60740282c9
This change adds a basic bandit config for cloudkitty. It can be invoked
by running the tox environment for bandit;
tox -e bandit
These changes also fix potential security issues find during bandit checks.
- binding to all interface: remove useless host_ip option to avoid issue
- hash function issue: switch from sha1 to sha512
- use of exec: can't be removed for moment so using #nosec comment
Change-Id: Iae7d7604457345fe6d482cf48311c9b75fdde947
7 lines
255 B
YAML
7 lines
255 B
YAML
---
|
|
security:
|
|
- |
|
|
Introduce bandit security checks and fix potential security issues detected
|
|
by bandit linter. Remove unused option where host_ip was a binding to all
|
|
interfaces. Using of insecure hash function, switch from sha1 to sha512.
|