fix: Change bandit output format to SARIF for security scan

bellyliu · bellyliu · commit 85b45559271f · 2026-01-23T15:51:20.000+07:00
diff --git a/Makefile b/Makefile
@@ -410,7 +410,7 @@ ci-build: clean
 ci-security:
 	@echo "$(GREEN)Running security scan (CI mode)...$(NC)"
 	@$(PIP) install bandit safety 2>/dev/null || true
-	@bandit -r $(SRC_DIR)/ -f json -o bandit-results.json -ll || true
+	@bandit -r $(SRC_DIR)/ -f sarif -o bandit-results.json -ll || true
 	@safety check --json > safety-results.json 2>/dev/null || true
 	@echo "$(GREEN)Security scan complete$(NC)"
 
