basic security checks with bandit

Fixes: https://pagure.io/koji/issue/3042
2021-09-22 11:46:45 +02:00 · 2021-09-22 11:46:45 +02:00 · ba2e1e520b
commit ba2e1e520b
parent 0e2ebb4e25
13 changed files with 42 additions and 29 deletions
--- a/util/kojira
+++ b/util/kojira
@ -486,7 +486,7 @@ class RepoManager(object):
            self.logger.debug('Checking external url: %s' % arch_url)
            try:
                r = requests.get(arch_url, timeout=5)
-                root = ElementTree.fromstring(r.text)
+                root = ElementTree.fromstring(r.text)  # nosec
                ts_elements = root.iter('{http://linux.duke.edu/metadata/repo}timestamp')
                arch_ts = max([round(float(child.text)) for child in ts_elements])
                self.external_repo_ts[arch_url] = arch_ts