From ebbad5b995dffbd5f827346c2e26f0b2e9b78e5c Mon Sep 17 00:00:00 2001
From: Bence Romsics <bence.romsics@ericsson.com>
Date: Tue, 21 Aug 2018 09:23:22 +0200
Subject: [PATCH] Update list of skipped bandit plugins

This is the same fix as https://review.openstack.org/592884
but for neutron-lib.

Change-Id: Ia20ac59289df5e44b8a7e99df9371c4c381a40be
---
 tox.ini | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tox.ini b/tox.ini
index e97e4f233..4cd3c5451 100644
--- a/tox.ini
+++ b/tox.ini
@@ -99,9 +99,10 @@ import-order-style = pep8
 
 [testenv:bandit]
 # B104: Possible binding to all interfaces
+# B303: Blacklist use of insecure MD2, MD4, MD5, or SHA1 hash functions
 # B311: Standard pseudo-random generators are not suitable for security/cryptographic purpose
 deps = -r{toxinidir}/test-requirements.txt
-commands = bandit -r neutron_lib -x tests -n5 -s B104,B311
+commands = bandit -r neutron_lib -x tests -n5 -s B104,B303,B311
 
 [hacking]
 import_exceptions = neutron_lib._i18n