Sahara

Hacking package usages of subprocess should be marked as nosec for bandit

Bug #1552468 reported by Michael McCune on 2016-03-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Sahara	Fix Released	Low	Tin Lam	Sahara mitaka-3 "m3"

Bug Description

The sahara.utils.hacking package is used for testing, as such the usages of subprocess within it should be marked as nosec according to the bandit documentation[1].

Steps to reproduce:
1. run `tox -ebandit` from the root of project
2. examine error output for usages of subprocess in the sahara.utils.hacking.* modules

[1]: https://github.com/openstack/bandit/blob/master/README.rst#exclusions

Tags:

Tin Lam (lamt) on 2016-03-03

Changed in sahara:
assignee:	nobody → Tin Lam (tl3438)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-03-03: Fix proposed to sahara (master)

Fix proposed to branch: master
Review: https://review.openstack.org/287591

Changed in sahara:
status:	New → In Progress

Vitalii Gridnev (vgridnev) on 2016-03-03

Changed in sahara:
milestone:	none → mitaka-3

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-03-04: Fix merged to sahara (master)

Reviewed: https://review.openstack.org/287591
Committed: https://git.openstack.org/cgit/openstack/sahara/commit/?id=d0c435168556dec69941c4b52d702ea46eb92e28
Submitter: Jenkins
Branch: master

commit d0c435168556dec69941c4b52d702ea46eb92e28
Author: Tin Lam <email address hidden>
Date: Wed Mar 2 23:17:49 2016 -0600

Added #nosec to sahara.utils.hacking package

    The sahara.utils.hacking package is used for testing, as such the
    usages of subprocess within it should be marked as nosec according
    to the bandit documentation.

Change-Id: If9299b050b9b158a78ab90b63afd94a5d4cbbf2c
Closes-Bug: #1552468

Changed in sahara:
status:	In Progress → Fix Released

Revision history for this message

Thierry Carrez (ttx) wrote on 2016-03-18: Fix included in openstack/sahara 4.0.0.0rc1

This issue was fixed in the openstack/sahara 4.0.0.0rc1 release candidate.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.