Handle bandit assessement

funilrys · funilrys · commit 0166ecef5d86 · 2025-12-17T16:28:42.000+01:00
diff --git a/PyFunceble/cli/migrators/mariadb/file_and_status.py b/PyFunceble/cli/migrators/mariadb/file_and_status.py
@@ -107,7 +107,7 @@ def migrate(self) -> "FileAndStatusMigrator":
             destination = get_destination_from_origin(file_info["path"])
 
             for status in self.get_rows(
-                f"SELECT * from pyfunceble_status WHERE file_id = {file_info['id']}"
+                f"SELECT * from pyfunceble_status WHERE file_id = {file_info['id']}"  # nosec: B608 # Self-Controlled Input
             ):
                 if (
                     self.continuous_integration
@@ -144,7 +144,9 @@ def migrate(self) -> "FileAndStatusMigrator":
 
                 # pylint: disable=line-too-long
                 self.db_session.execute(
-                    text(f"DELETE from pyfunceble_status WHERE id = {status['id']}")
+                    text(
+                        f"DELETE from pyfunceble_status WHERE id = {status['id']}"  # nosec: B608 # Self-Controlled Input
+                    )
                 )
                 self.db_session.commit()
 
@@ -155,7 +157,9 @@ def migrate(self) -> "FileAndStatusMigrator":
             if drop_table:
                 # pylint: disable=line-too-long
                 self.db_session.execute(
-                    text(f"DELETE from pyfunceble_file WHERE id = {file_info['id']}")
+                    text(
+                        f"DELETE from pyfunceble_file WHERE id = {file_info['id']}"  # nosec: B608 # Self-Controlled Input
+                    )
                 )
                 self.db_session.commit()
 
diff --git a/PyFunceble/helpers/command.py b/PyFunceble/helpers/command.py
@@ -191,7 +191,7 @@ def execute(self, *, raise_on_error: bool = False) -> str:
             self.command,
             stdout=subprocess.PIPE,
             stderr=subprocess.STDOUT,
-            shell=True,
+            shell=True,  # nosec: B602 # Aware of the security implications.
             env=os.environ,
         ) as process:
             stdout, stderr = process.communicate()
@@ -222,7 +222,7 @@ def run(self, rstrip: bool = True) -> Generator[str, None, None]:
             self.command,
             stdout=subprocess.PIPE,
             stderr=subprocess.STDOUT,
-            shell=True,
+            shell=True,  # nosec: B602 # Aware of the security implications.
             env=os.environ,
         ) as process:
             while True:
