Bandit 1.7.5 found missing request timeout
rffontenelle opened this issue · 0 comments
rffontenelle commented
Bandit 1.7.5 adds B113:request_without_timeout and the following issue was found in this workflow run:
>> Issue: [B113:request_without_timeout] Requests call without timeout
Severity: Medium Confidence: Low
CWE: CWE-400 (https://cwe.mitre.org/data/definitions/400.html)
More Info: https://bandit.readthedocs.io/en/1.7.5/plugins/b113_request_without_timeout.html
Location: ./cherry_picker/cherry_picker.py:443:19
442 url = CREATE_PR_URL_TEMPLATE.format(config=self.config)
443 response = requests.post(url, headers=request_headers, json=data)
444 if response.status_code == requests.codes.created: