Replace blacklist_functions with blacklist_calls

The bandit security scan is currently skipping any check of blacklisted functions. The bandit plugin should be blacklist_calls and not blacklist_functions. Change-Id: I167220f5f8edcc450b5891f6396e164500504df5 Closes-Bug: #1460839
2015-06-01 15:12:20 -07:00 · 2015-06-01 15:12:20 -07:00 · f6cc12ba0d
commit f6cc12ba0d
parent 82c99ad237
1 changed files with 3 additions and 3 deletions
--- a/bandit.yaml
+++ b/bandit.yaml
@ -31,7 +31,7 @@ exclude_dirs:
 profiles:
    keystone_conservative:
        include:
-            - blacklist_functions
+            - blacklist_calls
            - blacklist_imports
            - request_with_no_cert_validation
            - exec_used
@ -43,7 +43,7 @@ profiles:

    keystone_verbose:
        include:
-            - blacklist_functions
+            - blacklist_calls
            - blacklist_imports
            - request_with_no_cert_validation
            - exec_used
@ -55,7 +55,7 @@ profiles:
            - ssl_with_bad_version
            - ssl_with_bad_defaults

-blacklist_functions:
+blacklist_calls:
    bad_name_sets:
        - pickle:
            qualnames: [pickle.loads, pickle.load, pickle.Unpickler,