-
Notifications
You must be signed in to change notification settings - Fork 1
Conversation
…hing to the defusedxml package. Added the #nosec tag to the requests.get() call because we need to use verify=false to successfully connect.
Rename the assessment_data_export() function to export_assessment_data() so I can access the main() function in tests. Correctly tie the version reported by Docopt to match the __version__ set in _versiono.py
This pull request introduces 1 alert and fixes 1 when merging f632cb0 into e8c1ace - view on LGTM.com new alerts:
fixed alerts:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved, but see my one comment.
src/ade/assessment_data_export.py
Outdated
@@ -94,7 +96,7 @@ def export_jira_data(jira_base_url, jira_credentials_file, jira_filter, xml_file | |||
# Export XML data from Jira | |||
try: | |||
response = requests.get( | |||
jira_url, auth=(jira_username, jira_password), verify=False | |||
jira_url, auth=(jira_username, jira_password), verify=False # nosec |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is nosec needed here? It might be good to include a comment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good catch, I mentioned it in the commit but forgot to add a code comment. Hopefully the comment in 2f19cc6 satisfies.
…t checks for a piece of code.
This pull request introduces 1 alert and fixes 1 when merging 2f19cc6 into e8c1ace - view on LGTM.com new alerts:
fixed alerts:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Excelsior! Fine work @mcdonnnj. 💪
Remove the terraform-docs hook
🗣 Description
This PR brings this project into the fold by merging cisagov/skeleton-python-library. This includes migrating the project from Travis CI to GitHub Actions,
💭 Motivation and Context
Since I will need to add some functionality to this project I thought it would be a good idea to bring it in line with other Python projects by merging in
skeleton-python-library
.🧪 Testing
All automated tests pass with no issues. I tested the change to
defusedxml
manually and ensured that a JSON would still be generated correctly from sample XML.🚥 Types of Changes
✅ Checklist