Temporarily ignore Bandit test B303 for insecure sha1 usage
Our usage of the sha1 method is only to hash the contents of files so we don't store a single file more than once. We can likely use something more "secure" but let's temporarily disable this check for now. Change-Id: Ie7b07e489e6c442f34fc9930713b9dfdfa530aaf
This commit is contained in:
David Moreau Simard
parent
c4c6645795
commit
5772648b1a
4
tox.ini
4
tox.ini
@ -18,9 +18,11 @@ commands = {posargs}
|
||||
commands = sphinx-build -W -b html doc/source doc/build/html
|
||||
|
||||
[testenv:pep8]
|
||||
# B303 - Use of insecure MD2, MD4, or MD5 hash function.
|
||||
# We're using sha1 to generate a hash of file contents.
|
||||
commands =
|
||||
flake8 ara hacking
|
||||
bandit -r ara
|
||||
bandit -r ara --skip B303
|
||||
|
||||
[testenv:py35]
|
||||
commands = python manage.py test ara
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user