actions
/
gh-action-pypi-publish
Template
mirror of https://github.com/pypa/gh-action-pypi-publish
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Suppress false-positive S105 @ `oidc-exchange.py`

This commit is contained in:
Sviatoslav Sydorenko (Святослав Сидоренко) 2024-05-16 17:21:36 +02:00 committed by GitHub
parent 7f0e83ee55
commit a047f618a1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
oidc-exchange.py
View File

@ -45,7 +45,7 @@ permissions:
``` ```
Learn more at https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings. Learn more at https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings.
""" """ # noqa: S105; not a password
# Specialization of the token retrieval failure case, when we know that # Specialization of the token retrieval failure case, when we know that
# the failure cause is use within a third-party PR. # the failure cause is use within a third-party PR.
@ -59,7 +59,7 @@ even if `id-token: write` is explicitly configured.
To fix this, change your publishing workflow to use an event that To fix this, change your publishing workflow to use an event that
forks of your repository cannot trigger (such as tag or release forks of your repository cannot trigger (such as tag or release
creation, or a manually triggered workflow dispatch). creation, or a manually triggered workflow dispatch).
""" """ # noqa: S105; not a password
# Rendered if the package index refuses the given OIDC token. # Rendered if the package index refuses the given OIDC token.
_SERVER_REFUSED_TOKEN_EXCHANGE_MESSAGE = """ _SERVER_REFUSED_TOKEN_EXCHANGE_MESSAGE = """
@ -71,7 +71,7 @@ This generally indicates a trusted publisher configuration error, but could
also indicate an internal error on GitHub or PyPI's part. also indicate an internal error on GitHub or PyPI's part.
{rendered_claims} {rendered_claims}
""" """ # noqa: S105; not a password
_RENDERED_CLAIMS = """ _RENDERED_CLAIMS = """
The claims rendered below are **for debugging purposes only**. You should **not** The claims rendered below are **for debugging purposes only**. You should **not**
@ -97,7 +97,7 @@ Token request failed: the index produced an unexpected
This strongly suggests a server configuration or downtime issue; wait This strongly suggests a server configuration or downtime issue; wait
a few minutes and try again. a few minutes and try again.
""" """ # noqa: S105; not a password
# Rendered if the package index's token response isn't a valid API token payload. # Rendered if the package index's token response isn't a valid API token payload.
_SERVER_TOKEN_RESPONSE_MALFORMED_MESSAGE = """ _SERVER_TOKEN_RESPONSE_MALFORMED_MESSAGE = """
@ -105,7 +105,7 @@ Token response error: the index gave us an invalid response.
This strongly suggests a server configuration or downtime issue; wait This strongly suggests a server configuration or downtime issue; wait
a few minutes and try again. a few minutes and try again.
""" """ # noqa: S105; not a password
def die(msg: str) -> NoReturn: def die(msg: str) -> NoReturn: