This is an automated email from the ASF dual-hosted git repository.
tomaz pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/libcloud.git
The following commit(s) were added to refs/heads/trunk by this push:
new 0f3b1bc01 Add nosec bandit pragma for known issue.
0f3b1bc01 is described below
commit 0f3b1bc01b2e6d4c646a60ac23865bf2281a578c
Author: Tomaz Muraus <to...@tomaz.me>
AuthorDate: Sun Jun 16 12:07:42 2024 +0200
Add nosec bandit pragma for known issue.
---
libcloud/compute/ssh.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libcloud/compute/ssh.py b/libcloud/compute/ssh.py
index 5c01f02fa..f1efb65b9 100644
--- a/libcloud/compute/ssh.py
+++ b/libcloud/compute/ssh.py
@@ -318,7 +318,9 @@ class ParamikoSSHClient(BaseSSHClient):
self.use_compression = use_compression
self.client = paramiko.SSHClient()
- self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+ # Long term we should switch to a more secure default, but this would
break
+ # a lot of non-interactive deployment scripts
+ self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) #
nosec
self.logger = self._get_and_setup_logger()
# This object is lazily created on first SFTP operation (e.g. put()
