openstack/oslo.messaging
Code Issues Proposed changes

Bump bandit version

Browse Source 
This patch bumps bandit allowed version to >=1.6.0,<1.7.0 in order to
avoid the errors detailed here https://github.com/PyCQA/bandit/pull/393

Change-Id: I9235560667f664643007b8ca0be1707eab4126ad
Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>
This commit is contained in:
Moisés Guimarães de Medeiros 2020-07-24 17:34:30 +02:00
parent a5ae9f4aa0
commit 6659cb8d19
2 changed files with 8 additions and 3 deletions

9
oslo_messaging/_drivers/impl_rabbit.py

@ -524,7 +524,10 @@ class Connection(object):
self._url += url.virtual_host
elif not url.hosts:
host = oslo_messaging.transport.TransportHost('')
self._url = self._transform_transport_url(
# NOTE(moguimar): default_password in this function's context is
# a fallback option, not a hardcoded password.
# username and password are read from host.
self._url = self._transform_transport_url( # nosec
url, host, default_username='guest', default_password='guest',
default_hostname='localhost')
@ -654,7 +657,9 @@ class Connection(object):
except KeyError:
raise RuntimeError("Invalid SSL version : %s" % version)
def _transform_transport_url(self, url, host, default_username='',
# NOTE(moguimar): default_password in this function's context is just
# a fallback option, not a hardcoded password.
def _transform_transport_url(self, url, host, default_username='', # nosec
default_password='', default_hostname=''):
transport = url.transport.replace('kombu+', '')
transport = transport.replace('rabbit', 'amqp')

2
test-requirements.txt

@ -25,7 +25,7 @@ coverage!=4.4,>=4.0 # Apache-2.0
pyngus>=2.2.0 # Apache-2.0
# Bandit security code scanner
bandit>=1.1.0,<1.6.0 # Apache-2.0
bandit>=1.6.0,<1.7.0 # Apache-2.0
eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT
greenlet>=0.4.10 # MIT