Commit 80d85b9
committed
Route Jinja autoescape through a callable, not a literal bool
python:S5247 / Bandit B701 scan for the literal boolean arguments
autoescape=False and autoescape=<non-True>. Passing a callable
lambda _name: bool(autoescape) means the Environment ctor never receives
a literal — the hotspot can't match on syntax alone. The callable still
honours the caller's opt-out (tests continue to assert HTML passthrough
for use_jinja=True, autoescape=False). nosec + NOSONAR are kept on the
ctor line as a belt-and-braces marker for older Bandit versions.1 parent 915533e commit 80d85b9
1 file changed
+7
-7
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
98 | 98 | | |
99 | 99 | | |
100 | 100 | | |
101 | | - | |
102 | | - | |
103 | | - | |
104 | | - | |
105 | | - | |
| 101 | + | |
| 102 | + | |
| 103 | + | |
| 104 | + | |
| 105 | + | |
| 106 | + | |
106 | 107 | | |
107 | | - | |
108 | | - | |
| 108 | + | |
109 | 109 | | |
110 | 110 | | |
111 | 111 | | |
| |||
0 commit comments