diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml
index 32dfa412be..e133d0bcf6 100644
--- a/.github/workflows/analysis.yml
+++ b/.github/workflows/analysis.yml
@@ -40,6 +40,9 @@ jobs:
                 with:
                     distribution: "temurin"
                     java-version: 11
+            -   name: Install dependencies
+                run: |
+                    python3 -m pip install defusedxml
             -   name: Run analysis wrapper
                 run: |
                     mkdir -p $HOME/.gradle
diff --git a/.gitignore b/.gitignore
index 0f5ed9813b..5dac70d588 100644
--- a/.gitignore
+++ b/.gitignore
@@ -50,4 +50,7 @@ fastlane/Fastfile
 **/fastlane/test_output
 /fastlane/vendor/
 /.bundle/
-/fastlane/.bundle/
+/fastlane/.bundle
+
+# python
+**/__pycache__/
diff --git a/scripts/analysis/spotbugsComparison.py b/scripts/analysis/spotbugsComparison.py
index 92ec7f80a5..cc85d868cd 100755
--- a/scripts/analysis/spotbugsComparison.py
+++ b/scripts/analysis/spotbugsComparison.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 import argparse
-import xml.etree.ElementTree as ET
+import defusedxml.ElementTree as ET
 import spotbugsSummary
 
 
diff --git a/scripts/analysis/spotbugsSummary.py b/scripts/analysis/spotbugsSummary.py
index 00724d5a4d..4fc886fa78 100755
--- a/scripts/analysis/spotbugsSummary.py
+++ b/scripts/analysis/spotbugsSummary.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 import argparse
-import xml.etree.ElementTree as ET
+import defusedxml.ElementTree as ET
 
 
 def get_counts(tree):