From 391ba4ca2edc0a275654857b2f31e2a7d0a61fce Mon Sep 17 00:00:00 2001 From: aitbc Date: Mon, 20 Apr 2026 21:23:10 +0200 Subject: [PATCH] fix: add nosec comments for B104 in config.py - Add nosec B104 comments for rpc_bind_host and p2p_bind_host - These are intentional defaults for distributed blockchain - P2P nodes need to accept connections from peers - RPC needs to be accessible from other machines in cluster - Suppresses Bandit security scan warnings --- apps/blockchain-node/src/aitbc_chain/config.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/blockchain-node/src/aitbc_chain/config.py b/apps/blockchain-node/src/aitbc_chain/config.py index a52a58fa..6efb2297 100755 --- a/apps/blockchain-node/src/aitbc_chain/config.py +++ b/apps/blockchain-node/src/aitbc_chain/config.py @@ -26,10 +26,10 @@ class ChainSettings(BaseSettings): supported_chains: str = "ait-devnet" # Comma-separated list of supported chain IDs db_path: Path = Path("/var/lib/aitbc/data/chain.db") - rpc_bind_host: str = "0.0.0.0" + rpc_bind_host: str = "0.0.0.0" # nosec B104: intentional for distributed blockchain rpc_bind_port: int = 8080 - p2p_bind_host: str = "0.0.0.0" + p2p_bind_host: str = "0.0.0.0" # nosec B104: intentional for P2P peer connections p2p_bind_port: int = 8001 p2p_node_id: str = ""