Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rework args #3

Merged
merged 3 commits into from
Mar 1, 2024
Merged

Rework args #3

merged 3 commits into from
Mar 1, 2024

Conversation

lukehinds
Copy link
Contributor

No description provided.

@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 1, 2024

🛡️ Bandit Scan Results Summary

We found 1 High, 2 Medium, and 3 Low severity issues.

Detailed Findings

Severity Issue File Line Confidence More Info Test ID
🟡 LOW Consider possible security implications associated with the subprocess module. ./test/main.py 1 HIGH More Info B404
🟡 LOW Consider possible security implications associated with pickle module. ./test/main.py 9 HIGH More Info B403
⚪ MEDIUM Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue. ./test/main.py 10 HIGH More Info B301
🟡 LOW Possible hardcoded password: 'this_is_a_secret_key' ./test/main.py 5 MEDIUM More Info B105
🔴 HIGH subprocess call with shell=True identified, security issue. ./test/main.py 15 HIGH More Info B602
⚪ MEDIUM Use of unsafe yaml load. Allows instantiation of arbitrary objects. Consider yaml.safe_load(). ./test/main.py 20 HIGH More Info B506
✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

  • Join our community on the Discord server.
  • Share tips, get advice, and collaborate on security best practices.

@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 1, 2024

🛡️ Bandit Scan Results Summary

We found 1 High, 2 Medium, and 3 Low severity issues.

Detailed Findings

Severity Issue File Line Confidence More Info Test ID
🟡 LOW Consider possible security implications associated with the subprocess module. ./test/main.py 1 HIGH More Info B404
🟡 LOW Consider possible security implications associated with pickle module. ./test/main.py 9 HIGH More Info B403
⚪ MEDIUM Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue. ./test/main.py 10 HIGH More Info B301
🟡 LOW Possible hardcoded password: 'this_is_a_secret_key' ./test/main.py 5 MEDIUM More Info B105
🔴 HIGH subprocess call with shell=True identified, security issue. ./test/main.py 15 HIGH More Info B602
⚪ MEDIUM Use of unsafe yaml load. Allows instantiation of arbitrary objects. Consider yaml.safe_load(). ./test/main.py 20 HIGH More Info B506
✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

  • Join our community on the Discord server.
  • Share tips, get advice, and collaborate on security best practices.

@lukehinds lukehinds merged commit f5d81d2 into main Mar 1, 2024
1 check failed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@lukehinds