emdee/qweechat
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Ignore bandit security error about possible hardcoded password

Browse source 
Bandit reports this error:

>> Issue: [B105:hardcoded_password_string] Possible hardcoded password: 'init password=%(password)s%(totp)s

The password is of course never hardcoded there.
This commit is contained in:
Sébastien Helleu 2021-11-14 19:00:55 +01:00
parent 0dffebcf24
commit 2a814055fe
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
qweechat/network.py
View file

@ -47,7 +47,7 @@ _HASH_ALGOS = ':'.join(_HASH_ALGOS_LIST)
_PROTO_HANDSHAKE = f'(handshake) handshake password_hash_algo={_HASH_ALGOS}\n'
# initialize with the password (plain text)
_PROTO_INIT_PWD = 'init password=%(password)s%(totp)s\n'
_PROTO_INIT_PWD = 'init password=%(password)s%(totp)s\n' # nosec
# initialize with the hashed password
_PROTO_INIT_HASH = ('init password_hash='