Closed etienneschalk closed 9 months ago
Related to issue #1038
Currently the following line: tarfile.extractall(path=some_path, filter="data") raises an error. See comment https://github.com/PyCQA/bandit/issues/1038#issuecomment-1956512283
tarfile.extractall(path=some_path, filter="data")
However, this should be safe according to comment https://github.com/PyCQA/bandit/issues/1038#issuecomment-1834110126
This PR does not attempt to fix issue #1038, but starts by making the line aforementioned legal. If filter="data" is detected, the rule is early exited.
filter="data"
cc @mattiasb
Closes: #1025
Hello, thanks for your review! I removed the diff noise from formatting and rebased / squashed the commits.
To test locally I used
bandit tests/functional/test_functional.py
Related to issue #1038
Currently the following line:
tarfile.extractall(path=some_path, filter="data")
raises an error. See comment https://github.com/PyCQA/bandit/issues/1038#issuecomment-1956512283However, this should be safe according to comment https://github.com/PyCQA/bandit/issues/1038#issuecomment-1834110126
This PR does not attempt to fix issue #1038, but starts by making the line aforementioned legal. If
filter="data"
is detected, the rule is early exited.cc @mattiasb
Closes: #1025