From 89cd22444ff34f0e94dddda5f2881b136bac8dc5 Mon Sep 17 00:00:00 2001
From: Jeremy Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
Date: Thu, 30 Apr 2026 14:15:51 -0400
Subject: [PATCH] Move the one directive from the Bandit config to the
 pre-commit config

This also allows us to remove the (now unused) Bandit config file.
---
 .bandit.yml             | 13 -------------
 .pre-commit-config.yaml |  4 +++-
 2 files changed, 3 insertions(+), 14 deletions(-)
 delete mode 100644 .bandit.yml

diff --git a/.bandit.yml b/.bandit.yml
deleted file mode 100644
index 663c521c..00000000
--- a/.bandit.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-# Configuration file for the Bandit python security scanner
-# https://bandit.readthedocs.io/en/latest/config.html
-
-# Tests are first included by `tests`, and then excluded by `skips`.
-# If `tests` is empty, all tests are considered included.
-
-tests:
-# - B101
-# - B102
-
-skips:
-  - B101  # skip "assert used" check since assertions are required in pytests
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 16565cf7..7a5c5651 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -138,7 +138,9 @@ repos:
         name: bandit (tests tree)
         files: tests
         args:
-          - --config=.bandit.yml
+          # Skip "assert used" check since assertions are used
+          # frequently in pytests.
+          - --skip=B101
   # Run bandit on everything except the "tests" tree
   - repo: https://github.com/PyCQA/bandit
     rev: 1.9.4