Jit - Scan Code for Vulnerabilities Test #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

jit-ci wants to merge 1 commit into main from jit-security-demo-1f6f4a2c-f498-479c-a386-e98584254691

jit_code_vulnerability_test_file.py

Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		import subprocess
Check notice on line 1 in jit_code_vulnerability_test_file.py View check run for this annotation Codacy Production / Codacy Static Code Analysis jit_code_vulnerability_test_file.py#L1 `Consider possible security implications associated with the subprocess module.` Check warning on line 1 in jit_code_vulnerability_test_file.py View check run for this annotation Codacy Production / Codacy Static Code Analysis jit_code_vulnerability_test_file.py#L1 `Consider possible security implications associated with the subprocess module. (B404)`
		call_process = subprocess.Popen(['ls', '-l'], shell=True)
Check failure on line 2 in jit_code_vulnerability_test_file.py View check run for this annotation Codacy Production / Codacy Static Code Analysis jit_code_vulnerability_test_file.py#L2 `Found 'subprocess' function 'Popen' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process.` Check warning on line 2 in jit_code_vulnerability_test_file.py View check run for this annotation Codacy Production / Codacy Static Code Analysis jit_code_vulnerability_test_file.py#L2 Found `subprocess` function `Popen` with `shell=True`. This is dangerous because this call will spawn the command using a shell process. Check warning on line 2 in jit_code_vulnerability_test_file.py View check run for this annotation Codacy Production / Codacy Static Code Analysis jit_code_vulnerability_test_file.py#L2 `Starting a process with a partial executable path` Check warning on line 2 in jit_code_vulnerability_test_file.py View check run for this annotation Codacy Production / Codacy Static Code Analysis jit_code_vulnerability_test_file.py#L2 `Starting a process with a partial executable path (B607)` Check warning on line 2 in jit_code_vulnerability_test_file.py View check run for this annotation Codacy Production / Codacy Static Code Analysis jit_code_vulnerability_test_file.py#L2 `subprocess call with shell=True identified, security issue.` Check warning on line 2 in jit_code_vulnerability_test_file.py View check run for this annotation Codacy Production / Codacy Static Code Analysis jit_code_vulnerability_test_file.py#L2 `subprocess call with shell=True identified, security issue. (B602)`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Jit - Scan Code for Vulnerabilities Test #2

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Jit - Scan Code for Vulnerabilities Test #2

Are you sure you want to change the base?

Uh oh!

Jit - Scan Code for Vulnerabilities Test #2

Uh oh!

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis

Codacy Production / Codacy Static Code Analysis