[fix] bandit sql warnings (#3242)
This commit is contained in:
Vlad Stan
dni ⚡
parent
e0749e186e
commit
76ecf113c3
8 changed files with 99 additions and 58 deletions
|
|
@ -221,10 +221,10 @@ classmethod-decorators = [
|
|||
# S602 `subprocess` call with `shell=True` identified, security issue
|
||||
# S603 `subprocess` call: check for execution of untrusted input
|
||||
# S607: Starting a process with a partial executable path
|
||||
# TODO: do not skip S608:
|
||||
# S608: Possible SQL injection vector through string-based query construction
|
||||
# S324 Probable use of insecure hash functions in `hashlib`: `md5`
|
||||
"lnbits/*" = ["S101", "S608"]
|
||||
# TODO: remove S101 ignore
|
||||
"lnbits/*" = ["S101"]
|
||||
"lnbits/core/views/admin_api.py" = ["S602", "S603", "S607"]
|
||||
"crypto.py" = ["S324"]
|
||||
"test*.py" = ["S101", "S105", "S106", "S307"]
|
||||
|
|
@ -232,9 +232,6 @@ classmethod-decorators = [
|
|||
"tests/*" = ["S311"]
|
||||
"tests/regtest/helpers.py" = ["S603"]
|
||||
|
||||
[tool.bandit]
|
||||
skips = ["B101", "B404"]
|
||||
|
||||
[tool.ruff.lint.mccabe]
|
||||
max-complexity = 10
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue