Intruce bandit pre-commit checks

This commit is contained in:
Benjamin Renard 2023-03-23 09:56:31 +01:00
parent 73735b378f
commit 63d6a6e0ed
Signed by: bn8
GPG key ID: 3E2E1CE1907115BC
4 changed files with 20 additions and 10 deletions

View file

@ -37,3 +37,9 @@ repos:
hooks: hooks:
- id: isort - id: isort
args: ['--profile', 'black', '--line-length', '100'] args: ['--profile', 'black', '--line-length', '100']
- repo: https://github.com/Lucas-C/pre-commit-hooks-bandit
rev: v1.0.5
hooks:
- id: python-bandit-vulnerability-check
name: bandit
args: [--skip, "B101", --recursive, mylib]

View file

@ -261,7 +261,7 @@ class DB:
def insert(self, table, values, just_try=False): def insert(self, table, values, just_try=False):
"""Run INSERT SQL query""" """Run INSERT SQL query"""
# pylint: disable=consider-using-f-string # pylint: disable=consider-using-f-string
sql = "INSERT INTO {} ({}) VALUES ({})".format( sql = "INSERT INTO {} ({}) VALUES ({})".format( # nosec
self._quote_table_name(table), self._quote_table_name(table),
", ".join([self._quote_field_name(field) for field in values.keys()]), ", ".join([self._quote_field_name(field) for field in values.keys()]),
", ".join([self.format_param(key) for key in values]), ", ".join([self.format_param(key) for key in values]),
@ -280,7 +280,7 @@ class DB:
def update(self, table, values, where_clauses, where_op=None, just_try=False): def update(self, table, values, where_clauses, where_op=None, just_try=False):
"""Run UPDATE SQL query""" """Run UPDATE SQL query"""
# pylint: disable=consider-using-f-string # pylint: disable=consider-using-f-string
sql = "UPDATE {} SET {}".format( sql = "UPDATE {} SET {}".format( # nosec
self._quote_table_name(table), self._quote_table_name(table),
", ".join( ", ".join(
[f"{self._quote_field_name(key)} = {self.format_param(key)}" for key in values] [f"{self._quote_field_name(key)} = {self.format_param(key)}" for key in values]
@ -306,7 +306,7 @@ class DB:
def delete(self, table, where_clauses, where_op="AND", just_try=False): def delete(self, table, where_clauses, where_op="AND", just_try=False):
"""Run DELETE SQL query""" """Run DELETE SQL query"""
sql = f"DELETE FROM {self._quote_table_name(table)}" sql = f"DELETE FROM {self._quote_table_name(table)}" # nosec
params = {} params = {}
try: try:
@ -327,7 +327,7 @@ class DB:
def truncate(self, table, just_try=False): def truncate(self, table, just_try=False):
"""Run TRUNCATE SQL query""" """Run TRUNCATE SQL query"""
sql = f"TRUNCATE TABLE {self._quote_table_name(table)}" sql = f"TRUNCATE TABLE {self._quote_table_name(table)}" # nosec
if just_try: if just_try:
log.debug("Just-try mode: execute TRUNCATE query: %s", sql) log.debug("Just-try mode: execute TRUNCATE query: %s", sql)

View file

@ -173,7 +173,9 @@ class EmailClient(
self.templates[template_name] = {} self.templates[template_name] = {}
log.debug("Load email template %s %s from %s", template_name, template_type, filepath) log.debug("Load email template %s %s from %s", template_name, template_type, filepath)
with open(filepath, encoding="utf8") as file_desc: with open(filepath, encoding="utf8") as file_desc:
self.templates[template_name][template_type] = MakoTemplate(file_desc.read()) self.templates[template_name][template_type] = MakoTemplate(
file_desc.read()
) # nosec
def forge_message( def forge_message(
self, self,
@ -575,13 +577,14 @@ if __name__ == "__main__":
text=( text=(
"Just a test email sent at {sent_date}." "Just a test email sent at {sent_date}."
if not options.test_mako if not options.test_mako
else MakoTemplate("Just a test email sent at ${sent_date}.") else MakoTemplate("Just a test email sent at ${sent_date | h}.") # nosec
), ),
html=( html=(
"<strong>Just a test email.</strong> <small>(sent at {sent_date})</small>" "<strong>Just a test email.</strong> <small>(sent at {sent_date | h})</small>"
if not options.test_mako if not options.test_mako
else MakoTemplate( else MakoTemplate( # nosec
"<strong>Just a test email.</strong> <small>(sent at ${sent_date})</small>" "<strong>Just a test email.</strong> "
"<small>(sent at ${sent_date | h})</small>"
) )
), ),
) )

View file

@ -51,7 +51,8 @@ def main(argv=None): # pylint: disable=too-many-locals,too-many-statements
test_content = b"Juste un test." test_content = b"Juste un test."
tmp_dir = tempfile.TemporaryDirectory() # pylint: disable=consider-using-with tmp_dir = tempfile.TemporaryDirectory() # pylint: disable=consider-using-with
tmp_file = os.path.join( tmp_file = os.path.join(
tmp_dir.name, f'tmp{"".join(random.choice(string.ascii_lowercase) for i in range(8))}' tmp_dir.name,
f'tmp{"".join(random.choice(string.ascii_lowercase) for i in range(8))}', # nosec
) )
log.debug('Temporary file path: "%s"', tmp_file) log.debug('Temporary file path: "%s"', tmp_file)
with open(tmp_file, "wb") as file_desc: with open(tmp_file, "wb") as file_desc: