Skip to content

Enhancement: Add CI linting, type checking, and security scanning #214

New issue
New issue
Open
Open
Enhancement: Add CI linting, type checking, and security scanning#214
Labels
enhancementNew feature or request
@techmore

Description

@techmore
techmore
opened on Mar 23, 2026

Type

enhancement

Severity

low

Area

.github/workflows/ci.yml

Description

The current CI pipeline runs pytest but does not include:

  1. Linting: No flake8 or ruff check — style and import issues can land on main
  2. Type checking: No mypy or pyright — the Optional import bug in runtime.py (now fixed) would have been caught
  3. Security scanning: No bandit or safety check — known-vulnerable dependencies and unsafe patterns go undetected
  4. Dependency auditing: netifaces is unmaintained (last release 2021), and there is no mechanism to flag stale or vulnerable dependencies

Proposed Fix

Add parallel CI jobs:

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - run: pip install ruff
      - run: ruff check .

  typecheck:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - run: pip install mypy
      - run: mypy nmapui/ --ignore-missing-imports

  security:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - run: pip install bandit safety
      - run: bandit -r nmapui/ -ll
      - run: safety check -r requirements.txt

Related Issues

#162 (CI coverage for packaged app and browser tests)
#187 (Python version matrix — closed)

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions