selftests/functional/output.py
Using minidom to parse untrusted XML data is known to be vulnerable to XML attacks. Replace minidom with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called. Open
Open
from xml.dom import minidom
- Exclude checks
Using xml.dom.minidom.parseString to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parseString with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called Open
Open
minidom.parseString(result.stdout_text)
- Exclude checks
Using xml.dom.minidom.parse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parse with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called Open
Open
minidom.parse(xunit_output_path)
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
result = process.run(
cmd_line, shell=True, ignore_status=True, env={"LC_ALL": "C"}
- Exclude checks
Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell Open
Open
return os.system("perl -e 'use TAP::Parser;'") != 0
- Exclude checks
Using xml.dom.minidom.parse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parse with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called Open
Open
minidom.parse(tmpfile)
- Exclude checks
Using xml.dom.minidom.parse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parse with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called Open
Open
minidom.parse(tmpfile)
- Exclude checks
Starting a process with a partial executable path Open
Open
return os.system("perl -e 'use TAP::Parser;'") != 0
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
result = process.run(cmd_line, ignore_status=True, shell=True)
- Exclude checks
File output.py
has 582 lines of code (exceeds 250 allowed). Consider refactoring. Open
Open
import json
import os
import re
import shlex
import unittest
Function _check_output
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
Open
def _check_output(self, path, exps):
i = 0
end = len(exps)
with open(path, "rb") as output_file: # pylint: disable=W1514
output_file_content = output_file.read()
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"