Also add B324 to bandit skip list for python3.9+
For Python>=3.9 we also need to skip B324[1] for hashlib.sha1 usage. For older python3 versions B303[2] was enough. [1] https://github.com/PyCQA/bandit/commit/c4372a09 [2] https://review.opendev.org/c/openstack/neutron/+/592884 Closes-Bug: rhbz#2074383 Change-Id: If4e7e550fd63414226098af16d1cc155aaa6c57a
This commit is contained in:
parent
1fa2e49f01
commit
9b66e81d2e
5
tox.ini
5
tox.ini
@ -211,10 +211,11 @@ import_exceptions = neutron._i18n
|
||||
envdir = {toxworkdir}/lint
|
||||
deps = {[testenv:pep8]deps}
|
||||
# B104: Possible binding to all interfaces
|
||||
# B303: prohibit list calls: md5, sha1
|
||||
# B303: prohibit list calls: md5, sha1 for python<3.9
|
||||
# B311: Standard pseudo-random generators are not suitable for security/cryptographic purpose
|
||||
# B324: prohibit list calls: md5, sha1 for python>=3.9
|
||||
# B604: any_other_function_with_shell_equals_true
|
||||
commands = bandit -r neutron -x tests -n5 -s B104,B303,B311,B604
|
||||
commands = bandit -r neutron -x tests -n5 -s B104,B303,B311,B324,B604
|
||||
|
||||
[testenv:bashate]
|
||||
envdir = {toxworkdir}/lint
|
||||
|
||||
Loading…
Reference in New Issue
Block a user