Add bandit code annotations

This commit is contained in:
s3lph 2022-05-30 17:46:48 +02:00
parent 1060c8e8d0
commit a160d22789
2 changed files with 3 additions and 3 deletions

View file

@ -49,7 +49,7 @@ class SchleuderApi:
context = None context = None
# Perform the actual request # Perform the actual request
req = urllib.request.Request(url, data=payload, method=method, headers=self._headers) req = urllib.request.Request(url, data=payload, method=method, headers=self._headers)
resp = urllib.request.urlopen(req, context=context) resp = urllib.request.urlopen(req, context=context) # nosec B310 baseurl is trusted
respdata: str = resp.read().decode() respdata: str = resp.read().decode()
if len(respdata) > 0: if len(respdata) > 0:
return json.loads(respdata) return json.loads(respdata)

View file

@ -174,7 +174,7 @@ class KeyConflictResolution:
# Sort so the hash stays the same if the set of subscriptions is the same. # Sort so the hash stays the same if the set of subscriptions is the same.
# There is no guarantee that the subs are in any specific order. # There is no guarantee that the subs are in any specific order.
subs: List[SchleuderSubscriber] = sorted(candidates, key=lambda x: x.schleuder) subs: List[SchleuderSubscriber] = sorted(candidates, key=lambda x: x.schleuder)
h = hashlib.new('sha1') h = hashlib.new('sha1') # nosec B324
# Include the chosen email an source sub-list # Include the chosen email an source sub-list
h.update(struct.pack('!sd', h.update(struct.pack('!sd',
chosen.email.encode(), chosen.email.encode(),
@ -191,7 +191,7 @@ class KeyConflictResolution:
# Sort so the hash stays the same if the set of subscriptions is the same. # Sort so the hash stays the same if the set of subscriptions is the same.
# There is no guarantee that the subs are in any specific order. # There is no guarantee that the subs are in any specific order.
subs: List[SchleuderSubscriber] = sorted(candidates, key=lambda x: x.schleuder) subs: List[SchleuderSubscriber] = sorted(candidates, key=lambda x: x.schleuder)
h = hashlib.new('sha1') h = hashlib.new('sha1') # nosec B324
assert chosen.key is not None # Make mypy happy; it can't know that chosen.key can't be None assert chosen.key is not None # Make mypy happy; it can't know that chosen.key can't be None
# Include the chosen email an source sub-list # Include the chosen email an source sub-list
h.update(struct.pack('!ssd', h.update(struct.pack('!ssd',