Fix code scanning alert - Use of possibly insecure function - consider using safer ast.literal_eval.

cools9 / ElementalDB

A database made in python meant to be superfast and easy to learn for beginners and meant to be a sql,sqlite and postgres competitor

MIT License

11 stars 11 forks source link

Fix code scanning alert - Use of possibly insecure function - consider using safer ast.literal_eval. #53

Open Bashamega opened 1 week ago

Bashamega commented 1 week ago

Tracking issue for:

[ ] https://github.com/cools9/ElementalDB/security/code-scanning/14

ESFLOWNK commented 1 week ago

If in those lines, eval is used for maths ast.literal_eval could be suitable. The problem with it is that bad codes could be injected and that shouldn't be a problem but it's a bad practice

cools9 commented 1 week ago

Makes sense can u fix it @ESFLOWNK