build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)

* build(deps-dev): bump bandit from 1.6.2 to 1.6.3 Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3) Signed-off-by: dependabot[bot] <support@github.com> * root: update for new bandit version Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-12-07 11:21:07 +01:00 · 2020-12-07 11:21:07 +01:00 · 2caa1e7650
parent 2246f3a534
commit 2caa1e7650
9 changed files with 12 additions and 12 deletions
--- a/Pipfile.lock
+++ b/Pipfile.lock
@ -1271,11 +1271,11 @@
        },
        "bandit": {
            "hashes": [
-                "sha256:336620e220cf2d3115877685e264477ff9d9abaeb0afe3dc7264f55fa17a3952",
-                "sha256:41e75315853507aa145d62a78a2a6c5e3240fe14ee7c601459d0df9418196065"
+                "sha256:2ff3fe35fe3212c0be5fc9c4899bd0108e2b5239c5ff62fb174639e4660fe958",
+                "sha256:d02dfe250f4aa2d166c127ad81d192579e2bfcdb8501717c0e2005e35a6bcf60"
            ],
            "index": "pypi",
-            "version": "==1.6.2"
+            "version": "==1.6.3"
        },
        "black": {
            "hashes": [
--- a/authentik/api/auth.py
+++ b/authentik/api/auth.py
@ -31,7 +31,7 @@ def token_from_header(raw_header: bytes) -> Optional[Token]:
        _, password = auth_credentials.split(":")
    else:
        password = auth_credentials
-    if password == "":
+    if password == "":  # nosec
        return None
    tokens = Token.filter_not_expired(key=password, intent=TokenIntents.INTENT_API)
    if not tokens.exists():
--- a/authentik/audit/models.py
+++ b/authentik/audit/models.py
@ -100,7 +100,7 @@ class EventAction(models.TextChoices):
    SUSPICIOUS_REQUEST = "suspicious_request"
    PASSWORD_SET = "password_set"  # noqa # nosec

-    TOKEN_VIEW = "token_view"
+    TOKEN_VIEW = "token_view"  # nosec

    INVITE_CREATED = "invitation_created"
    INVITE_USED = "invitation_used"
--- a/authentik/providers/oauth2/constants.py
+++ b/authentik/providers/oauth2/constants.py
@ -1,7 +1,7 @@
 """OAuth/OpenID Constants"""

 GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code"
-GRANT_TYPE_REFRESH_TOKEN = "refresh_token"
+GRANT_TYPE_REFRESH_TOKEN = "refresh_token"  # nosec
 PROMPT_NONE = "none"
 PROMPT_CONSNET = "consent"
 SCOPE_OPENID = "openid"
--- a/authentik/providers/oauth2/utils.py
+++ b/authentik/providers/oauth2/utils.py
@ -85,7 +85,7 @@ def extract_client_auth(request: HttpRequest) -> Tuple[str, str]:
            user_pass = b64decode(b64_user_pass).decode("utf-8").split(":")
            client_id, client_secret = user_pass
        except (ValueError, Error):
-            client_id = client_secret = ""
+            client_id = client_secret = ""  # nosec
    else:
        client_id = request.POST.get("client_id", "")
        client_secret = request.POST.get("client_secret", "")
--- a/authentik/stages/email/stage.py
+++ b/authentik/stages/email/stage.py
@ -20,7 +20,7 @@ from authentik.stages.email.tasks import send_mails
 from authentik.stages.email.utils import TemplateEmailMessage

 LOGGER = get_logger()
-QS_KEY_TOKEN = "token"
+QS_KEY_TOKEN = "token"  # nosec
 PLAN_CONTEXT_EMAIL_SENT = "email_sent"


--- a/authentik/stages/invitation/stage.py
+++ b/authentik/stages/invitation/stage.py
@ -7,7 +7,7 @@ from authentik.stages.invitation.models import Invitation, InvitationStage
 from authentik.stages.invitation.signals import invitation_used
 from authentik.stages.prompt.stage import PLAN_CONTEXT_PROMPT

-INVITATION_TOKEN_KEY = "token"
+INVITATION_TOKEN_KEY = "token"  # nosec
 INVITATION_IN_EFFECT = "invitation_in_effect"


--- a/lifecycle/gunicorn.conf.py
+++ b/lifecycle/gunicorn.conf.py
@ -13,7 +13,7 @@ group = "authentik"

 worker_class = "uvicorn.workers.UvicornWorker"
 # Docker containers don't have /tmp as tmpfs
-worker_tmp_dir = "/dev/shm"
+worker_tmp_dir = "/dev/shm"  # nosec

 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "authentik.root.settings")

--- a/tests/e2e/test_source_oauth.py
+++ b/tests/e2e/test_source_oauth.py
@ -22,7 +22,7 @@ from authentik.providers.oauth2.generators import (
 from authentik.sources.oauth.models import OAuthSource
 from tests.e2e.utils import SeleniumTestCase, retry

-CONFIG_PATH = "/tmp/dex.yml"
+CONFIG_PATH = "/tmp/dex.yml"  # nosec
 LOGGER = get_logger()


@ -66,7 +66,7 @@ class TestSourceOAuth2(SeleniumTestCase):
                    "username": "admin",
                }
            ],
-            "storage": {"config": {"file": "/tmp/dex.db"}, "type": "sqlite3"},
+            "storage": {"config": {"file": "/tmp/dex.db"}, "type": "sqlite3"},  # nosec
            "web": {"http": "0.0.0.0:5556"},
        }
        with open(CONFIG_PATH, "w+") as _file: