You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I found out a solution using NamedTemporaryFile from tempfile package.
I'll need to do more tests but it seems to be properly working. Bandit is no longer alerting of this flaw at our code.
Description
With the test created in the issue wazuh/wazuh-qa#1615, some possible code flaws were found by Bandit.
In this issue we specify flaws regarding the use of insecure usage of temp file/directory.
Vulnerabilities found in:
These flaws are caused by hardcoded temporary directories. We could investigate if we could generate a temporary one in a safer way (the tmpfile library can create it by its own): https://docs.openstack.org/bandit/1.4.0/plugins/hardcoded_tmp_directory.html
Once changes are done, pass the test to check that these flaws were deleted from the known flaws JSON file of framework.
Checks
wazuh/wazuh
framework/wazuh/core/cluster/tests/
&framework/wazuh/core/cluster/dapi/tests/
)framework/wazuh/core/tests/
)framework/wazuh/tests/
)framework/wazuh/rbac/tests/
)api/api/tests/
)api/test/integration/
):api/test/integration/mapping/integration_test_api_endpoints.json
)api/api/spec/spec.yaml
)framework/wazuh/core/exception.py
)CHANGELOG.md
)wazuh/wazuh-documentation
source/user-manual/api/equivalence.rst
)source/user-manual/api/rbac/reference.rst
)The text was updated successfully, but these errors were encountered: