Mercurial > p > roundup > code

diff roundup/backends/indexer_dbm.py @ 6002:3175bb92ca28

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Cleanups for bandit Set bandit to ignore use of md5. Treat schema from database as trusted to eval. We wrote it based on the schema.py file. Replace some bare except: with a proper exception. mode 775 for index directory is correct. Allows indices to be written by email and web interfaces that run as different users but can have the roundup group in common.
author John Rouillard <rouilj@ieee.org>
date Thu, 26 Dec 2019 21:44:50 -0500
parents 8e4c5db44fde
children 087cae2fbcea
line wrap: on
line diff
--- a/roundup/backends/indexer_dbm.py	Thu Dec 26 21:17:48 2019 -0500
+++ b/roundup/backends/indexer_dbm.py	Thu Dec 26 21:44:50 2019 -0500
@@ -62,7 +62,7 @@
         if os.path.exists(self.indexdb_path):
             shutil.rmtree(self.indexdb_path)
         os.makedirs(self.indexdb_path)
-        os.chmod(self.indexdb_path, 0o775)
+        os.chmod(self.indexdb_path, 0o775)  # nosec - allow group write
         open(os.path.join(self.indexdb_path, 'version'), 'w').write('1\n')
         self.reindex = 1
         self.changed = 1
Roundup Issue Tracker: http://roundup-tracker.org/