fix: bandit removed lxml from deny list

EvaSDK · EvaSDK · commit dc2ea160f93c · 2025-01-28T08:51:51.000+01:00
See PyCQA/bandit#1212
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -84,7 +84,7 @@ bandit:
   extends: .python_version
   stage: lint
   script:
-    - pip install bandit
+    - pip install bandit>=1.8.1
     - bandit -r woob
     - bandit -r modules
     - bandit -r contrib
diff --git a/modules/.bandit b/modules/.bandit
@@ -1,5 +1,5 @@
 [bandit]
-skips = B101,B311,B303,B304,B410,B320,B413,B106,B105,B324
+skips = B101,B311,B303,B304,B413,B106,B105,B324
 # B304: some sites require DES, well this is scraping
 # B303: some sites require MD5, well this is scraping
 # B324: some sites require MD5 or SHA1, well this is scraping
@@ -8,5 +8,3 @@ skips = B101,B311,B303,B304,B410,B320,B413,B106,B105,B324
 # B413: "import Crypto" can be cryptodome, you know?
 # B101: yes, we do use assert
 # B311: we don't need strong random
-# B410: no, defusedxml can't replace lxml's xpath implementation
-# B320: no, defusedxml can't replace lxml's xpath implementation
diff --git a/woob/.bandit b/woob/.bandit
@@ -1,10 +1,8 @@
 [bandit]
-skips = B413,B101,B311,B410,B320,B607,B603,B404,B105,B324,B303
+skips = B413,B101,B311,B607,B603,B404,B105,B324,B303
 # B413: "import Crypto" can be cryptodome, you know?
 # B101: yes, we do use assert
 # B311: we don't need strong random
-# B410: no, defusedxml can't replace lxml's xpath implementation
-# B320: no, defusedxml can't replace lxml's xpath implementation
 # B607: subprocess with partial path? of course we want PATH
 # B603: subprocess in general
 # B404: subprocess in general
