From c41dc6f28debe608e0f5bf0593e0fa8f9adca528 Mon Sep 17 00:00:00 2001
From: David Moreau Simard <dmsimard@redhat.com>
Date: Fri, 24 Aug 2018 12:12:01 -0400
Subject: [PATCH] Temporarily ignore Bandit test B303 for insecure sha1 usage

Our usage of the sha1 method is only to hash the contents of files so we
don't store a single file more than once.
We can likely use something more "secure" but let's temporarily disable
this check for now.

Change-Id: Ibc663185902d99f4a18a55a30827a5e5034c9ad0
---
 tox.ini | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tox.ini b/tox.ini
index 42dadb66..bf2ce3c5 100644
--- a/tox.ini
+++ b/tox.ini
@@ -20,9 +20,11 @@ commands = {posargs}
 commands = sphinx-build -W -b html doc/source doc/build/html
 
 [testenv:pep8]
+# B303 - Use of insecure MD2, MD4, or MD5 hash function.
+# We're using sha1 to generate a hash of file contents.
 commands =
   flake8 ara
-  bandit -r ara -x ara/tests
+  bandit -r ara -x ara/tests --skip B303
   bashate -v --ignore E006,E011 {toxinidir}/run_tests.sh
 
 [testenv:py27]