kamp/fdroidserver
1
0
Fork 0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-10-03 17:50:11 +02:00
Code Activity

gitlab-ci: use latest alpine/bandit to fix CVE flagged by safety

Browse Source
This commit is contained in:
Hans-Christoph Steiner 2021-05-10 16:02:41 +02:00
parent 2b21584b35
commit 022d0796d8
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.gitlab-ci.yml
View File

@ -170,19 +170,19 @@ gradlew-fdroid:
# Run all the various linters and static analysis tools. # Run all the various linters and static analysis tools.
lint_format_safety_bandit_checks: lint_format_safety_bandit_checks:
image: alpine:3.10 # cannot upgrade until bandit supports Python 3.8 image: alpine:3.13
variables: variables:
LANG: C.UTF-8 LANG: C.UTF-8
script: script:
- apk add --no-cache bash build-base dash ca-certificates gcc python3 python3-dev - apk add --no-cache bash build-base dash ca-certificates gcc python3 python3-dev
- python3 -m ensurepip - python3 -m ensurepip
- $pip install Babel 'bandit<1.6.0' pycodestyle pyflakes pylint safety - $pip install Babel bandit pycodestyle pyflakes pylint safety
- export EXITVALUE=0 - export EXITVALUE=0
- function set_error() { export EXITVALUE=1; printf "\x1b[31mERROR `history|tail -2|head -1|cut -b 6-500`\x1b[0m\n"; } - function set_error() { export EXITVALUE=1; printf "\x1b[31mERROR `history|tail -2|head -1|cut -b 6-500`\x1b[0m\n"; }
- ./hooks/pre-commit || set_error - ./hooks/pre-commit || set_error
- bandit - bandit
-ii -ii
-s B110,B322,B404,B408,B410,B603,B607 -s B110,B404,B408,B410,B603,B607
-r $CI_PROJECT_DIR fdroid -r $CI_PROJECT_DIR fdroid
|| set_error || set_error
- safety check --full-report || set_error - safety check --full-report || set_error