From dd8e64b6be47d04ef62640e3d1dbf48102f878b1 Mon Sep 17 00:00:00 2001 From: Thomas Bachman Date: Fri, 17 May 2024 14:54:09 +0000 Subject: [PATCH] Address static analysis issues This patch is meant to address false-positive issues found by running the bandit static analysis tool. All the issues flagged were false positives, so the 'nosec' keyword has been added to the instances in order to allow bandit checks to pass. Change-Id: I8d16b7f8b2b3db574de210a322e3856075ead53c --- tools/install_venv_common.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/install_venv_common.py b/tools/install_venv_common.py index e279159..51a912d 100644 --- a/tools/install_venv_common.py +++ b/tools/install_venv_common.py @@ -26,7 +26,7 @@ from __future__ import print_function import optparse import os -import subprocess +import subprocess # nosec import sys @@ -61,7 +61,7 @@ class InstallVenv(object): else: stdout = None - proc = subprocess.Popen(cmd, cwd=self.root, stdout=stdout) + proc = subprocess.Popen(cmd, cwd=self.root, stdout=stdout) # nosec output = proc.communicate()[0] if check_exit_code and proc.returncode != 0: self.die('Command "%s" failed.\n%s', ' '.join(cmd), output)