Issues - djbrown/hbscorez

Refactor this function to reduce its Cognitive Complexity from 16 to the 15 allowed.
Open

def scrape_league(league_link, district, season, options):  # pylint: disable=too-many-branches

Found in src/leagues/management/commands/import_leagues.py by sonar-python

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.

See

Cognitive Complexity

Using _Element to parse untrusted XML data is known to be vulnerable to XML attacks. Replace _Element with the equivalent defusedxml package.
Open

from lxml.etree import _Element

Found in src/base/parsing.py by bandit

Exclude checks
- Disable engine
- Disable check

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Open

    assert sports_hall is not None

Found in src/base/logic.py by bandit

Exclude checks
- Disable engine
- Disable check

Using html to parse untrusted XML data is known to be vulnerable to XML attacks. Replace html with the equivalent defusedxml package.
Open

from lxml import html

Found in src/base/parsing.py by bandit

Exclude checks
- Disable engine
- Disable check

By default, jinja2 sets autoescape to False. Consider using autoescape=True or use the select_autoescape function to mitigate XSS vulnerabilities.
Open

    env = Environment(trim_blocks=True, lstrip_blocks=True, **options)

Found in src/hbscorez/jinja2_env.py by bandit

Exclude checks
- Disable engine
- Disable check

djbrown/hbscorez

Showing 105 of 113 total issues

Refactor this function to reduce its Cognitive Complexity from 16 to the 15 allowed.
Open

See

Using _Element to parse untrusted XML data is known to be vulnerable to XML attacks. Replace _Element with the equivalent defusedxml package.
Open

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Open

Using html to parse untrusted XML data is known to be vulnerable to XML attacks. Replace html with the equivalent defusedxml package.
Open

By default, jinja2 sets autoescape to False. Consider using autoescape=True or use the select_autoescape function to mitigate XSS vulnerabilities.
Open

Severity

Category

Status

Source

Language

djbrown/hbscorez

Showing 105 of 113 total issues

Refactor this function to reduce its Cognitive Complexity from 16 to the 15 allowed. Open

See

Using _Element to parse untrusted XML data is known to be vulnerable to XML attacks. Replace _Element with the equivalent defusedxml package. Open

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. Open

Using html to parse untrusted XML data is known to be vulnerable to XML attacks. Replace html with the equivalent defusedxml package. Open

By default, jinja2 sets autoescape to False. Consider using autoescape=True or use the select_autoescape function to mitigate XSS vulnerabilities. Open

Severity

Category

Status

Source

Language

Refactor this function to reduce its Cognitive Complexity from 16 to the 15 allowed.
Open

Using _Element to parse untrusted XML data is known to be vulnerable to XML attacks. Replace _Element with the equivalent defusedxml package.
Open

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Open

Using html to parse untrusted XML data is known to be vulnerable to XML attacks. Replace html with the equivalent defusedxml package.
Open

By default, jinja2 sets autoescape to False. Consider using autoescape=True or use the select_autoescape function to mitigate XSS vulnerabilities.
Open