basic security checks with bandit

Fixes: https://pagure.io/koji/issue/3042
2021-09-22 11:46:45 +02:00 · 2021-09-22 11:46:45 +02:00 · ba2e1e520b
commit ba2e1e520b
parent 0e2ebb4e25
13 changed files with 42 additions and 29 deletions
--- a/cli/koji_cli/lib.py
+++ b/cli/koji_cli/lib.py
@ -680,7 +680,7 @@ def download_archive(build, archive, topurl, quiet=False, noprogress=False):
    if archive['checksum_type'] == koji.CHECKSUM_TYPES['md5']:
        hash = md5_constructor()
    elif archive['checksum_type'] == koji.CHECKSUM_TYPES['sha1']:
-        hash = hashlib.sha1()
+        hash = hashlib.sha1()  # nosec
    elif archive['checksum_type'] == koji.CHECKSUM_TYPES['sha256']:
        hash = hashlib.sha256()
    else: