From 3e1d313b7c7deb734c69cfcfffaa1dd45971c0d6 Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Wed, 29 Aug 2018 17:20:01 +0200
Subject: [PATCH] mark manually sanitized input so bandit doesn't complain

---
 fdroidserver/build.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fdroidserver/build.py b/fdroidserver/build.py
index 15bfedb3..a5ca66c6 100644
--- a/fdroidserver/build.py
+++ b/fdroidserver/build.py
@@ -220,7 +220,7 @@ def build_server(app, build, vcs, build_dir, output_dir, log_dir, force):
         if options.notarball:
             cmdline += ' --no-tarball'
         cmdline += " %s:%s" % (app.id, build.versionCode)
-        chan.exec_command('bash --login -c "' + cmdline + '"')
+        chan.exec_command('bash --login -c "' + cmdline + '"')  # nosec B601 inputs are sanitized
 
         # Fetch build process output ...
         try: