From 2a814055fef9f182ee1e3fd7601d80d82bbe2a8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= Date: Sun, 14 Nov 2021 19:00:55 +0100 Subject: [PATCH] Ignore bandit security error about possible hardcoded password Bandit reports this error: >> Issue: [B105:hardcoded_password_string] Possible hardcoded password: 'init password=%(password)s%(totp)s The password is of course never hardcoded there. --- qweechat/network.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/qweechat/network.py b/qweechat/network.py index f665c22..968c927 100644 --- a/qweechat/network.py +++ b/qweechat/network.py @@ -47,7 +47,7 @@ _HASH_ALGOS = ':'.join(_HASH_ALGOS_LIST) _PROTO_HANDSHAKE = f'(handshake) handshake password_hash_algo={_HASH_ALGOS}\n' # initialize with the password (plain text) -_PROTO_INIT_PWD = 'init password=%(password)s%(totp)s\n' +_PROTO_INIT_PWD = 'init password=%(password)s%(totp)s\n' # nosec # initialize with the hashed password _PROTO_INIT_HASH = ('init password_hash='