bandit checker: mark false security issues - fix security issues (low severity)

author: Étienne Loks <etienne.loks@iggdrasil.net> 2023-04-11 12:27:23 +0200
committer: Étienne Loks <etienne.loks@iggdrasil.net> 2023-04-17 15:47:16 +0200
commit: 367059ddef14a495e277f68ceaf3455c092f839d (patch)
tree: ae625ff0265fecd122946c71d3a2d6afefae4817 /ishtar_common/utils.py
parent: ff5aee7158bd46e4ae22bc431adadd7060a6e277 (diff)
download: Ishtar-367059ddef14a495e277f68ceaf3455c092f839d.tar.bz2
Ishtar-367059ddef14a495e277f68ceaf3455c092f839d.zip
1 files changed, 10 insertions, 6 deletions
diff --git a/ishtar_common/utils.py b/ishtar_common/utils.py
index 91591e0b2..1757612ef 100644
--- a/ishtar_common/utils.py
+++ b/ishtar_common/utils.py
@@ -36,7 +36,8 @@ import requests
 from secretary import Renderer as MainSecretaryRenderer, UndefinedSilently
 import shutil
 import string
-import subprocess
+# nosec: no user input
+import subprocess  # nosec
 import sys
 import tempfile
 import time
@@ -751,7 +752,8 @@ def get_random_item_image_link(request):
     if not total:
         return ""
 
-    image_nb = random.randint(0, total - 1)
+    # nosec: not used for security/cryptographic purposes
+    image_nb = random.randint(0, total - 1)  # nosec
     return _get_image_link(q.all()[image_nb])
 
 
@@ -1413,7 +1415,8 @@ def generate_relation_graph(
     svg_tmp_name = tempdir + os.path.sep + "relations.svg"
 
     with open(svg_tmp_name, "w") as svg_file:
-        popen = subprocess.Popen(args, stdout=svg_file)
+        # nosec: no user input
+        popen = subprocess.Popen(args, stdout=svg_file)  # nosec
         popen.wait()
 
     # scale image if necessary
@@ -2132,7 +2135,8 @@ def generate_pdf_preview(item, save=True, tempdir=None, page_number=None):
                 item.associated_file.path, preview_tmp_name)
 
         try:
-            popen = subprocess.Popen(args)
+            # nosec: no user input
+            popen = subprocess.Popen(args)  # nosec
             popen.wait(timeout=5)
         except subprocess.SubprocessError:
             return
@@ -2183,7 +2187,7 @@ def create_osm_town(rel_id, name, numero_insee=None):
         retry += 1
         try:
             geojson = response.json()
-        except:
+        except requests.JSONDecodeError:
             requests.get(OSM_REFRESH_URL.format(rel_id))
             time.sleep(3)
     if not geojson:
@@ -2194,7 +2198,7 @@ def create_osm_town(rel_id, name, numero_insee=None):
         try:
             geojson_simplify = response.json()
             geojson = geojson_simplify
-        except:
+        except requests.JSONDecodeError:
             pass
     default = {"name": name}
     if not numero_insee:
author	Étienne Loks <etienne.loks@iggdrasil.net>	2023-04-11 12:27:23 +0200
committer	Étienne Loks <etienne.loks@iggdrasil.net>	2023-04-17 15:47:16 +0200
commit	367059ddef14a495e277f68ceaf3455c092f839d (patch)
tree	ae625ff0265fecd122946c71d3a2d6afefae4817 /ishtar_common/utils.py
parent	ff5aee7158bd46e4ae22bc431adadd7060a6e277 (diff)
download	Ishtar-367059ddef14a495e277f68ceaf3455c092f839d.tar.bz2 Ishtar-367059ddef14a495e277f68ceaf3455c092f839d.zip