New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(pre-commit): autoupdate hooks #1314
Conversation
updates: - [github.com/pycqa/bandit: 1.7.4 → 1.7.5](PyCQA/bandit@1.7.4...1.7.5)
This is interesting! https://bandit.readthedocs.io/en/1.7.5/plugins/b113_request_without_timeout.html
Hence the |
From dev meeting: Let’s add timeouts to our requests so Bandit passes these tests |
I was looking into what value we should use for the timeout. According to I think we might want to have these driven by configurable settings rather than hard-coding them. So basically we would introduce new environment variables for these two values, update docs, and use them everywhere that we make an HTTP request via |
Let's keep this as simple as possible. I don't think we have any reason or data to suggest we need to worry about timeouts anywhere in the app. Fine to create an env var, but let's have a sane default and not expect that we'll need to override it really ever, unless this becomes a real issue. |
The bandit failure should be addressed by the commits I pushed. However, this is blocked due to the same error that is blocking #1325 |
This is now unblocked and ready for review |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was looking around the web at different ways to set this timeout, hoping for a simpler configuration that would avoid having to repeat the setting each time. Nothing compelling came up. A Session
object doesn't feel correct since we're requesting from many different services.
This works! 👍
updates: