basic security checks with bandit

Fixes: https://pagure.io/koji/issue/3042
2021-09-22 11:46:45 +02:00 · 2021-09-22 11:46:45 +02:00 · ba2e1e520b
commit ba2e1e520b
parent 0e2ebb4e25
13 changed files with 42 additions and 29 deletions
--- a/vm/kojikamid.py
+++ b/vm/kojikamid.py
@ -326,7 +326,7 @@ class WindowsBuild(object):
        if 'checksum_type' in fileinfo:
            checksum_type = CHECKSUM_TYPES[fileinfo['checksum_type']]  # noqa: F821
            if checksum_type == 'sha1':
-                checksum = hashlib.sha1()
+                checksum = hashlib.sha1()  # nosec
            elif checksum_type == 'sha256':
                checksum = hashlib.sha256()
            elif checksum_type == 'md5':
--- a/vm/kojivmd
+++ b/vm/kojivmd
@ -795,7 +795,7 @@ class VMExecTask(BaseTaskHandler):
            raise koji.BuildError('%s does not exist' % local_path)

        if algo == 'sha1':
-            sum = hashlib.sha1()
+            sum = hashlib.sha1()  # nosec
        elif algo == 'md5':
            sum = koji.util.md5_constructor()
        elif algo == 'sha256':