Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clear security high - False Positive Detection #81

Merged
merged 5 commits into from
Feb 14, 2020
Merged

Clear security high - False Positive Detection #81

merged 5 commits into from
Feb 14, 2020

Conversation

lamusmaser
Copy link
Contributor

Fixing a line that is detected, and flagging as a false positive line, due to this module no longer being able to run with the affected version.

Included referential comment near skipped line for future information.

Test performed (for False Positive detection):

Python 2.7.17 (v2.7.17:c2f86d86e6, Oct 19 2019, 21:01:17) [MSC v.1500 64 bit (AMD64)] on win32
Type "help", "copyright", "credits" or "license" for more information.

>>> import qualysapi

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "qualysapi\__init__.py", line 6, in <module>
    from qualysapi.util import connect
  File "qualysapi\util.py", line 4, in <module>
    import qualysapi.config as qcconf
  File "qualysapi\config.py", line 173
    proxy_config += f":{proxy_port}"
                                   ^
SyntaxError: invalid syntax

Bandit Results:

Code scanned:
        Total lines of code: 1158
        Total lines skipped (#nosec): 1

Run metrics:
        Total issues (by severity):
                Undefined: 0.0
                Low: 3.0
                Medium: 0.0
                High: 0.0
        Total issues (by confidence):
                Undefined: 0.0
                Low: 0.0
                Medium: 0.0
                High: 3.0
Files skipped (0):
ERROR: InvocationError for command 'E:\scripting_misc\qualysapi_builds\qualysapitests_clear-security-high\paragbaxi\qualysapi\.tox\security\Scripts\bandit.EXE' --recursive qualysapi/ (exited with code 1)
_______________________________________________________ summary _______________________________________________________
ERROR:   security: commands failed

lamusmaser and others added 5 commits February 12, 2020 15:34
@lamusmaser
Merge pull request #1 from paragbaxi/master
86bfd4f 
Update to latest to work on next feature.
Update api_actions.py
6119ab8
Update api_actions.py
373672a
High Security Detection - False Positive
dde4308 
Fixing a line that is detected, and flagging as a false positive line, due to this module no longer being able to run with the affected version.

Test performed:
Python 2.7.17 (v2.7.17:c2f86d86e6, Oct 19 2019, 21:01:17) [MSC v.1500 64 bit (AMD64)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> import qualysapi
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "qualysapi\__init__.py", line 6, in <module>
    from qualysapi.util import connect
  File "qualysapi\util.py", line 4, in <module>
    import qualysapi.config as qcconf
  File "qualysapi\config.py", line 173
    proxy_config += f":{proxy_port}"
                                   ^
SyntaxError: invalid syntax

Bandit Results:
----------------------------------
Code scanned:
        Total lines of code: 1158
        Total lines skipped (#nosec): 1

Run metrics:
        Total issues (by severity):
                Undefined: 0.0
                Low: 3.0
                Medium: 0.0
                High: 0.0
        Total issues (by confidence):
                Undefined: 0.0
                Low: 0.0
                Medium: 0.0
                High: 3.0
Files skipped (0):
ERROR: InvocationError for command 'E:\scripting_misc\qualysapi_builds\qualysapitests_clear-security-high\paragbaxi\qualysapi\.tox\security\Scripts\bandit.EXE' --recursive qualysapi/ (exited with code 1)
_______________________________________________________ summary _______________________________________________________
ERROR:   security: commands failed
@lamusmaser
Update api_actions.py
45a8afa
@paragbaxi paragbaxi merged commit e2e48b5 into paragbaxi:master Feb 14, 2020
@lamusmaser lamusmaser deleted the clear-security-high branch February 14, 2020 17:30
@lamusmaser lamusmaser mentioned this pull request Feb 18, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paragbaxi paragbaxi paragbaxi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@lamusmaser @paragbaxi