explain nosec

Author: harminius

mergin/test/test_client.py

@@ -1389,7 +1389,7 @@ def _get_table_row_count(db_file, table):
     try:
         con_verify = sqlite3.connect(db_file)
         cursor_verify = con_verify.cursor()
-        cursor_verify.execute("select count(*) from {};".format(table))  # nosec B608
+        cursor_verify.execute("select count(*) from {};".format(table))  # nosec B608 - internal test helper, not using user input
         return cursor_verify.fetchone()[0]
     finally:
         cursor_verify.close()
@@ -3085,7 +3085,7 @@ def test_uploaded_chunks_cache(mc):
 
     with open(file, "rb") as file_handle:
         data = file_handle.read()
-        checksum = hashlib.sha1()  # nosec B324  # usedforsecurity=False flag is compatible with python 3.9+
+        checksum = hashlib.sha1()  # nosec B324 - usedforsecurity=False flag is compatible with python 3.9+
         checksum.update(data)
         checksum_str = checksum.hexdigest()
         resp = mc.post(f"/v2/projects/{mp.project_id()}/chunks", data, {"Content-Type": "application/octet-stream"})

mergin/utils.py

@@ -20,7 +20,7 @@ def generate_checksum(file, chunk_size=4096):
     :param chunk_size: size of chunk
     :return: sha1 checksum
     """
-    checksum = hashlib.sha1()  # nosec B324  # usedforsecurity=False flag is compatible with python 3.9+
+    checksum = hashlib.sha1()  # nosec B324 - usedforsecurity=False flag is compatible with python 3.9+
     with open(file, "rb") as f:
         while True:
             chunk = f.read(chunk_size)
@@ -306,7 +306,7 @@ def get_data_checksum(data: ByteString) -> str:
     :param data: data to calculate checksum
     :return: sha1 checksum
     """
-    checksum = hashlib.sha1()  # nosec B324  # usedforsecurity=False flag is compatible with python 3.9+
+    checksum = hashlib.sha1()  # nosec B324 - usedforsecurity=False flag is compatible with python 3.9+
     checksum.update(data)
     return checksum.hexdigest()