LGTM.com - false positive

[sashacmc]

Modified local variable args will be stored to the class member self.__status['args'] = args

https://lgtm.com/projects/g/sashacmc/face-rec-tools/snapshot/4486ea317c10b0c547d065f686c1c3c3086b018d/files/face_rec_tools/recognizer.py?sort=name&dir=ASC&mode=heatmap#x988e398fb1dca9e:1

[yoff]

Hi @sashacmc, I suppose the query has tracked a call such as this to find that 'args' comes from 'locals()'.

Of course you are right that, while this is normally an issue, you actually save the modified dictionary yourself, so I agree that this is like a false positive. Thank you for reporting it!

Our current focus is on improving our security analysis. Because your report does not relate to a security query, we will put this on our backlog and prioritize it if we get enough reports of the same underlying issue in other projects. If you think that your report is related to our security analysis, please clarify that in a comment. Either way, we'll let you know here as soon as it's fixed!

As you might know, all of our queries are open source. If you do have an idea for a code change, we encourage you to open a pull request. Indeed this particular query runs on outdated technology and should be updated.

GitHub Code Scanning and lgtm.com have facilities for suppressing individual alerts or disabling a query.