chore(pre-commit): autoupdate hooks #1314
Conversation
![pre-commit-ci[bot]](https://avatars.githubusercontent.com/in/68672?s=60&v=4){kind=small}
updates: - [github.com/pycqa/bandit: 1.7.4 → 1.7.5](PyCQA/bandit@1.7.4...1.7.5)
|
This is interesting! https://bandit.readthedocs.io/en/1.7.5/plugins/b113_request_without_timeout.html
Hence the |
|
From dev meeting: Let’s add timeouts to our requests so Bandit passes these tests |
|
I was looking into what value we should use for the timeout. According to I think we might want to have these driven by configurable settings rather than hard-coding them. So basically we would introduce new environment variables for these two values, update docs, and use them everywhere that we make an HTTP request via |
|
Let's keep this as simple as possible. I don't think we have any reason or data to suggest we need to worry about timeouts anywhere in the app. Fine to create an env var, but let's have a sane default and not expect that we'll need to override it really ever, unless this becomes a real issue. |
|
The bandit failure should be addressed by the commits I pushed. However, this is blocked due to the same error that is blocking #1325 |
|
This is now unblocked and ready for review |
There was a problem hiding this comment.
I was looking around the web at different ways to set this timeout, hoping for a simpler configuration that would avoid having to repeat the setting each time. Nothing compelling came up. A Session object doesn't feel correct since we're requesting from many different services.
This works! 👍
updates: