Fix: pre-commit and tox issues
pre-commit and tox issues need to be fixed for tox-verify
GHA tox-verify to work correctly.
- shellcheck errors:
SC3040 (warning): In POSIX sh, set option pipefail is undefined.
SC3037 (warning): In POSIX sh, echo flags are undefined.
SC2086 (info): Double quote to prevent globbing and word splitting.
SC2004 (style): $/${} is unnecessary on arithmetic variables.
- flake: E501 line too long
- pydocsytle errors:
D103: Missing docstring in public function
D100: Missing docstring in public module
- write-good errors remove passive voice
- Fixes bandit: CWE: CWE-20 (https://cwe.mitre.org/data/definitions/20.html)
Using lxml.etree.parse to parse untrusted XML data is known to be
vulnerable to XML attacks. Replace lxml.etree.parse with its
defusedxml equivalent function
Ref: https://rules.sonarsource.com/python/RSPEC-2755
Issue: LF-JIRA RELENG-4742
Change-Id: I635281bc39ebb1157df13dde6809c2809af8c1d4
Signed-off-by: Anil Belur <[email protected]>
Code Review / releng / builder.git / commit