From a160d22789c54d953bf13e8caf57fb22a25b4bda Mon Sep 17 00:00:00 2001 From: s3lph <1375407-s3lph@users.noreply.gitlab.com> Date: Mon, 30 May 2022 17:46:48 +0200 Subject: [PATCH] Add bandit code annotations --- multischleuder/api.py | 2 +- multischleuder/conflict.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/multischleuder/api.py b/multischleuder/api.py index f5a9b89..aef04f4 100644 --- a/multischleuder/api.py +++ b/multischleuder/api.py @@ -49,7 +49,7 @@ class SchleuderApi: context = None # Perform the actual request req = urllib.request.Request(url, data=payload, method=method, headers=self._headers) - resp = urllib.request.urlopen(req, context=context) + resp = urllib.request.urlopen(req, context=context) # nosec B310 baseurl is trusted respdata: str = resp.read().decode() if len(respdata) > 0: return json.loads(respdata) diff --git a/multischleuder/conflict.py b/multischleuder/conflict.py index 628065f..3aca7dd 100644 --- a/multischleuder/conflict.py +++ b/multischleuder/conflict.py @@ -174,7 +174,7 @@ class KeyConflictResolution: # Sort so the hash stays the same if the set of subscriptions is the same. # There is no guarantee that the subs are in any specific order. subs: List[SchleuderSubscriber] = sorted(candidates, key=lambda x: x.schleuder) - h = hashlib.new('sha1') + h = hashlib.new('sha1') # nosec B324 # Include the chosen email an source sub-list h.update(struct.pack('!sd', chosen.email.encode(), @@ -191,7 +191,7 @@ class KeyConflictResolution: # Sort so the hash stays the same if the set of subscriptions is the same. # There is no guarantee that the subs are in any specific order. subs: List[SchleuderSubscriber] = sorted(candidates, key=lambda x: x.schleuder) - h = hashlib.new('sha1') + h = hashlib.new('sha1') # nosec B324 assert chosen.key is not None # Make mypy happy; it can't know that chosen.key can't be None # Include the chosen email an source sub-list h.update(struct.pack('!ssd',