This is an automated email from the ASF dual-hosted git repository. tomaz pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/libcloud.git
The following commit(s) were added to refs/heads/trunk by this push: new 0f3b1bc01 Add nosec bandit pragma for known issue. 0f3b1bc01 is described below commit 0f3b1bc01b2e6d4c646a60ac23865bf2281a578c Author: Tomaz Muraus <to...@tomaz.me> AuthorDate: Sun Jun 16 12:07:42 2024 +0200 Add nosec bandit pragma for known issue. --- libcloud/compute/ssh.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libcloud/compute/ssh.py b/libcloud/compute/ssh.py index 5c01f02fa..f1efb65b9 100644 --- a/libcloud/compute/ssh.py +++ b/libcloud/compute/ssh.py @@ -318,7 +318,9 @@ class ParamikoSSHClient(BaseSSHClient): self.use_compression = use_compression self.client = paramiko.SSHClient() - self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + # Long term we should switch to a more secure default, but this would break + # a lot of non-interactive deployment scripts + self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # nosec self.logger = self._get_and_setup_logger() # This object is lazily created on first SFTP operation (e.g. put()