mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-11-05 06:50:29 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

gitlab-ci: add 'bandit' security scanner to all runs

Browse source 
bandit is used by Radically Open Security and is part of the GitLab Ultimate
Static Application Security Testing (SAST) suite.

https://docs.gitlab.com/ee/user/project/merge_requests/sast.html
This commit is contained in:
Hans-Christoph Steiner 2018-08-29 17:48:06 +02:00
parent 4d13a904f3
commit 3ffe2860f3
3 changed files with 11 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
fdroidserver/common.py
View file

@ -283,7 +283,7 @@ def read_config(opts, config_file='config.py'):
logging.debug(_("Reading '{config_file}'").format(config_file=config_file))
with io.open(config_file, "rb") as f:
code = compile(f.read(), config_file, 'exec')
exec(code, None, config)
exec(code, None, config) # nosec TODO switch to YAML file
else:
logging.warning(_("No 'config.py' found, using defaults."))