Merge "Bump bandit and make oslo.messaging compatible with latest rules"
This commit is contained in:
commit
4f97245a54
|
@ -13,7 +13,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from lxml import etree # nosec (bandit bug 1582516)
|
||||
from defusedxml.lxml import parse
|
||||
|
||||
|
||||
def _get_vmdk_name_from_ovf(root):
|
||||
|
@ -27,4 +27,4 @@ def _get_vmdk_name_from_ovf(root):
|
|||
|
||||
def get_vmdk_name_from_ovf(ovf_handle):
|
||||
"""Get the vmdk name from the given ovf descriptor."""
|
||||
return _get_vmdk_name_from_ovf(etree.parse(ovf_handle).getroot())
|
||||
return _get_vmdk_name_from_ovf(parse(ovf_handle).getroot())
|
||||
|
|
|
@ -102,7 +102,7 @@ class Response(io.BytesIO):
|
|||
self.status = status
|
||||
self.headers = headers or {}
|
||||
self.reason = requests.status_codes._codes.get(
|
||||
status, [''])[0].upper().replace('_', ' ')
|
||||
status, [''])[0].upper().replace('_', ' ') # nosec
|
||||
io.BytesIO.__init__(self, stream)
|
||||
|
||||
@property
|
||||
|
|
|
@ -14,6 +14,7 @@ oslo.utils>=3.33.0 # Apache-2.0
|
|||
PyYAML>=3.13 # MIT
|
||||
|
||||
lxml>=4.5.0 # BSD
|
||||
defusedxml>=0.7.1 # BSD
|
||||
suds-community>=0.6 # LGPLv3+
|
||||
eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT
|
||||
requests>=2.14.2 # Apache-2.0
|
||||
|
|
|
@ -13,7 +13,7 @@ stestr>=2.0.0 # Apache-2.0
|
|||
# [testenv:cover]
|
||||
# deps = {[testenv]deps} coverage
|
||||
coverage!=4.4,>=4.0 # Apache-2.0
|
||||
bandit>=1.6.0,<1.7.0 # Apache-2.0
|
||||
bandit>=1.7.0,<1.8.0 # Apache-2.0
|
||||
ddt>=1.0.1 # MIT
|
||||
oslo.context>=2.19.2 # Apache-2.0
|
||||
|
||||
|
|
Loading…
Reference in New Issue