[GRASS-git] [OSGeo/grass] e07a28: checks: Disable Bandit B603 check for untrusted in...
Vaclav Petras
noreply at github.com
Sat Jun 15 22:47:27 PDT 2024
Branch: refs/heads/main
Home: https://github.com/OSGeo/grass
Commit: e07a2894ef1016b5588b49a80bfa8b0a36eb4a8d
https://github.com/OSGeo/grass/commit/e07a2894ef1016b5588b49a80bfa8b0a36eb4a8d
Author: Vaclav Petras <wenzeslaus at gmail.com>
Date: 2024-06-16 (Sun, 16 Jun 2024)
Changed paths:
M pyproject.toml
Log Message:
-----------
checks: Disable Bandit B603 check for untrusted input (#3839)
The message 'check for execution of untrusted input' is triggered by any use of subprocess regardless of the actual input, so even fixed input triggers it. Bandit issue https://github.com/PyCQA/bandit/issues/333 discusses that this is a common false positive triggered by any usage.
The pattern is common enough in our code to ignore this to avoid clutter and warning fatigue. We already ignore B404 mentioned in the issue above.
To unsubscribe from these emails, change your notification settings at https://github.com/OSGeo/grass/settings/notifications
More information about the grass-commit
mailing list