Bandit: Remove bandit B604 from skip list
Remove B604 (any_other_function_with_shell_equals_true), so use subprocess.Popen with the default shell=False, thus removing the shell parameter of common.utils.subprocess Popen method. Depends-On: https://review.opendev.org/c/915991 Change-Id: I1857e982211c4de29b3e24ec2485ea9c17c98b10
This commit is contained in:
parent
d782a868d7
commit
85808693ec
|
@ -129,12 +129,12 @@ def _subprocess_setup():
|
|||
signal.signal(signal.SIGPIPE, signal.SIG_DFL)
|
||||
|
||||
|
||||
def subprocess_popen(args, stdin=None, stdout=None, stderr=None, shell=False,
|
||||
env=None, preexec_fn=_subprocess_setup, close_fds=True):
|
||||
def subprocess_popen(args, stdin=None, stdout=None, stderr=None, env=None,
|
||||
preexec_fn=_subprocess_setup, close_fds=True):
|
||||
|
||||
return subprocess.Popen(args, shell=shell, stdin=stdin, stdout=stdout,
|
||||
stderr=stderr, preexec_fn=preexec_fn,
|
||||
close_fds=close_fds, env=env)
|
||||
return subprocess.Popen(args, stdin=stdin, stdout=stdout, stderr=stderr,
|
||||
preexec_fn=preexec_fn, close_fds=close_fds,
|
||||
env=env)
|
||||
|
||||
|
||||
def get_first_host_ip(net, ip_version):
|
||||
|
|
3
tox.ini
3
tox.ini
|
@ -222,8 +222,7 @@ import_exceptions = neutron._i18n
|
|||
[testenv:bandit]
|
||||
deps = {[testenv:pep8]deps}
|
||||
# B104: Possible binding to all interfaces
|
||||
# B604: any_other_function_with_shell_equals_true
|
||||
commands = bandit -r neutron -x tests -n5 -s B104,B604
|
||||
commands = bandit -r neutron -x tests -n5 -s B104
|
||||
|
||||
[testenv:bashate]
|
||||
deps = {[testenv:pep8]deps}
|
||||
|
|
Loading…
Reference in New Issue