#176 nightly cron job for install testing by kernelsam · Pull Request #177 · senzing-garage/sz-python-tools

kernelsam · 2025-05-23T15:28:52Z

Pull request questions

Which issue does this address

Issue number: #176

github-actions · 2025-05-23T15:29:17Z

🛡️ Bandit Scan Results Summary

We found 2 High, 2 Medium, and 1 Low severity issues.

Detailed Findings

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
⚪ MEDIUM	Probable insecure usage of temp file/directory.	sz_tools/_tool_helpers.py	764	MEDIUM	More Info	B108
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	688	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	671	HIGH	More Info	B602

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

Join our community on the Discord server.
Share tips, get advice, and collaborate on security best practices.

github-actions · 2025-05-23T15:36:35Z

🛡️ Bandit Scan Results Summary

We found 2 High, 2 Medium, and 1 Low severity issues.

Detailed Findings

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
⚪ MEDIUM	Probable insecure usage of temp file/directory.	sz_tools/_tool_helpers.py	764	MEDIUM	More Info	B108
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	688	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	671	HIGH	More Info	B602

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

Join our community on the Discord server.
Share tips, get advice, and collaborate on security best practices.

github-actions · 2025-05-23T15:41:14Z

🛡️ Bandit Scan Results Summary

We found 2 High, 2 Medium, and 1 Low severity issues.

Detailed Findings

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
⚪ MEDIUM	Probable insecure usage of temp file/directory.	sz_tools/_tool_helpers.py	764	MEDIUM	More Info	B108
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	688	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	671	HIGH	More Info	B602

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

Join our community on the Discord server.
Share tips, get advice, and collaborate on security best practices.

github-actions · 2025-05-23T15:48:44Z

🛡️ Bandit Scan Results Summary

We found 2 High, 2 Medium, and 1 Low severity issues.

Detailed Findings

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
⚪ MEDIUM	Probable insecure usage of temp file/directory.	sz_tools/_tool_helpers.py	764	MEDIUM	More Info	B108
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	688	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	671	HIGH	More Info	B602

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

Join our community on the Discord server.
Share tips, get advice, and collaborate on security best practices.

#176 nightly cron job for install testing

159bfeb

kernelsam requested a review from a team as a code owner May 23, 2025 15:28

update jscpd config

0b24816

update jscpd config

b67317c

update jscpd config

bc9f9ea

kernelsam assigned docktermj May 23, 2025

docktermj approved these changes May 24, 2025

View reviewed changes

docktermj merged commit 8b5670f into main May 24, 2025
26 of 82 checks passed

docktermj deleted the 176-skern branch May 24, 2025 00:05

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

#176 nightly cron job for install testing#177

#176 nightly cron job for install testing#177
docktermj merged 4 commits into
mainfrom
176-skern

kernelsam commented May 23, 2025

Uh oh!

github-actions Bot commented May 23, 2025

Uh oh!

github-actions Bot commented May 23, 2025

Uh oh!

github-actions Bot commented May 23, 2025

Uh oh!

github-actions Bot commented May 23, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

kernelsam commented May 23, 2025

Pull request questions

Which issue does this address

Uh oh!

github-actions Bot commented May 23, 2025

🛡️ Bandit Scan Results Summary

Detailed Findings

Uh oh!

github-actions Bot commented May 23, 2025

🛡️ Bandit Scan Results Summary

Detailed Findings

Uh oh!

github-actions Bot commented May 23, 2025

🛡️ Bandit Scan Results Summary

Detailed Findings

Uh oh!

github-actions Bot commented May 23, 2025

🛡️ Bandit Scan Results Summary

Detailed Findings

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants