Refactor: do a pass to remove `noqa: S*` lines #186

mikix · 2023-03-10T15:48:37Z

None of the current noqa: S* lines are security issues. But it's still a nicer story if there aren't any.

We have two kinds of security linter exemptions right now:

SQL injection (because there's no user input involved, it's just basic string formatting)
assert lines (because it's OK that they get ignored in optimized code, as they are just sanity checks for developers writing new tasks)

So both could be fixed easily enough (SQL maybe would use some version of bound variables and the asserts could be re-written or just dropped).

Not a high priority, but might be nice to do, to simplify the security story.

The text was updated successfully, but these errors were encountered:

mikix mentioned this issue Mar 10, 2023

chore: handle new bandit warnings #185

Merged

2 tasks

mikix added enhancement New feature or request good first issue Good for newcomers labels Jun 5, 2023

mikix changed the title ~~Refactor: do a pass to remove nosec lines~~ Refactor: do a pass to remove noqa: S lines Aug 2, 2024

mikix changed the title ~~Refactor: do a pass to remove noqa: S lines~~ Refactor: do a pass to remove noqa: S* lines Aug 2, 2024

Provide feedback