diff options
| author | Moisés Guimarães de Medeiros <moguimar@redhat.com> | 2020-07-24 17:34:30 +0200 |
|---|---|---|
| committer | Moisés Guimarães de Medeiros <moguimar@redhat.com> | 2020-07-25 11:47:53 +0200 |
| commit | 6659cb8d192d127f314dcf8e6036b2f59b3c3540 (patch) | |
| tree | 585aeb435754cc714e2ade59eaca630bcb2326cf | |
| parent | a5ae9f4aa0e18787b4bb676b3e725c225deae96d (diff) | |
| download | oslo-messaging-6659cb8d192d127f314dcf8e6036b2f59b3c3540.tar.gz | |
Bump bandit version
This patch bumps bandit allowed version to >=1.6.0,<1.7.0 in order to
avoid the errors detailed here https://github.com/PyCQA/bandit/pull/393
Change-Id: I9235560667f664643007b8ca0be1707eab4126ad
Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>
| -rw-r--r-- | oslo_messaging/_drivers/impl_rabbit.py | 9 | ||||
| -rw-r--r-- | test-requirements.txt | 2 |
2 files changed, 8 insertions, 3 deletions
diff --git a/oslo_messaging/_drivers/impl_rabbit.py b/oslo_messaging/_drivers/impl_rabbit.py index f6ddf8f..621469a 100644 --- a/oslo_messaging/_drivers/impl_rabbit.py +++ b/oslo_messaging/_drivers/impl_rabbit.py @@ -524,7 +524,10 @@ class Connection(object): self._url += url.virtual_host elif not url.hosts: host = oslo_messaging.transport.TransportHost('') - self._url = self._transform_transport_url( + # NOTE(moguimar): default_password in this function's context is + # a fallback option, not a hardcoded password. + # username and password are read from host. + self._url = self._transform_transport_url( # nosec url, host, default_username='guest', default_password='guest', default_hostname='localhost') @@ -654,7 +657,9 @@ class Connection(object): except KeyError: raise RuntimeError("Invalid SSL version : %s" % version) - def _transform_transport_url(self, url, host, default_username='', + # NOTE(moguimar): default_password in this function's context is just + # a fallback option, not a hardcoded password. + def _transform_transport_url(self, url, host, default_username='', # nosec default_password='', default_hostname=''): transport = url.transport.replace('kombu+', '') transport = transport.replace('rabbit', 'amqp') diff --git a/test-requirements.txt b/test-requirements.txt index d1cbfde..42a086a 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -25,7 +25,7 @@ coverage!=4.4,>=4.0 # Apache-2.0 pyngus>=2.2.0 # Apache-2.0 # Bandit security code scanner -bandit>=1.1.0,<1.6.0 # Apache-2.0 +bandit>=1.6.0,<1.7.0 # Apache-2.0 eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT greenlet>=0.4.10 # MIT |