vm: ignore B113: request_without_timeout

Bandit warning for missing timeout. It would be caught on VM level https://bandit.readthedocs.io/en/1.7.5/plugins/b113_request_without_timeout.html
2023-03-20 13:48:16 +01:00 · 2023-03-20 13:48:16 +01:00 · 39ecf0538a
commit 39ecf0538a
parent ae793a2cee
1 changed files with 2 additions and 1 deletions
--- a/vm/kojivmd
+++ b/vm/kojivmd
@ -752,7 +752,8 @@ class VMExecTask(BaseTaskHandler):
                raise koji.BuildError('unsupported file type: %s' % type)
            koji.ensuredir(os.path.dirname(localpath))
            # closing needs to be used for requests < 2.18.0
-            with closing(requests.get(remote_url, stream=True)) as response:
+            # nosec - skipping missing timeout, it would be done on VM lifecycle level
+            with closing(requests.get(remote_url, stream=True)) as response:  # nosec
                response.raise_for_status()
                with open(localpath, 'wb') as f:
                    for chunk in response.iter_content(chunk_size=65536):