ticket	summary	type	release	owner	status	created	modified	_description	_reporter
14206	Static analysis updates	defect		Jun Omae	new	2023-02-28T10:52:45+01:00	2023-02-28T10:52:45+01:00	"Autopep8 mostly adjusts indentation. Manual addition of some docstrings, a classifier and a modest increase to the version number. 

Two issues which I want to highlight:
1. Typo in source:tracdbftsplugin/trunk/tracdbfts/api.py
{{{#!python lineno=533 marks=534
            cursor.execute(""DROP TRIGGER IF EXISTS dbfts_insert"")
            cursor.execute(""DROP TRIGGER IF EXISTS dbfts_insert"")
            cursor.execute(""DROP TRIGGER IF EXISTS dbfts_delete"")
}}}
1. [pypi:Bandit] speaks of [https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b303-md5 insecure hash function use] also in api.py, and perhaps you can suggest an alternative?
{{{#!python lineno=602 marks=611
def _build_hash(*values):
    def to_b(value):
        if isinstance(value, _inttypes):
            return b'%d' % value
        if isinstance(value, bytes):
            return value
        if isinstance(value, unicode):
            return value.encode('utf-8')
        raise ValueError('Unrecognized value %r' % type(value))
    d = hashlib.sha1()
    d.update(b'\0'.join(to_b(value) for value in values))
    return base64.b64encode(d.digest()).rstrip(b'=')
}}}
"	figaro