projects
/
mudpy.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Whitelist uses of stdlib random module for bandit
[mudpy.git]
/
mudpy
/
command.py
diff --git
a/mudpy/command.py
b/mudpy/command.py
index
601bc82
..
d72e4e3
100644
(file)
--- a/
mudpy/command.py
+++ b/
mudpy/command.py
@@
-111,7
+111,9
@@
def error(actor, input_data):
"""Generic error for an unrecognized command word."""
# 90% of the time use a generic error
"""Generic error for an unrecognized command word."""
# 90% of the time use a generic error
- if random.randrange(10):
+ # Whitelist the random.randrange() call in bandit since it's not used for
+ # security/cryptographic purposes
+ if random.randrange(10): # nosec
message = '''I'm not sure what "''' + input_data + '''" means...'''
# 10% of the time use the classic diku error
message = '''I'm not sure what "''' + input_data + '''" means...'''
# 10% of the time use the classic diku error