From 5b74a739d9e3a53c4f6dfe4880dd8911fef1b0e5 Mon Sep 17 00:00:00 2001
From: Kevin O'Gorman <kog@freedom.press>
Date: Thu, 16 May 2024 16:06:34 -0400
Subject: [PATCH 1/2] Added loaddata option to specify file submission size

---
 securedrop/loaddata.py | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/securedrop/loaddata.py b/securedrop/loaddata.py
index 3edeee4a1c..241e00f435 100755
--- a/securedrop/loaddata.py
+++ b/securedrop/loaddata.py
@@ -200,18 +200,24 @@ def submit_message(source: Source, journalist_who_saw: Optional[Journalist]) ->
         db.session.add(seen_message)
 
 
-def submit_file(source: Source, journalist_who_saw: Optional[Journalist]) -> None:
+def submit_file(source: Source, journalist_who_saw: Optional[Journalist], size: int = 0) -> None:
     """
     Adds a single file submitted by a source.
     """
     record_source_interaction(source)
+    if not size:
+        file_bytes = b"This is an example of a plain text file upload"
+    else:
+        file_bytes = os.urandom(size * 1024)
+
     fpath = Storage.get_default().save_file_submission(
         source.filesystem_id,
         source.interaction_count,
         source.journalist_filename,
         "memo.txt",
-        io.BytesIO(b"This is an example of a plain text file upload."),
+        io.BytesIO(file_bytes),
     )
+
     submission = Submission(source, fpath, Storage.get_default())
     db.session.add(submission)
 
@@ -358,7 +364,11 @@ def add_sources(args: argparse.Namespace, journalists: Tuple[Journalist, ...]) -
             seen_message_count -= 1
 
         for _ in range(args.files_per_source):
-            submit_file(source, secrets.choice(journalists) if seen_file_count > 0 else None)
+            submit_file(
+                source,
+                secrets.choice(journalists) if seen_file_count > 0 else None,
+                args.random_file_size,
+            )
             seen_file_count -= 1
 
         if i <= starred_sources_count:
@@ -484,6 +494,13 @@ def parse_arguments() -> argparse.Namespace:
         action="store_true",
         default=False,
     )
+    parser.add_argument(
+        "--random-file-size",
+        help="Create random submission files with size specified (in KB)",
+        type=non_negative_int,
+        default=0,
+    )
+
     return parser.parse_args()
 
 

From 7a04452d4d7d4b131cdafeaba00b4d5b74fa8ccd Mon Sep 17 00:00:00 2001
From: Kevin O'Gorman <kog@freedom.press>
Date: Thu, 16 May 2024 17:01:28 -0400
Subject: [PATCH 2/2] add safety ignores: 67599, 67895

---
 Makefile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Makefile b/Makefile
index ffe0fd6b26..a3736f6b08 100644
--- a/Makefile
+++ b/Makefile
@@ -184,6 +184,8 @@ safety:  ## Run `safety check` to check python dependencies for vulnerabilities.
 		--ignore 66777 \
 		--ignore 66704 \
 		--ignore 66710 \
+		--ignore 67895 \
+		--ignore 67599 \
 		--full-report -r $$req_file \
 		&& echo -e '\n' \
 		|| exit 1; \