Temporarily ignore Bandit test B303 for insecure sha1 usage
Our usage of the sha1 method is only to hash the contents of files so we don't store a single file more than once. We can likely use something more "secure" but let's temporarily disable this check for now. Change-Id: Ibc663185902d99f4a18a55a30827a5e5034c9ad0
This commit is contained in:
parent
451ff3866a
commit
c41dc6f28d
4
tox.ini
4
tox.ini
|
@ -20,9 +20,11 @@ commands = {posargs}
|
|||
commands = sphinx-build -W -b html doc/source doc/build/html
|
||||
|
||||
[testenv:pep8]
|
||||
# B303 - Use of insecure MD2, MD4, or MD5 hash function.
|
||||
# We're using sha1 to generate a hash of file contents.
|
||||
commands =
|
||||
flake8 ara
|
||||
bandit -r ara -x ara/tests
|
||||
bandit -r ara -x ara/tests --skip B303
|
||||
bashate -v --ignore E006,E011 {toxinidir}/run_tests.sh
|
||||
|
||||
[testenv:py27]
|
||||
|
|
Loading…
Reference in New Issue