Add exclusion for bandit check B303
Starting in bandit 1.5.0, sha-1 will trip
[B303:blacklist] Use of insecure MD2, MD4, MD5, or SHA1 hash function.
However, there are surely clusters out there that have users with
sha-1-hashed passwords, so we can't simply rip it out. A deprecation
period is probably in order, but in the mean time this unblocks the
gate.
Change-Id: I65ff882b1a1cb52ec522e41baa29e4420cd889bd
This commit is contained in:
Tim Burke
parent
0c8eaf50a9
commit
e9e8c51a92
6
tox.ini
6
tox.ini
|
|
@ -29,10 +29,12 @@ setenv = VIRTUAL_ENV={envdir}
|
|||
commands =
|
||||
flake8 swauth test
|
||||
flake8 --filename=swauth* bin
|
||||
bandit -r swauth -s B309
|
||||
bandit -r swauth -s B303,B309
|
||||
|
||||
[testenv:bandit]
|
||||
commands = bandit -r swauth -s B309
|
||||
# B303 Use of insecure hash function
|
||||
# B309 Use of HTTPSConnection
|
||||
commands = bandit -r swauth -s B303,B309
|
||||
|
||||
[testenv:venv]
|
||||
commands = {posargs}
|
||||
|
|
|
|||
Loading…
Reference in New Issue