toml              | 17 +++++++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)
 create mode 100644 pre_commit.toml

diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml
index 972474d994..21caf7c89f 100644
--- a/.github/workflows/bandit.yml
+++ b/.github/workflows/bandit.yml
@@ -32,7 +32,7 @@ jobs:
       - name: Perform Bandit Analysis
         uses: PyCQA/bandit-action@v1
         with:
-          configfile: 'DEFAULT'
+          configfile: 'pre_commit.toml'
           profile: 'DEFAULT'
           tests: 'DEFAULT'
           skips: 'DEFAULT'
diff --git a/pre_commit.toml b/pre_commit.toml
new file mode 100644
index 0000000000..161f03af57
--- /dev/null
+++ b/pre_commit.toml
@@ -0,0 +1,17 @@
+[tool.bandit]
+# Exclude specific directories or files from the scan
+exclude = ["docs/"]
+
+# Specify the test IDs to be skipped
+skips = [
+    "B323",  # _create_unverified_context
+    "B314",  # xml.etree.ElementTree.parse
+    "B404",  # subprocess module
+    "B405",  # xml.etree.ElementTree
+    "B311",  # Standard pseudo-random generators
+    "B403"   # pickle module
+]
+
+# Set the severity and confidence levels
+severity = "LOW"
+confidence = "HIGH"
\ No newline at end of file