insecure-kubernetes-deployments
insecure-kubernetes-deployments copied to clipboard
latiotech
Add timeout to `requests` calls
Many developers will be surprised to learn that requests library calls do not include timeouts by default. This means that an attempted request could hang indefinitely if no connection is established or if no data is received from the server.
The requests documentation suggests that most calls should explicitly include a timeout parameter. This codemod adds a default timeout value in order to set an upper bound on connection times and ensure that requests connect or fail in a timely manner. This value also ensures the connection will timeout if the server does not respond with data within a reasonable amount of time.
While timeout values will be application dependent, we believe that this codemod adds a reasonable default that serves as an appropriate ceiling for most situations.
Our changes look like the following:
import requests
- requests.get("http://example.com")
+ requests.get("http://example.com", timeout=60)
Powered by: pixeebot (codemod ID: pixee:python/add-requests-timeouts)
![pixeebot[bot] avatar](https://avatars.githubusercontent.com/in/193111?v=4 "Published by a pub.dev verified publisher"){kind=small}
I'm confident in this change, and the CI checks pass, too!
If you see any reason not to merge this, or you have suggestions for improvements, please let me know!
Just a friendly ping to remind you about this change. If there are concerns about it, we'd love to hear about them!
This change may not be a priority right now, so I'll close it. If there was something I could have done better, please let me know!
You can also customize me to make sure I'm working with you in the way you want.