Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[In-Progress] Added multi-tenant dataset (early stages) #83

Open
wants to merge 5 commits into
base: master
Choose a base branch
from

Conversation

filipecosta90
Copy link
Collaborator

No description provided.

@filipecosta90 filipecosta90 added the enhancement New feature or request label Jan 24, 2023
@filipecosta90 filipecosta90 changed the title Added multi-tenant dataset (early stages) [In-Progress] Added multi-tenant dataset (early stages) Jan 24, 2023
doc_ids = []

create_idxs_csvfile = open(create_idxs_fname, "w", newline="")
create_idxs_csv_writer = csv.writer(create_idxs_csvfile, delimiter=",")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

51% of developers fix this issue

Incompatible parameter type: Expected _csv._Writer for 1st positional only parameter to call _csv.writer but got io.TextIOWrapper.


ℹ️ Learn about @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.


Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

create_idxs_csv_writer = csv.writer(create_idxs_csvfile, delimiter=",")

setup_fname_csvfile = open(setup_fname, "w", newline="")
setup_csv_writer = csv.writer(setup_fname_csvfile, delimiter=",")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

51% of developers fix this issue

Incompatible parameter type: Expected _csv._Writer for 1st positional only parameter to call _csv.writer but got io.TextIOWrapper.


ℹ️ Learn about @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.


Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

doc_ids = []

create_idxs_csvfile = open(create_idxs_fname, "w", newline="")
create_idxs_csv_writer = csv.writer(create_idxs_csvfile, delimiter=",")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

opt.semgrep.python.lang.security.unquoted-csv-writer.unquoted-csv-writer: Found an unquoted CSV writer. This is susceptible to injection. Use quoting=csv.QUOTE_ALL.


ℹ️ Learn about @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.


Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

create_idxs_csv_writer = csv.writer(create_idxs_csvfile, delimiter=",")

setup_fname_csvfile = open(setup_fname, "w", newline="")
setup_csv_writer = csv.writer(setup_fname_csvfile, delimiter=",")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

opt.semgrep.python.lang.security.unquoted-csv-writer.unquoted-csv-writer: Found an unquoted CSV writer. This is susceptible to injection. Use quoting=csv.QUOTE_ALL.


ℹ️ Learn about @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.


Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]


def rand_str(minN, maxN):
return "".join(
random.choices(
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

10% of developers fix this issue

💬 8 similar findings have been found in this PR


blacklist: Standard pseudo-random generators are not suitable for security/cryptographic purposes.


🔎 Expand here to view all instances of this finding
File Path Line Number
scripts/datagen_redisearch/search_multi_tenant/ftsb_generate_search_multi_tenant.py 58
scripts/datagen_redisearch/search_multi_tenant/ftsb_generate_search_multi_tenant.py 65
scripts/datagen_redisearch/search_multi_tenant/ftsb_generate_search_multi_tenant.py 72
scripts/datagen_redisearch/search_multi_tenant/ftsb_generate_search_multi_tenant.py 78
scripts/datagen_redisearch/search_multi_tenant/ftsb_generate_search_multi_tenant.py 82
scripts/datagen_redisearch/search_multi_tenant/ftsb_generate_search_multi_tenant.py 87
scripts/datagen_redisearch/search_multi_tenant/ftsb_generate_search_multi_tenant.py 152
scripts/datagen_redisearch/search_multi_tenant/ftsb_generate_search_multi_tenant.py 384

Visit the Lift Web Console to find more details in your report.


ℹ️ Learn about @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.


Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]


progress = tqdm(unit="docs", total=total_docs)
for doc_n in range(0, total_docs):
index_n = random.randint(1, index_limit_n)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

9% of developers fix this issue

blacklist: Standard pseudo-random generators are not suitable for security/cryptographic purposes.


ℹ️ Learn about @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.


Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

if args.generate_index_commands_only is False:

setup_fname_csvfile = open(setup_fname, "w", newline="")
setup_csv_writer = csv.writer(setup_fname_csvfile, delimiter=",")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

51% of developers fix this issue

Incompatible parameter type: Expected _csv._Writer for 1st positional only parameter to call _csv.writer but got io.TextIOWrapper.


ℹ️ Learn about @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.


Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

progress.close()
setup_fname_csvfile.close()

artifacts.append(setup_fname_csvfile)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

51% of developers fix this issue

Incompatible parameter type: Expected str for 1st positional only parameter to call list.append but got io.TextIOWrapper.


ℹ️ Learn about @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.


Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

if args.generate_index_commands_only is False:

setup_fname_csvfile = open(setup_fname, "w", newline="")
setup_csv_writer = csv.writer(setup_fname_csvfile, delimiter=",")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

opt.semgrep.python.lang.security.unquoted-csv-writer.unquoted-csv-writer: Found an unquoted CSV writer. This is susceptible to injection. Use quoting=csv.QUOTE_ALL.


ℹ️ Learn about @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.


Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

@sonarqubecloud
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot E 9 Security Hotspots
Code Smell A 12 Code Smells

No Coverage information No Coverage information
24.6% 24.6% Duplication

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant