issues Search Results · repo:PyCQA/bandit language:Python
Filter by
663 results
(53 ms)663 results
inPyCQA/bandit (press backspace or delete to remove)Describe the bug
The sarif formatter raises a traceback when scanning the trojansource.py plugin.
Reproduction steps
1. Run bandit -f sarif bandit/plugins/trojansource.py
2. Notice the following traceback: ...
bug
ericwb
- 1
- Opened 2 days ago
- #1246
Is your feature request related to a problem? Please describe. cloudpickle is pickle with very bad super powers
Describe the solution you d like add cloudpickle to the detection list
Describe alternatives ...
enhancement
coldwaterq
- Opened 28 days ago
- #1236
The official documentation is not updated When read official doc still is B320 a valid code.
Image Please update.
Image
Describe the solution Also when remove a code, please leave a message stating ...
enhancement
djmv
- 4
- Opened on Feb 3
- #1228
Describe the bug
Given a function such as:
def __init__(self, auth_scheme, auth_token=None, auth_username=None, auth_password=None, auth_link=None, **kwargs):
...
Bandit will flag it as
Issue: ...
bug
fmigneault
- Opened on Jan 28
- #1227
Describe the bug
Since #1212, any configuration that still defines skips = B320,B410 fails to run with the message:
[main] INFO cli exclude tests: B320,B410
[main] ERROR Unknown test found in ...
bug
- 2
- Opened on Jan 28
- #1226
Is your feature request related to a problem? Please describe. Currently bandit reports B614:pytorch_load_save for the
following code:
import torch
torch.load( foobar.pth , weights_only=True)
However, ...
enhancement
SpecLad
- Opened on Jan 28
- #1224
Describe the bug
PR #1189 was introduced in Bandit 1.8.1 which caused a regression found in bug #1216. So the PR was reverted in #1217 so
version 1.8.2 could be released without the regression.
So in ...
bug
- Opened on Jan 13
- #1219
Describe the bug
Openstack Neutron (and other Openstack projects) use bandit to check our python files for possible security issues.
Today, right after version 1.8.1 dropped, it started breaking our ...
bug
brianphaley
- 5
- Opened on Jan 12
- #1216
Is your feature request related to a problem? Please describe. I noticed that random.choice raises a B311 warning here.
I assume this is to try to stop someone from using it with a range() in security-related ...
enhancement
aripollak
- 2
- Opened on Jan 8
- #1215
Is your feature request related to a problem? Please describe. Another SAST for Golang named Gosec has a feature to
suggest code fixes using an AI/LLM. It would be nice to have the same for Bandit.
Describe ...
enhancement
- 1
- Opened on Dec 30, 2024
- #1214
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip!
Press the /
key to activate the search input again and adjust your query.Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip!
Restrict your search to the title by using the in:title qualifier.