mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-10-06 17:31:07 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

gitlab-ci: add 'bandit' security scanner to all runs

Browse source 
bandit is used by Radically Open Security and is part of the GitLab Ultimate
Static Application Security Testing (SAST) suite.

https://docs.gitlab.com/ee/user/project/merge_requests/sast.html
This commit is contained in:
Hans-Christoph Steiner 2018-08-29 17:48:06 +02:00
parent 4d13a904f3
commit 3ffe2860f3
3 changed files with 11 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
fdroidserver/update.py
View file

@ -27,7 +27,7 @@ import re
import socket
import zipfile
import hashlib
import pickle
import pickle # nosec TODO
import time
import copy
from datetime import datetime
@ -461,7 +461,7 @@ def get_cache():
ada = options.allow_disabled_algorithms or config['allow_disabled_algorithms']
if not options.clean and os.path.exists(apkcachefile):
with open(apkcachefile, 'rb') as cf:
apkcache = pickle.load(cf, encoding='utf-8')
apkcache = pickle.load(cf, encoding='utf-8') # nosec TODO
if apkcache.get("METADATA_VERSION") != METADATA_VERSION \
or apkcache.get('allow_disabled_algorithms') != ada:
apkcache = {}