Issues - rjdbcm/Aspidites

Starting a process with a shell, possible injection detected, security issue.
Open

        with os.popen(setup_runner) as p:

Found in Aspidites/api/compiler.py by bandit

Exclude checks
- Disable engine
- Disable check

Standard pseudo-random generators are not suitable for security/cryptographic purposes.
Open

                        num = randint(1, 10000000000000000000)

Found in Aspidites/api/repl.py by bandit

Exclude checks
- Disable engine
- Disable check

The input method in Python 2 will read from standard input, evaluate and run the resulting string as python source code. This is similar, though in many ways worse, then using eval. On Python 2, use raw_input instead, input is safe in Python 3.
Open

                line2 = input(CONTINUE_PROMPT)

Found in Aspidites/api/repl.py by bandit

Exclude checks
- Disable engine
- Disable check

Use of exec detected.
Open

            out = exec(code, self.__locals__, self.__locals__)

Found in Aspidites/api/repl.py by bandit

Exclude checks
- Disable engine
- Disable check

Starting a process with a shell, possible injection detected, security issue.
Open

         os.popen(
             f'git log --abbrev-commit --pretty=oneline v{last_version}...HEAD'

Found in dev/scripts/bumpversion_hook.py by bandit

Exclude checks
- Disable engine
- Disable check

Try, Except, Pass detected.
Open

                except Exception:

Found in Aspidites/woma/fileutils.py by bandit

Exclude checks
- Disable engine
- Disable check

rjdbcm/Aspidites

Showing 46 of 50 total issues

Starting a process with a shell, possible injection detected, security issue.
Open

Standard pseudo-random generators are not suitable for security/cryptographic purposes.
Open

The input method in Python 2 will read from standard input, evaluate and run the resulting string as python source code. This is similar, though in many ways worse, then using eval. On Python 2, use raw_input instead, input is safe in Python 3.
Open

Use of exec detected.
Open

Starting a process with a shell, possible injection detected, security issue.
Open

Try, Except, Pass detected.
Open

Severity

Category

Status

Source

Language

rjdbcm/Aspidites

Showing 46 of 50 total issues

Starting a process with a shell, possible injection detected, security issue. Open

Standard pseudo-random generators are not suitable for security/cryptographic purposes. Open

The input method in Python 2 will read from standard input, evaluate and run the resulting string as python source code. This is similar, though in many ways worse, then using eval. On Python 2, use raw_input instead, input is safe in Python 3. Open

Use of exec detected. Open

Starting a process with a shell, possible injection detected, security issue. Open

Try, Except, Pass detected. Open

Severity

Category

Status

Source

Language

Starting a process with a shell, possible injection detected, security issue.
Open

Standard pseudo-random generators are not suitable for security/cryptographic purposes.
Open

The input method in Python 2 will read from standard input, evaluate and run the resulting string as python source code. This is similar, though in many ways worse, then using eval. On Python 2, use raw_input instead, input is safe in Python 3.
Open

Use of exec detected.
Open

Starting a process with a shell, possible injection detected, security issue.
Open

Try, Except, Pass detected.
Open