gitlab-ci: use latest alpine/bandit to fix CVE flagged by safety

2024-07-04 16:30:12 +02:00 · 2021-05-10 16:02:41 +02:00 · 2021-05-10 16:02:41 +02:00 · 022d0796d8
commit 022d0796d8
parent 2b21584b35
1 changed files with 3 additions and 3 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -170,19 +170,19 @@ gradlew-fdroid:

 # Run all the various linters and static analysis tools.
 lint_format_safety_bandit_checks:
-  image: alpine:3.10 # cannot upgrade until bandit supports Python 3.8
+  image: alpine:3.13
  variables:
    LANG: C.UTF-8
  script:
    - apk add --no-cache bash build-base dash ca-certificates gcc python3 python3-dev
    - python3 -m ensurepip
-    - $pip install Babel 'bandit<1.6.0' pycodestyle pyflakes pylint safety
+    - $pip install Babel bandit pycodestyle pyflakes pylint safety
    - export EXITVALUE=0
    - function set_error() { export EXITVALUE=1; printf "\x1b[31mERROR `history|tail -2|head -1|cut -b 6-500`\x1b[0m\n"; }
    - ./hooks/pre-commit || set_error
    - bandit
        -ii
-        -s B110,B322,B404,B408,B410,B603,B607
+        -s B110,B404,B408,B410,B603,B607
        -r $CI_PROJECT_DIR fdroid
        || set_error
    - safety check --full-report || set_error