build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)
* build(deps-dev): bump bandit from 1.6.2 to 1.6.3 Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3) Signed-off-by: dependabot[bot] <support@github.com> * root: update for new bandit version Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
2246f3a534
commit
2caa1e7650
|
@ -1271,11 +1271,11 @@
|
|||
},
|
||||
"bandit": {
|
||||
"hashes": [
|
||||
"sha256:336620e220cf2d3115877685e264477ff9d9abaeb0afe3dc7264f55fa17a3952",
|
||||
"sha256:41e75315853507aa145d62a78a2a6c5e3240fe14ee7c601459d0df9418196065"
|
||||
"sha256:2ff3fe35fe3212c0be5fc9c4899bd0108e2b5239c5ff62fb174639e4660fe958",
|
||||
"sha256:d02dfe250f4aa2d166c127ad81d192579e2bfcdb8501717c0e2005e35a6bcf60"
|
||||
],
|
||||
"index": "pypi",
|
||||
"version": "==1.6.2"
|
||||
"version": "==1.6.3"
|
||||
},
|
||||
"black": {
|
||||
"hashes": [
|
||||
|
|
|
@ -31,7 +31,7 @@ def token_from_header(raw_header: bytes) -> Optional[Token]:
|
|||
_, password = auth_credentials.split(":")
|
||||
else:
|
||||
password = auth_credentials
|
||||
if password == "":
|
||||
if password == "": # nosec
|
||||
return None
|
||||
tokens = Token.filter_not_expired(key=password, intent=TokenIntents.INTENT_API)
|
||||
if not tokens.exists():
|
||||
|
|
|
@ -100,7 +100,7 @@ class EventAction(models.TextChoices):
|
|||
SUSPICIOUS_REQUEST = "suspicious_request"
|
||||
PASSWORD_SET = "password_set" # noqa # nosec
|
||||
|
||||
TOKEN_VIEW = "token_view"
|
||||
TOKEN_VIEW = "token_view" # nosec
|
||||
|
||||
INVITE_CREATED = "invitation_created"
|
||||
INVITE_USED = "invitation_used"
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
"""OAuth/OpenID Constants"""
|
||||
|
||||
GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code"
|
||||
GRANT_TYPE_REFRESH_TOKEN = "refresh_token"
|
||||
GRANT_TYPE_REFRESH_TOKEN = "refresh_token" # nosec
|
||||
PROMPT_NONE = "none"
|
||||
PROMPT_CONSNET = "consent"
|
||||
SCOPE_OPENID = "openid"
|
||||
|
|
|
@ -85,7 +85,7 @@ def extract_client_auth(request: HttpRequest) -> Tuple[str, str]:
|
|||
user_pass = b64decode(b64_user_pass).decode("utf-8").split(":")
|
||||
client_id, client_secret = user_pass
|
||||
except (ValueError, Error):
|
||||
client_id = client_secret = ""
|
||||
client_id = client_secret = "" # nosec
|
||||
else:
|
||||
client_id = request.POST.get("client_id", "")
|
||||
client_secret = request.POST.get("client_secret", "")
|
||||
|
|
|
@ -20,7 +20,7 @@ from authentik.stages.email.tasks import send_mails
|
|||
from authentik.stages.email.utils import TemplateEmailMessage
|
||||
|
||||
LOGGER = get_logger()
|
||||
QS_KEY_TOKEN = "token"
|
||||
QS_KEY_TOKEN = "token" # nosec
|
||||
PLAN_CONTEXT_EMAIL_SENT = "email_sent"
|
||||
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@ from authentik.stages.invitation.models import Invitation, InvitationStage
|
|||
from authentik.stages.invitation.signals import invitation_used
|
||||
from authentik.stages.prompt.stage import PLAN_CONTEXT_PROMPT
|
||||
|
||||
INVITATION_TOKEN_KEY = "token"
|
||||
INVITATION_TOKEN_KEY = "token" # nosec
|
||||
INVITATION_IN_EFFECT = "invitation_in_effect"
|
||||
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ group = "authentik"
|
|||
|
||||
worker_class = "uvicorn.workers.UvicornWorker"
|
||||
# Docker containers don't have /tmp as tmpfs
|
||||
worker_tmp_dir = "/dev/shm"
|
||||
worker_tmp_dir = "/dev/shm" # nosec
|
||||
|
||||
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "authentik.root.settings")
|
||||
|
||||
|
|
|
@ -22,7 +22,7 @@ from authentik.providers.oauth2.generators import (
|
|||
from authentik.sources.oauth.models import OAuthSource
|
||||
from tests.e2e.utils import SeleniumTestCase, retry
|
||||
|
||||
CONFIG_PATH = "/tmp/dex.yml"
|
||||
CONFIG_PATH = "/tmp/dex.yml" # nosec
|
||||
LOGGER = get_logger()
|
||||
|
||||
|
||||
|
@ -66,7 +66,7 @@ class TestSourceOAuth2(SeleniumTestCase):
|
|||
"username": "admin",
|
||||
}
|
||||
],
|
||||
"storage": {"config": {"file": "/tmp/dex.db"}, "type": "sqlite3"},
|
||||
"storage": {"config": {"file": "/tmp/dex.db"}, "type": "sqlite3"}, # nosec
|
||||
"web": {"http": "0.0.0.0:5556"},
|
||||
}
|
||||
with open(CONFIG_PATH, "w+") as _file:
|
||||
|
|
Reference in New Issue