Suppress a false positive CodeQL alarm

AzureAD · Jan 15, 2025 · 0f26acc · 0f26acc
1 parent 37badb8
commit 0f26acc
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/tests/test_e2e.py b/tests/test_e2e.py
@@ -1333,6 +1333,9 @@ def test_at_pop_calling_pattern(self):
                 nonce=self._extract_pop_nonce(resp.headers.get("WWW-Authenticate")),
                 ),
             ))
+        # The api_endpoint being used is a test setup without proper SSL cert,
+        # so we suppress the CodeQL warning for disabling SSL certificate checks
+        # @suppress py/bandit/requests-ssl-verify-disabled
         resp = requests.get(api_endpoint, verify=False, headers={
             "Authorization": "pop {}".format(result["access_token"]),
             })