Update list of skipped bandit plugins
Plugin B111 "Test for the use of rootwrap running as root" was removed from bandit in [1]. Blacklist call of hashlib.sha1 was blacklisted in bandit with [2] and it is now added to list of skipped tests in Neutron. This commit adds also plugin B604 to list of skipped plugins. [1]d93eed5492
[2]35e35446b0
Change-Id: I33d6089b497fccfca4b212e2a62fb881cae9cb94
This commit is contained in:
parent
2ef5a6563a
commit
82224347de
5
tox.ini
5
tox.ini
@ -181,10 +181,11 @@ local-check-factory = neutron.hacking.checks.factory
|
||||
[testenv:bandit]
|
||||
basepython = python3
|
||||
# B104: Possible binding to all interfaces
|
||||
# B111: Execute with run_as_root=True identified, possible security issue
|
||||
# B303: blacklist calls: md5, sha1
|
||||
# B311: Standard pseudo-random generators are not suitable for security/cryptographic purpose
|
||||
# B604: any_other_function_with_shell_equals_true
|
||||
deps = -r{toxinidir}/test-requirements.txt
|
||||
commands = bandit -r neutron -x tests -n5 -s B104,B111,B311
|
||||
commands = bandit -r neutron -x tests -n5 -s B104,B303,B311,B604
|
||||
|
||||
[testenv:bashate]
|
||||
basepython = python3
|
||||
|
Loading…
Reference in New Issue
Block a user