Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove pycryptodome from import blacklist #417

Closed
wants to merge 2 commits into from
Closed

Remove pycryptodome from import blacklist #417

wants to merge 2 commits into from

Conversation

ghugo
Copy link
Contributor

@ghugo ghugo commented Oct 30, 2018

pycryptodome appears to be actively maintained, as opposed to pycrypto.

Unless there is a noted security issue with not using it, this removes
the blanket blacklist on the library. Any insecure hashes/ciphers/etc.
that the library provides will still be reported as per other libraries.

ghugo and others added 2 commits October 30, 2018 16:27
pycryptodome appears to be actively maintained, as opposed to pycrypto.

Unless there is a noted security issue with not using it, this removes
the blanket blacklist on the library. Any insecure hashes/ciphers/etc.
that the library provides will still be reported as per other libraries.
@lukehinds
Copy link
Member

Hi @ghugo

CI is failing as the functional test is still running for pycryptodome.

https://travis-ci.org/PyCQA/bandit/jobs/470149209#L485

I think you need to remove the following:

def test_blacklist_pycryptodome(self):

@ericwb
Copy link
Member

ericwb commented Apr 12, 2019

Superseded by #470

@ericwb ericwb closed this Apr 12, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants