particle-os/debian-koji
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix bandit "nosec" comments

Browse source 
Related: https://pagure.io/koji/issue/4004
This commit is contained in:
Tomas Kopecek 2024-02-06 11:09:16 +01:00
parent 167ee017f2
commit 77b7e3a0c9
2 changed files with 6 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
koji/__init__.py
View file

@ -1503,13 +1503,15 @@ def parse_pom(path=None, contents=None):
contents = fixEncoding(contents)
try:
xml.sax.parseString(contents, handler) # nosec - trusted data
# trusted data, skipping bandit test
xml.sax.parseString(contents, handler) # nosec
except xml.sax.SAXParseException:
# likely an undefined entity reference, so lets try replacing
# any entity refs we can find and see if we get something parseable
handler.reset()
contents = ENTITY_RE.sub('?', contents)
xml.sax.parseString(contents, handler) # nosec - trusted data
# trusted data, skipping bandit test
xml.sax.parseString(contents, handler) # nosec
for field in fields:
if field not in util.to_list(values.keys()):