From 656555f74dc750c843a787b557eb540500982447 Mon Sep 17 00:00:00 2001
From: Gerrit van der Merwe <gerritvandermerwe@oxd.com>
Date: Mon, 26 Oct 2020 14:56:10 -0700
Subject: [PATCH] DIV-1101 - Marked false positives for Bandit checks

---
 edivorce/apps/core/management/commands/link_check.py | 2 +-
 edivorce/apps/core/templatetags/format_utils.py      | 5 +++--
 edivorce/apps/core/templatetags/summary_format.py    | 4 ++--
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/edivorce/apps/core/management/commands/link_check.py b/edivorce/apps/core/management/commands/link_check.py
index 8cc4cf5c..d381cc04 100644
--- a/edivorce/apps/core/management/commands/link_check.py
+++ b/edivorce/apps/core/management/commands/link_check.py
@@ -13,7 +13,7 @@ class Command(BaseCommand):
 
     def _check_link(self, address):
         try:
-            resp = urlopen(address)
+            resp = urlopen(address) # nosec - This is for internal use only to check for broken links.
             if resp.status in [400, 404, 403, 408, 409, 501, 502, 503]:
                 return f"{resp.status} - {resp.reason}"
         except Exception as e:
diff --git a/edivorce/apps/core/templatetags/format_utils.py b/edivorce/apps/core/templatetags/format_utils.py
index 988eae47..ea6f4122 100644
--- a/edivorce/apps/core/templatetags/format_utils.py
+++ b/edivorce/apps/core/templatetags/format_utils.py
@@ -21,7 +21,7 @@ def linebreaksli(value):
     value = re.sub(r'\r\n|\r|\n', '\n', value.strip())  # normalize newlines
     lines = re.split('\n', value)
     lines = ['<li>%s</li>' % line for line in lines if line and not line.isspace()]
-    return mark_safe('\n'.join(lines))
+    return mark_safe('\n'.join(lines)) # nosec
 
 
 @register.filter
@@ -92,7 +92,8 @@ def checkbox(context, *args, **kwargs):
             kwargs_list.append(str(value) in str(dict_with_question[question]))
     kwargs_pass = all(kwargs_list)
 
-    return mark_safe('<i class="fa fa%s-square-o" aria-hidden="true"></i>' %
+    
+    return mark_safe('<i class="fa fa%s-square-o" aria-hidden="true"></i>' % # nosec
                      ('-check' if args_pass and kwargs_pass else ''))
 
 
diff --git a/edivorce/apps/core/templatetags/summary_format.py b/edivorce/apps/core/templatetags/summary_format.py
index 44863031..3d12ed79 100644
--- a/edivorce/apps/core/templatetags/summary_format.py
+++ b/edivorce/apps/core/templatetags/summary_format.py
@@ -8,7 +8,7 @@ from django.utils.html import format_html, format_html_join
 from django.utils.safestring import mark_safe
 
 NO_ANSWER = 'No answer'
-MISSING_RESPONSE = mark_safe('<div class="table-error"><span class="warning">MISSING REQUIRED FIELD</span></div>')
+MISSING_RESPONSE = mark_safe('<div class="table-error"><span class="warning">MISSING REQUIRED FIELD</span></div>') # nosec
 
 register = template.Library()
 
@@ -151,7 +151,7 @@ def format_review_row_heading(title, style="", substep=None):
     """ Used for children sub-section tables """
     if substep:
         url = reverse('question_steps', args=['children', substep])
-        extra_html = mark_safe(f'<span class="review-buttons"><a href="{url}">Edit</a></span>')
+        extra_html = mark_safe(f'<span class="review-buttons"><a href="{url}">Edit</a></span>') # nosec
     else:
         extra_html = ''
     return format_html(