Source blueprint: https://blueprints.launchpad.net/bandit/+spec/use-threading-when-running-checks
Many static analysis tools offer parallelization of execution to make checking large amounts of code faster. Flake8, for example, added the -j flag so that files would be checked in parallel. When running bandit against large amounts of code, e.g., openstack/glance, the checks take quite a while. For over 7500 files, the checks take several minutes.
I propose that we add a similar flag (to -j/--jobs) with similar behaviour to the flag in Flake8.
For example,
Would use 4 threads, while
$ bandit -j auto -r glance
Would use the number of CPUs present and could be the default.
Source blueprint: https://blueprints.launchpad.net/bandit/+spec/use-threading-when-running-checks
Many static analysis tools offer parallelization of execution to make checking large amounts of code faster. Flake8, for example, added the -j flag so that files would be checked in parallel. When running bandit against large amounts of code, e.g., openstack/glance, the checks take quite a while. For over 7500 files, the checks take several minutes.
I propose that we add a similar flag (to -j/--jobs) with similar behaviour to the flag in Flake8.
For example,
Would use 4 threads, while
Would use the number of CPUs present and could be the default.