Add bandit

.pre-commit-config.yaml

@@ -84,6 +84,13 @@ repos:
     rev: 24.8.0
     hooks:
       - id: black
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.7.9
+    hooks:
+      - id: bandit
+        args: ["-c", "pyproject.toml"]
+        additional_dependencies: ["bandit[toml]"]
+
 ci:
   autoupdate_schedule: quarterly
   skip:

geoservercloud/geoservercloud.py

@@ -18,7 +18,7 @@ def __init__(
         self,
         url: str = "http://localhost:9090/geoserver/cloud/",
         user: str = "admin",
-        password: str = "geoserver",
+        password: str = "geoserver",  # nosec
     ) -> None:
 
         self.url: str = url

geoservercloud/restservice.py

@@ -2,6 +2,8 @@
 
 import requests
 
+TIMEOUT = 120
+
 
 class RestService:
     def __init__(self, url: str, auth: tuple[str, str]) -> None:
@@ -19,6 +21,7 @@ def get(
             params=params,
             headers=headers,
             auth=self.auth,
+            timeout=TIMEOUT,
         )
         if response.status_code != 404:
             response.raise_for_status()
@@ -40,6 +43,7 @@ def post(
             json=json,
             data=data,
             auth=self.auth,
+            timeout=TIMEOUT,
         )
         if response.status_code != 409:
             response.raise_for_status()
@@ -60,6 +64,7 @@ def put(
             json=json,
             data=data,
             auth=self.auth,
+            timeout=TIMEOUT,
         )
         response.raise_for_status()
         return response
@@ -75,6 +80,7 @@ def delete(
             params=params,
             headers=headers,
             auth=self.auth,
+            timeout=TIMEOUT,
         )
         if response.status_code != 404:
             response.raise_for_status()

pyproject.toml

@@ -43,3 +43,6 @@ fix-shallow-repository = true
 
 [tool.poetry-plugin-tweak-dependencies-version]
 default = "present"
+
+[tool.bandit]
+exclude_dirs = ["tests"]