diff --git a/auth.py b/auth.py index 9fad6de20..8297aa816 100644 --- a/auth.py +++ b/auth.py @@ -10,7 +10,6 @@ import base64 import hashlib import binascii import os -import random import secrets diff --git a/daemon.py b/daemon.py index b24a0ddc7..9007ed3b6 100644 --- a/daemon.py +++ b/daemon.py @@ -535,7 +535,7 @@ class PubServer(BaseHTTPRequestHandler): except BaseException: pass if not etag: - etag = sha1(data).hexdigest() # nosec + etag = sha1(data).hexdigest() # nosec try: with open(mediaFilename + '.etag', 'w') as etagFile: etagFile.write(etag) @@ -5098,7 +5098,7 @@ class PubServer(BaseHTTPRequestHandler): else: with open(mediaFilename, 'rb') as avFile: mediaBinary = avFile.read() - etag = sha1(mediaBinary).hexdigest() # nosec + etag = sha1(mediaBinary).hexdigest() # nosec try: with open(mediaTagFilename, 'w') as etagFile: etagFile.write(etag) diff --git a/media.py b/media.py index dcc6ca9e5..4afa96571 100644 --- a/media.py +++ b/media.py @@ -43,10 +43,10 @@ def removeMetaData(imageFilename: str, outputFilename: str) -> None: return if os.path.isfile('/usr/bin/exiftool'): print('Removing metadata from ' + outputFilename + ' using exiftool') - os.system('exiftool -all= ' + outputFilename) # nosec + os.system('exiftool -all= ' + outputFilename) # nosec elif os.path.isfile('/usr/bin/mogrify'): print('Removing metadata from ' + outputFilename + ' using mogrify') - os.system('/usr/bin/mogrify -strip ' + outputFilename) # nosec + os.system('/usr/bin/mogrify -strip ' + outputFilename) # nosec def getImageHash(imageFilename: str) -> str: @@ -119,7 +119,7 @@ def updateEtag(mediaFilename: str) -> None: if not data: return # calculate hash - etag = sha1(data).hexdigest() # nosec + etag = sha1(data).hexdigest() # nosec # save the hash try: with open(mediaFilename + '.etag', 'w') as etagFile: diff --git a/person.py b/person.py index eab69cd8b..2196b68b3 100644 --- a/person.py +++ b/person.py @@ -153,16 +153,14 @@ def randomizeActorImages(personJson: {}) -> None: existingExtension = lastPartOfFilename.split('.')[1] # NOTE: these files don't need to have cryptographically # secure names + randStr = str(randint(10000000000000, 99999999999999)) # nosec personJson['icon']['url'] = \ - personId + '/avatar' + \ - str(randint(10000000000000, 99999999999999)) + \ # nosec - '.' + existingExtension + personId + '/avatar' + randStr + '.' + existingExtension lastPartOfFilename = personJson['image']['url'].split('/')[-1] existingExtension = lastPartOfFilename.split('.')[1] + randStr = str(randint(10000000000000, 99999999999999)) # nosec personJson['image']['url'] = \ - personId + '/image' + \ - str(randint(10000000000000, 99999999999999)) + \ # nosec - '.' + existingExtension + personId + '/image' + randStr + '.' + existingExtension def createPersonBase(baseDir: str, nickname: str, domain: str, port: int, @@ -206,11 +204,11 @@ def createPersonBase(baseDir: str, nickname: str, domain: str, port: int, imageUrl = \ personId + '/image' + \ - str(randint(10000000000000, 99999999999999)) + '.png' # nosec + str(randint(10000000000000, 99999999999999)) + '.png' # nosec iconUrl = \ personId + '/avatar' + \ - str(randint(10000000000000, 99999999999999)) + '.png' # nosec + str(randint(10000000000000, 99999999999999)) + '.png' # nosec contextDict = { 'Emoji': 'toot:Emoji', diff --git a/utils.py b/utils.py index 69a882f48..c53811f26 100644 --- a/utils.py +++ b/utils.py @@ -1099,9 +1099,8 @@ def siteIsActive(url: str) -> bool: return False try: req = urllib.request.Request(url) - with urllib.request.urlopen(req, timeout=10) as res: # nosec - # testStr = response.read() - return True + urllib.request.urlopen(req, timeout=10) # nosec + return True except SocketError as e: if e.errno == errno.ECONNRESET: print('WARN: connection was reset during siteIsActive')