search

laminlabs / lamindb

A data framework for biology.
https://docs.lamin.ai
Apache License 2.0
105 stars 7 forks source link

:sparkles: Add bandit #1686

Open Zethson opened 1 month ago

Zethson commented 1 month ago

Enabling security rules in Ruff:

lamindb/_annotate.py:962:9: S101 Use of `assert` detected
lamindb/_annotate.py:1168:5: S101 Use of `assert` detected
lamindb/_artifact.py:971:9: S101 Use of `assert` detected
lamindb/_can_validate.py:226:9: S110 `try`-`except`-`pass` detected, consider logging the exception
lamindb/_collection.py:103:9: S101 Use of `assert` detected
lamindb/_feature.py:142:5: S101 Use of `assert` detected
lamindb/_finish.py:106:13: S602 `subprocess` call with `shell=True` identified, security issue
lamindb/_finish.py:127:13: S602 `subprocess` call with `shell=True` identified, security issue
lamindb/core/_feature_manager.py:379:5: S101 Use of `assert` detected
lamindb/core/_feature_manager.py:421:13: S101 Use of `assert` detected
lamindb/core/_feature_manager.py:432:17: S101 Use of `assert` detected
lamindb/core/_feature_manager.py:434:17: S101 Use of `assert` detected
lamindb/core/_feature_manager.py:538:9: S101 Use of `assert` detected
lamindb/core/_feature_manager.py:541:9: S101 Use of `assert` detected
lamindb/core/_feature_manager.py:569:9: S101 Use of `assert` detected
lamindb/core/_feature_manager.py:599:9: S101 Use of `assert` detected
lamindb/core/_label_manager.py:69:9: S112 `try`-`except`-`continue` detected, consider logging the exception
lamindb/core/_label_manager.py:105:13: S110 `try`-`except`-`pass` detected, consider logging the exception
lamindb/core/_mapped_collection.py:110:9: S101 Use of `assert` detected
lamindb/core/_run_context.py:47:24: S324 Probable use of insecure hash functions in `hashlib`: `md5`
lamindb/core/_run_context.py:117:16: S113 Probable use of requests call without timeout
lamindb/core/_settings.py:122:9: S101 Use of `assert` detected
lamindb/core/_sync_git.py:28:9: S602 `subprocess` call with `shell=True` identified, security issue
lamindb/core/_sync_git.py:39:9: S607 Starting a process with a partial executable path
lamindb/core/_sync_git.py:40:9: S602 `subprocess` call with `shell=True` seems safe, but may be changed in the future; consider rewriting without `shell`
lamindb/core/_sync_git.py:61:9: S602 `subprocess` call with `shell=True` identified, security issue
lamindb/core/_sync_git.py:71:9: S101 Use of `assert` detected
lamindb/core/_sync_git.py:85:13: S607 Starting a process with a partial executable path
lamindb/core/_sync_git.py:86:13: S602 `subprocess` call with `shell=True` seems safe, but may be changed in the future; consider rewriting without `shell`
lamindb/core/_sync_git.py:96:9: S602 `subprocess` call with `shell=True` identified, security issue
lamindb/core/_track_environment.py:18:66: S602 `subprocess` call with `shell=True` identified, security issue
lamindb/core/storage/_backed_access.py:210:13: S110 `try`-`except`-`pass` detected, consider logging the exception
lamindb/core/storage/_backed_access.py:308:17: S110 `try`-`except`-`pass` detected, consider logging the exception
lamindb/core/storage/paths.py:50:5: S101 Use of `assert` detected
lamindb/integrations/_vitessce.py:42:13: S101 Use of `assert` detected
tests/conftest.py:36:9: S607 Starting a process with a partial executable path
tests/conftest.py:36:51: S602 `subprocess` call with `shell=True` seems safe, but may be changed in the future; consider rewriting without `shell`
tests/test_run_context.py:107:9: S602 `subprocess` call with `shell=True` identified, security issue
Found 38 errors.

Just a show off for now! We can discuss later

falexwolf commented 4 weeks ago

Great! Let's discuss this tomorrow!