From 39ecf0538a1d2474123ce59f913a3b53492d7418 Mon Sep 17 00:00:00 2001
From: Tomas Kopecek <tkopecek@redhat.com>
Date: Mon, 20 Mar 2023 13:48:16 +0100
Subject: [PATCH] vm: ignore B113: request_without_timeout

Bandit warning for missing timeout. It would be caught on VM level
https://bandit.readthedocs.io/en/1.7.5/plugins/b113_request_without_timeout.html
---
 vm/kojivmd | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/vm/kojivmd b/vm/kojivmd
index 59f18772..68a67415 100755
--- a/vm/kojivmd
+++ b/vm/kojivmd
@@ -752,7 +752,8 @@ class VMExecTask(BaseTaskHandler):
                 raise koji.BuildError('unsupported file type: %s' % type)
             koji.ensuredir(os.path.dirname(localpath))
             # closing needs to be used for requests < 2.18.0
-            with closing(requests.get(remote_url, stream=True)) as response:
+            # nosec - skipping missing timeout, it would be done on VM lifecycle level
+            with closing(requests.get(remote_url, stream=True)) as response:  # nosec
                 response.raise_for_status()
                 with open(localpath, 'wb') as f:
                     for chunk in response.iter_content(chunk_size=65536):