Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -0,0 +1,10 @@ | |||
| import subprocess | |||
Check notice
Code scanning / Bandit
Consider possible security implications associated with the subprocess module.
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
| def install_js_deps(request): | ||
| if any("merkletreejs" in item.keywords for item in request.session.items): | ||
| print("Install js dependencies") | ||
| subprocess.run(["yarn"], cwd="./test/merkletreejs", check=True) |
Check notice
Code scanning / Bandit
Starting a process with a partial executable path
| def install_js_deps(request): | ||
| if any("merkletreejs" in item.keywords for item in request.session.items): | ||
| print("Install js dependencies") | ||
| subprocess.run(["yarn"], cwd="./test/merkletreejs", check=True) |
Check notice
Code scanning / Bandit
subprocess call - check for execution of untrusted input.
| def compile_rust_ffi(request): | ||
| if any("ffi" in item.keywords for item in request.session.items): | ||
| print("Compiling Rust FFI") | ||
| result = subprocess.run( |
Check notice
Code scanning / Bandit
subprocess call - check for execution of untrusted input.
| print("Status:", result.returncode) | ||
| print("Output:", result.stdout) | ||
| print("Error:", result.stderr) | ||
| assert result.returncode == 0, "Falha ao compilar o código Rust" |
Check notice
Code scanning / Bandit
Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
| root = tree.root | ||
| result = treers.make_root(leaves_bytes) | ||
|
|
||
| assert list(root) == list(result) |
Check notice
Code scanning / Bandit
Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
|
|
||
| proof = tree.proof("a") | ||
| result = treers.make_proof(leaves_bytes, leaves_bytes[0]) | ||
| assert proof == result |
Check notice
Code scanning / Bandit
Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
1 participant
No description provided.