Intruce bandit pre-commit checks
This commit is contained in:
parent
73735b378f
commit
63d6a6e0ed
4 changed files with 20 additions and 10 deletions
|
@ -37,3 +37,9 @@ repos:
|
||||||
hooks:
|
hooks:
|
||||||
- id: isort
|
- id: isort
|
||||||
args: ['--profile', 'black', '--line-length', '100']
|
args: ['--profile', 'black', '--line-length', '100']
|
||||||
|
- repo: https://github.com/Lucas-C/pre-commit-hooks-bandit
|
||||||
|
rev: v1.0.5
|
||||||
|
hooks:
|
||||||
|
- id: python-bandit-vulnerability-check
|
||||||
|
name: bandit
|
||||||
|
args: [--skip, "B101", --recursive, mylib]
|
||||||
|
|
|
@ -261,7 +261,7 @@ class DB:
|
||||||
def insert(self, table, values, just_try=False):
|
def insert(self, table, values, just_try=False):
|
||||||
"""Run INSERT SQL query"""
|
"""Run INSERT SQL query"""
|
||||||
# pylint: disable=consider-using-f-string
|
# pylint: disable=consider-using-f-string
|
||||||
sql = "INSERT INTO {} ({}) VALUES ({})".format(
|
sql = "INSERT INTO {} ({}) VALUES ({})".format( # nosec
|
||||||
self._quote_table_name(table),
|
self._quote_table_name(table),
|
||||||
", ".join([self._quote_field_name(field) for field in values.keys()]),
|
", ".join([self._quote_field_name(field) for field in values.keys()]),
|
||||||
", ".join([self.format_param(key) for key in values]),
|
", ".join([self.format_param(key) for key in values]),
|
||||||
|
@ -280,7 +280,7 @@ class DB:
|
||||||
def update(self, table, values, where_clauses, where_op=None, just_try=False):
|
def update(self, table, values, where_clauses, where_op=None, just_try=False):
|
||||||
"""Run UPDATE SQL query"""
|
"""Run UPDATE SQL query"""
|
||||||
# pylint: disable=consider-using-f-string
|
# pylint: disable=consider-using-f-string
|
||||||
sql = "UPDATE {} SET {}".format(
|
sql = "UPDATE {} SET {}".format( # nosec
|
||||||
self._quote_table_name(table),
|
self._quote_table_name(table),
|
||||||
", ".join(
|
", ".join(
|
||||||
[f"{self._quote_field_name(key)} = {self.format_param(key)}" for key in values]
|
[f"{self._quote_field_name(key)} = {self.format_param(key)}" for key in values]
|
||||||
|
@ -306,7 +306,7 @@ class DB:
|
||||||
|
|
||||||
def delete(self, table, where_clauses, where_op="AND", just_try=False):
|
def delete(self, table, where_clauses, where_op="AND", just_try=False):
|
||||||
"""Run DELETE SQL query"""
|
"""Run DELETE SQL query"""
|
||||||
sql = f"DELETE FROM {self._quote_table_name(table)}"
|
sql = f"DELETE FROM {self._quote_table_name(table)}" # nosec
|
||||||
params = {}
|
params = {}
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
@ -327,7 +327,7 @@ class DB:
|
||||||
|
|
||||||
def truncate(self, table, just_try=False):
|
def truncate(self, table, just_try=False):
|
||||||
"""Run TRUNCATE SQL query"""
|
"""Run TRUNCATE SQL query"""
|
||||||
sql = f"TRUNCATE TABLE {self._quote_table_name(table)}"
|
sql = f"TRUNCATE TABLE {self._quote_table_name(table)}" # nosec
|
||||||
|
|
||||||
if just_try:
|
if just_try:
|
||||||
log.debug("Just-try mode: execute TRUNCATE query: %s", sql)
|
log.debug("Just-try mode: execute TRUNCATE query: %s", sql)
|
||||||
|
|
|
@ -173,7 +173,9 @@ class EmailClient(
|
||||||
self.templates[template_name] = {}
|
self.templates[template_name] = {}
|
||||||
log.debug("Load email template %s %s from %s", template_name, template_type, filepath)
|
log.debug("Load email template %s %s from %s", template_name, template_type, filepath)
|
||||||
with open(filepath, encoding="utf8") as file_desc:
|
with open(filepath, encoding="utf8") as file_desc:
|
||||||
self.templates[template_name][template_type] = MakoTemplate(file_desc.read())
|
self.templates[template_name][template_type] = MakoTemplate(
|
||||||
|
file_desc.read()
|
||||||
|
) # nosec
|
||||||
|
|
||||||
def forge_message(
|
def forge_message(
|
||||||
self,
|
self,
|
||||||
|
@ -575,13 +577,14 @@ if __name__ == "__main__":
|
||||||
text=(
|
text=(
|
||||||
"Just a test email sent at {sent_date}."
|
"Just a test email sent at {sent_date}."
|
||||||
if not options.test_mako
|
if not options.test_mako
|
||||||
else MakoTemplate("Just a test email sent at ${sent_date}.")
|
else MakoTemplate("Just a test email sent at ${sent_date | h}.") # nosec
|
||||||
),
|
),
|
||||||
html=(
|
html=(
|
||||||
"<strong>Just a test email.</strong> <small>(sent at {sent_date})</small>"
|
"<strong>Just a test email.</strong> <small>(sent at {sent_date | h})</small>"
|
||||||
if not options.test_mako
|
if not options.test_mako
|
||||||
else MakoTemplate(
|
else MakoTemplate( # nosec
|
||||||
"<strong>Just a test email.</strong> <small>(sent at ${sent_date})</small>"
|
"<strong>Just a test email.</strong> "
|
||||||
|
"<small>(sent at ${sent_date | h})</small>"
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
|
@ -51,7 +51,8 @@ def main(argv=None): # pylint: disable=too-many-locals,too-many-statements
|
||||||
test_content = b"Juste un test."
|
test_content = b"Juste un test."
|
||||||
tmp_dir = tempfile.TemporaryDirectory() # pylint: disable=consider-using-with
|
tmp_dir = tempfile.TemporaryDirectory() # pylint: disable=consider-using-with
|
||||||
tmp_file = os.path.join(
|
tmp_file = os.path.join(
|
||||||
tmp_dir.name, f'tmp{"".join(random.choice(string.ascii_lowercase) for i in range(8))}'
|
tmp_dir.name,
|
||||||
|
f'tmp{"".join(random.choice(string.ascii_lowercase) for i in range(8))}', # nosec
|
||||||
)
|
)
|
||||||
log.debug('Temporary file path: "%s"', tmp_file)
|
log.debug('Temporary file path: "%s"', tmp_file)
|
||||||
with open(tmp_file, "wb") as file_desc:
|
with open(tmp_file, "wb") as file_desc:
|
||||||
|
|
Loading…
Reference in a new issue