Commit a547be1
committed
fix: CI pip install failure + 2 bandit security issues
- Remove pysqlite3 from [dev] deps (caused pip resolution failure on CI;
keep in [graphqlite] where it belongs; code already handles import error)
- Fix B324: add usedforsecurity=False to hashlib.md5() call
- Fix B202: add safe member validation to tarfile.extractall()
(use filter='data' on Python 3.12+, manual validation on older)1 parent 34d5504 commit a547be1
3 files changed
Lines changed: 22 additions & 6 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
96 | 96 | | |
97 | 97 | | |
98 | 98 | | |
99 | | - | |
100 | | - | |
| 99 | + | |
101 | 100 | | |
102 | 101 | | |
103 | 102 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
183 | 183 | | |
184 | 184 | | |
185 | 185 | | |
186 | | - | |
| 186 | + | |
| 187 | + | |
| 188 | + | |
187 | 189 | | |
188 | 190 | | |
189 | 191 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
11 | 11 | | |
12 | 12 | | |
13 | 13 | | |
| 14 | + | |
| 15 | + | |
14 | 16 | | |
15 | 17 | | |
16 | 18 | | |
| |||
160 | 162 | | |
161 | 163 | | |
162 | 164 | | |
| 165 | + | |
| 166 | + | |
| 167 | + | |
| 168 | + | |
| 169 | + | |
| 170 | + | |
| 171 | + | |
| 172 | + | |
| 173 | + | |
| 174 | + | |
| 175 | + | |
| 176 | + | |
163 | 177 | | |
164 | 178 | | |
165 | 179 | | |
| |||
221 | 235 | | |
222 | 236 | | |
223 | 237 | | |
224 | | - | |
225 | | - | |
226 | 238 | | |
227 | | - | |
| 239 | + | |
| 240 | + | |
| 241 | + | |
| 242 | + | |
228 | 243 | | |
229 | 244 | | |
230 | 245 | | |
| |||
0 commit comments