aboutsummaryrefslogtreecommitdiffstats
path: root/ice_validator/tests
diff options
context:
space:
mode:
authorLovett, Trevor <trevor.lovett@att.com>2019-07-23 18:09:09 -0500
committerLovett, Trevor (tl2972) <tl2972@att.com>2019-07-24 08:13:17 -0500
commitb395eb5bb6c79558202a3d414982a56fac7c9e1d (patch)
treefee89beee0b19a0a15ae79037024e4a8edb64aaf /ice_validator/tests
parentddba4856fc7e3d844e9e763d44ce97207a1f23bd (diff)
[VVP] Adding bandit security scans and fixes
Issue-ID: VVP-244 Change-Id: Ia782f4cc7bf5a379ff8cdcce96cd2e7235998345 Signed-off-by: Lovett, Trevor <trevor.lovett@att.com>
Diffstat (limited to 'ice_validator/tests')
-rw-r--r--ice_validator/tests/cached_yaml.py3
-rw-r--r--ice_validator/tests/conftest.py2
-rw-r--r--ice_validator/tests/test_initial_configuration.py4
3 files changed, 6 insertions, 3 deletions
diff --git a/ice_validator/tests/cached_yaml.py b/ice_validator/tests/cached_yaml.py
index 1b977a6..196d9b8 100644
--- a/ice_validator/tests/cached_yaml.py
+++ b/ice_validator/tests/cached_yaml.py
@@ -55,3 +55,6 @@ def load(fp):
if abs_path not in YAML_CACHE:
YAML_CACHE[abs_path] = yaml.safe_load(fp)
return YAML_CACHE[abs_path]
+
+
+safe_load = load
diff --git a/ice_validator/tests/conftest.py b/ice_validator/tests/conftest.py
index e3c21e6..5653cca 100644
--- a/ice_validator/tests/conftest.py
+++ b/ice_validator/tests/conftest.py
@@ -963,7 +963,7 @@ def hash_directory(path):
:param path: string directory containing files
:return: string MD5 hash code (hex)
"""
- md5 = hashlib.md5()
+ md5 = hashlib.md5() # nosec
for dir_path, sub_dirs, filenames in os.walk(path):
for filename in filenames:
file_path = os.path.join(dir_path, filename)
diff --git a/ice_validator/tests/test_initial_configuration.py b/ice_validator/tests/test_initial_configuration.py
index f911ce9..654d75d 100644
--- a/ice_validator/tests/test_initial_configuration.py
+++ b/ice_validator/tests/test_initial_configuration.py
@@ -80,7 +80,7 @@ def test_02_no_duplicate_keys_in_file(yaml_file):
try:
with open(yaml_file) as fh:
- normal_yaml.load(fh)
+ normal_yaml.safe_load(fh)
except ConstructorError as e:
pytest.fail("{} {}".format(e.problem, e.problem_mark))
@@ -93,7 +93,7 @@ def test_03_all_referenced_resources_exists(yaml_file):
actually exists in all yaml files
"""
with open(yaml_file) as fh:
- yml = yaml.load(fh)
+ yml = yaml.safe_load(fh)
# skip if resources are not defined
if "resources" not in yml: