Skip to content

Add jarrod tracking logic #106

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lperry022 merged 3 commits into from
Sep 26, 2025
Merged

Add jarrod tracking logic #106

lperry022 merged 3 commits into from
Sep 26, 2025

Conversation

@JarrodG98
Copy link

@JarrodG98 JarrodG98 commented Sep 23, 2025

Update to move annotation and analysis scripts into correct folder Player_Tracking/afl_player_tracking_and_crowd_monitoring/player_tracking_logic.

No changes made to code

@github-actions
Copy link

github-actions bot commented Sep 23, 2025

🔒 Security Scan Results

🔒 Security Scan Results
=========================

Bandit Scan Results:
-------------------
Run started:2025-09-23 06:25:46.611272

Test results:
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Player_Tracking/YOLOV3_Model/YOLOV3/utils/utils.py:468:8
467	    # Strip optimizer from *.pt files for lighter files (reduced by 2/3 size)
468	    a = torch.load(filename, map_location='cpu')
469	    a['optimizer'] = []

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Player_Tracking/tennis_tracking/court_line_detector/court_line_detector.py:10:35
9	        self.model.fc = torch.nn.Linear(self.model.fc.in_features,14*2)
10	        self.model.load_state_dict(torch.load(model_path,map_location='cpu'))
11	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Player_Tracking/tennis_tracking/trackers/ball_tracker.py:61:34
60	            with open(stub_path,'rb') as f:
61	                ball_detections = pickle.load(f)
62	            return ball_detections

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Player_Tracking/tennis_tracking/trackers/player_tracker.py:53:36
52	            with open(stub_path,'rb') as f:
53	                player_detections = pickle.load(f)
54	            return player_detections

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:44:49
43	    coco_names = os.getenv('COCO_NAMES')
44	    tmp_output_dir = os.getenv('TMP_OUTPUT_DIR', '/tmp')
45	

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:48:12
47	        if not os.path.exists(yolo_config):
48	            urllib.request.urlretrieve("https://raw.githubusercontent.com/AlexeyAB/darknet/master/cfg/yolov4.cfg", yolo_config)
49	        if not os.path.exists(yolo_weights):

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:50:12
49	        if not os.path.exists(yolo_weights):
50	            urllib.request.urlretrieve("https://github.com/AlexeyAB/darknet/releases/download/yolov4/yolov4.weights", yolo_weights)
51	        if not os.path.exists(coco_names):

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:52:12
51	        if not os.path.exists(coco_names):
52	            urllib.request.urlretrieve("https://raw.githubusercontent.com/pjreddie/darknet/master/data/coco.names", coco_names)
53	    except Exception as e:

--------------------------------------------------
>> Issue: [B113:request_without_timeout] Call to requests without timeout
   Severity: Medium   Confidence: Low
   CWE: CWE-400 (https://cwe.mitre.org/data/definitions/400.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b113_request_without_timeout.html
   Location: ./data_streaming_backend/api.py:216:19
215	        validate_url(health_url)
216	        response = requests.get(health_url)
217	        if response.status_code == 200:

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:16:16
15	    'RESULTS_TOPIC': 'face_results',
16	    'YOLO_CFG': '/tmp/yolov4-face.cfg',
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:17:20
16	    'YOLO_CFG': '/tmp/yolov4-face.cfg',
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:18:18
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:19:17
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:20:17
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request
31	    from PIL import Image

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:21:21
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request
31	    from PIL import Image
32	    from kafka import KafkaConsumer, KafkaProducer

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/detect_faces_and_features.py:36:12
35	        if not os.path.exists(path):
36	            urllib.request.urlretrieve(url, path)
37	

--------------------------------------------------

Code scanned:
	Total lines of code: 8863
	Total lines skipped (#nosec): 4
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 43
		Medium: 16
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 1
		Medium: 7
		High: 51
Files skipped (0):

No critical security issues detected.

The code has passed all critical security checks.

@JarrodG98 JarrodG98 force-pushed the add-jarrod-tracking-logic branch from 8a53a1b to 7d528ad Compare September 23, 2025 06:40
@github-actions
Copy link

github-actions bot commented Sep 23, 2025

🔒 Security Scan Results

🔒 Security Scan Results
=========================

Bandit Scan Results:
-------------------
Run started:2025-09-23 06:41:48.740704

Test results:
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:55:25
54	        # Create tokenizer
55	        self.tokenizer = AutoTokenizer.from_pretrained(
56	            self.args.version,
57	            cache_dir=None,
58	            model_max_length=self.args.model_max_length,
59	            padding_side="right",
60	            use_fast=False,
61	        )
62	        self.tokenizer.pad_token = self.tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:139:36
138	        # Initialize processors
139	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(self.model.config.vision_tower)
140	        self.transform = ResizeLongestSide(self.args.image_size)

--------------------------------------------------
>> Issue: [B104:hardcoded_bind_all_interfaces] Possible binding to all interfaces.
   Severity: Medium   Confidence: Medium
   CWE: CWE-605 (https://cwe.mitre.org/data/definitions/605.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b104_hardcoded_bind_all_interfaces.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:412:20
411	    demo.launch(
412	        server_name="0.0.0.0",
413	        server_port=7860,

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/chat.py:71:16
70	    # Create model
71	    tokenizer = AutoTokenizer.from_pretrained(
72	        args.version,
73	        cache_dir=None,
74	        model_max_length=args.model_max_length,
75	        padding_side="right",
76	        use_fast=False,
77	    )
78	    tokenizer.pad_token = tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/chat.py:149:27
148	
149	    clip_image_processor = CLIPImageProcessor.from_pretrained(model.config.vision_tower)
150	    transform = ResizeLongestSide(args.image_size)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/csrnet/run.py:23:13
22	
23	checkpoint = torch.load('weights.pth', map_location="cpu")
24	model.load_state_dict(checkpoint)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/csrnet_service.py:22:21
21	        self.model = CSRNet().to(self.device)
22	        checkpoint = torch.load(weights_path, map_location=self.device)
23	        self.model.load_state_dict(checkpoint)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/lisa_segmentor.py:55:25
54	        # Tokenizer
55	        self.tokenizer = AutoTokenizer.from_pretrained(
56	            self.args.version,
57	            cache_dir=None,
58	            model_max_length=self.args.model_max_length,
59	            padding_side="right",
60	            use_fast=False,
61	        )
62	        self.tokenizer.pad_token = self.tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/lisa_segmentor.py:147:36
146	
147	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(self.model.config.vision_tower)
148	        self.transform = ResizeLongestSide(self.args.image_size)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/apply_delta.py:15:11
14	    print("Loading base model")
15	    base = AutoModelForCausalLM.from_pretrained(
16	        base_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
17	    )
18	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/apply_delta.py:23:22
22	    )
23	    delta_tokenizer = AutoTokenizer.from_pretrained(delta_path)
24	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/consolidate.py:16:16
15	    auto_upgrade(src_path)
16	    src_model = AutoModelForCausalLM.from_pretrained(
17	        src_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
18	    )
19	    src_tokenizer = AutoTokenizer.from_pretrained(src_path, use_fast=False)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/consolidate.py:19:20
18	    )
19	    src_tokenizer = AutoTokenizer.from_pretrained(src_path, use_fast=False)
20	    src_model.save_pretrained(dst_path)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/llava_arch.py:69:35
68	        if pretrain_mm_mlp_adapter is not None:
69	            mm_projector_weights = torch.load(
70	                pretrain_mm_mlp_adapter, map_location="cpu"
71	            )
72	

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/llava_arch.py:378:39
377	            if model_args.pretrain_mm_mlp_adapter:
378	                mm_projector_weights = torch.load(
379	                    model_args.pretrain_mm_mlp_adapter, map_location="cpu"
380	                )
381	                embed_tokens_weight = mm_projector_weights["model.embed_tokens.weight"]

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:15:11
14	    print("Loading base model")
15	    base = AutoModelForCausalLM.from_pretrained(
16	        base_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
17	    )
18	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:21:13
20	    auto_upgrade(target_model_path)
21	    target = AutoModelForCausalLM.from_pretrained(
22	        target_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
23	    )
24	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:49:23
48	    target.save_pretrained(delta_path, **kwargs)
49	    target_tokenizer = AutoTokenizer.from_pretrained(target_model_path)
50	    target_tokenizer.save_pretrained(delta_path, **kwargs)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:19:28
18	        else:
19	            self.cfg_only = CLIPVisionConfig.from_pretrained(self.vision_tower_name)
20	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:22:31
21	    def load_model(self):
22	        self.image_processor = CLIPImageProcessor.from_pretrained(
23	            self.vision_tower_name
24	        )
25	        self.vision_tower = CLIPVisionModel.from_pretrained(

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:25:28
24	        )
25	        self.vision_tower = CLIPVisionModel.from_pretrained(
26	            self.vision_tower_name, low_cpu_mem_usage=True
27	        )
28	        self.vision_tower.requires_grad_(False)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/utils.py:5:10
4	def auto_upgrade(config):
5	    cfg = AutoConfig.from_pretrained(config)
6	    if "llava" in config and "llava" not in cfg.model_type:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:847:21
846	        if "mpt" in model_args.model_name_or_path:
847	            config = transformers.AutoConfig.from_pretrained(
848	                model_args.model_name_or_path, trust_remote_code=True
849	            )
850	            config.attn_config["attn_impl"] = training_args.mpt_attn_impl

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:864:16
863	    else:
864	        model = transformers.LlamaForCausalLM.from_pretrained(
865	            model_args.model_name_or_path,
866	            cache_dir=training_args.cache_dir,
867	            **bnb_model_from_pretrained_args,
868	        )
869	    model.config.use_cache = False

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:916:20
915	    if "mpt" in model_args.model_name_or_path:
916	        tokenizer = transformers.AutoTokenizer.from_pretrained(
917	            model_args.model_name_or_path,
918	            cache_dir=training_args.cache_dir,
919	            model_max_length=training_args.model_max_length,
920	            padding_side="right",
921	        )
922	    else:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:923:20
922	    else:
923	        tokenizer = transformers.AutoTokenizer.from_pretrained(
924	            model_args.model_name_or_path,
925	            cache_dir=training_args.cache_dir,
926	            model_max_length=training_args.model_max_length,
927	            padding_side="right",
928	            use_fast=False,
929	        )
930	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/dataset.py:333:36
332	        self.transform = ResizeLongestSide(image_size)
333	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
334	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/grefer.py:55:32
54	        if osp.exists(ref_file):
55	            self.data["refs"] = pickle.load(open(ref_file, "rb"), fix_imports=True)
56	        else:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/reason_seg_dataset.py:51:36
50	        self.transform = ResizeLongestSide(image_size)
51	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
52	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/refer.py:68:28
67	        self.data["dataset"] = dataset
68	        self.data["refs"] = pickle.load(open(ref_file, "rb"))
69	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/refer_seg_dataset.py:46:36
45	        self.transform = ResizeLongestSide(image_size)
46	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
47	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/sem_seg_dataset.py:154:36
153	        self.transform = ResizeLongestSide(image_size)
154	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
155	

--------------------------------------------------
>> Issue: [B307:blacklist] Use of possibly insecure function - consider using safer ast.literal_eval.
   Severity: Medium   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b307-eval
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/sem_seg_dataset.py:164:38
163	        for ds in self.sem_seg_datas:
164	            classes, images, labels = eval("init_{}".format(ds))(base_image_dir)
165	            self.data2list[ds] = (images, labels)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/vqa_dataset.py:58:36
57	        self.transform = ResizeLongestSide(image_size)
58	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
59	

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Player_Tracking/YOLOV3_Model/YOLOV3/utils/utils.py:468:8
467	    # Strip optimizer from *.pt files for lighter files (reduced by 2/3 size)
468	    a = torch.load(filename, map_location='cpu')
469	    a['optimizer'] = []

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Player_Tracking/tennis_tracking/court_line_detector/court_line_detector.py:10:35
9	        self.model.fc = torch.nn.Linear(self.model.fc.in_features,14*2)
10	        self.model.load_state_dict(torch.load(model_path,map_location='cpu'))
11	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Player_Tracking/tennis_tracking/trackers/ball_tracker.py:61:34
60	            with open(stub_path,'rb') as f:
61	                ball_detections = pickle.load(f)
62	            return ball_detections

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Player_Tracking/tennis_tracking/trackers/player_tracker.py:53:36
52	            with open(stub_path,'rb') as f:
53	                player_detections = pickle.load(f)
54	            return player_detections

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:44:49
43	    coco_names = os.getenv('COCO_NAMES')
44	    tmp_output_dir = os.getenv('TMP_OUTPUT_DIR', '/tmp')
45	

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:48:12
47	        if not os.path.exists(yolo_config):
48	            urllib.request.urlretrieve("https://raw.githubusercontent.com/AlexeyAB/darknet/master/cfg/yolov4.cfg", yolo_config)
49	        if not os.path.exists(yolo_weights):

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:50:12
49	        if not os.path.exists(yolo_weights):
50	            urllib.request.urlretrieve("https://github.com/AlexeyAB/darknet/releases/download/yolov4/yolov4.weights", yolo_weights)
51	        if not os.path.exists(coco_names):

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:52:12
51	        if not os.path.exists(coco_names):
52	            urllib.request.urlretrieve("https://raw.githubusercontent.com/pjreddie/darknet/master/data/coco.names", coco_names)
53	    except Exception as e:

--------------------------------------------------
>> Issue: [B113:request_without_timeout] Call to requests without timeout
   Severity: Medium   Confidence: Low
   CWE: CWE-400 (https://cwe.mitre.org/data/definitions/400.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b113_request_without_timeout.html
   Location: ./data_streaming_backend/api.py:216:19
215	        validate_url(health_url)
216	        response = requests.get(health_url)
217	        if response.status_code == 200:

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:16:16
15	    'RESULTS_TOPIC': 'face_results',
16	    'YOLO_CFG': '/tmp/yolov4-face.cfg',
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:17:20
16	    'YOLO_CFG': '/tmp/yolov4-face.cfg',
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:18:18
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:19:17
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:20:17
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request
31	    from PIL import Image

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:21:21
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request
31	    from PIL import Image
32	    from kafka import KafkaConsumer, KafkaProducer

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/detect_faces_and_features.py:36:12
35	        if not os.path.exists(path):
36	            urllib.request.urlretrieve(url, path)
37	

--------------------------------------------------

Code scanned:
	Total lines of code: 21714
	Total lines skipped (#nosec): 4
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 183
		Medium: 50
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 1
		Medium: 18
		High: 214
Files skipped (0):

No critical security issues detected.

The code has passed all critical security checks.

@JarrodG98 JarrodG98 force-pushed the add-jarrod-tracking-logic branch from 7d528ad to f34567b Compare September 23, 2025 06:45
@github-actions
Copy link

github-actions bot commented Sep 23, 2025

🔒 Security Scan Results

🔒 Security Scan Results
=========================

Bandit Scan Results:
-------------------
Run started:2025-09-23 06:46:28.347485

Test results:
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:55:25
54	        # Create tokenizer
55	        self.tokenizer = AutoTokenizer.from_pretrained(
56	            self.args.version,
57	            cache_dir=None,
58	            model_max_length=self.args.model_max_length,
59	            padding_side="right",
60	            use_fast=False,
61	        )
62	        self.tokenizer.pad_token = self.tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:139:36
138	        # Initialize processors
139	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(self.model.config.vision_tower)
140	        self.transform = ResizeLongestSide(self.args.image_size)

--------------------------------------------------
>> Issue: [B104:hardcoded_bind_all_interfaces] Possible binding to all interfaces.
   Severity: Medium   Confidence: Medium
   CWE: CWE-605 (https://cwe.mitre.org/data/definitions/605.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b104_hardcoded_bind_all_interfaces.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:412:20
411	    demo.launch(
412	        server_name="0.0.0.0",
413	        server_port=7860,

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/chat.py:71:16
70	    # Create model
71	    tokenizer = AutoTokenizer.from_pretrained(
72	        args.version,
73	        cache_dir=None,
74	        model_max_length=args.model_max_length,
75	        padding_side="right",
76	        use_fast=False,
77	    )
78	    tokenizer.pad_token = tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/chat.py:149:27
148	
149	    clip_image_processor = CLIPImageProcessor.from_pretrained(model.config.vision_tower)
150	    transform = ResizeLongestSide(args.image_size)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/csrnet/run.py:23:13
22	
23	checkpoint = torch.load('weights.pth', map_location="cpu")
24	model.load_state_dict(checkpoint)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/csrnet_service.py:22:21
21	        self.model = CSRNet().to(self.device)
22	        checkpoint = torch.load(weights_path, map_location=self.device)
23	        self.model.load_state_dict(checkpoint)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/lisa_segmentor.py:55:25
54	        # Tokenizer
55	        self.tokenizer = AutoTokenizer.from_pretrained(
56	            self.args.version,
57	            cache_dir=None,
58	            model_max_length=self.args.model_max_length,
59	            padding_side="right",
60	            use_fast=False,
61	        )
62	        self.tokenizer.pad_token = self.tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/lisa_segmentor.py:147:36
146	
147	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(self.model.config.vision_tower)
148	        self.transform = ResizeLongestSide(self.args.image_size)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/apply_delta.py:15:11
14	    print("Loading base model")
15	    base = AutoModelForCausalLM.from_pretrained(
16	        base_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
17	    )
18	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/apply_delta.py:23:22
22	    )
23	    delta_tokenizer = AutoTokenizer.from_pretrained(delta_path)
24	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/consolidate.py:16:16
15	    auto_upgrade(src_path)
16	    src_model = AutoModelForCausalLM.from_pretrained(
17	        src_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
18	    )
19	    src_tokenizer = AutoTokenizer.from_pretrained(src_path, use_fast=False)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/consolidate.py:19:20
18	    )
19	    src_tokenizer = AutoTokenizer.from_pretrained(src_path, use_fast=False)
20	    src_model.save_pretrained(dst_path)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/llava_arch.py:69:35
68	        if pretrain_mm_mlp_adapter is not None:
69	            mm_projector_weights = torch.load(
70	                pretrain_mm_mlp_adapter, map_location="cpu"
71	            )
72	

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/llava_arch.py:378:39
377	            if model_args.pretrain_mm_mlp_adapter:
378	                mm_projector_weights = torch.load(
379	                    model_args.pretrain_mm_mlp_adapter, map_location="cpu"
380	                )
381	                embed_tokens_weight = mm_projector_weights["model.embed_tokens.weight"]

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:15:11
14	    print("Loading base model")
15	    base = AutoModelForCausalLM.from_pretrained(
16	        base_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
17	    )
18	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:21:13
20	    auto_upgrade(target_model_path)
21	    target = AutoModelForCausalLM.from_pretrained(
22	        target_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
23	    )
24	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:49:23
48	    target.save_pretrained(delta_path, **kwargs)
49	    target_tokenizer = AutoTokenizer.from_pretrained(target_model_path)
50	    target_tokenizer.save_pretrained(delta_path, **kwargs)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:19:28
18	        else:
19	            self.cfg_only = CLIPVisionConfig.from_pretrained(self.vision_tower_name)
20	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:22:31
21	    def load_model(self):
22	        self.image_processor = CLIPImageProcessor.from_pretrained(
23	            self.vision_tower_name
24	        )
25	        self.vision_tower = CLIPVisionModel.from_pretrained(

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:25:28
24	        )
25	        self.vision_tower = CLIPVisionModel.from_pretrained(
26	            self.vision_tower_name, low_cpu_mem_usage=True
27	        )
28	        self.vision_tower.requires_grad_(False)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/utils.py:5:10
4	def auto_upgrade(config):
5	    cfg = AutoConfig.from_pretrained(config)
6	    if "llava" in config and "llava" not in cfg.model_type:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:847:21
846	        if "mpt" in model_args.model_name_or_path:
847	            config = transformers.AutoConfig.from_pretrained(
848	                model_args.model_name_or_path, trust_remote_code=True
849	            )
850	            config.attn_config["attn_impl"] = training_args.mpt_attn_impl

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:864:16
863	    else:
864	        model = transformers.LlamaForCausalLM.from_pretrained(
865	            model_args.model_name_or_path,
866	            cache_dir=training_args.cache_dir,
867	            **bnb_model_from_pretrained_args,
868	        )
869	    model.config.use_cache = False

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:916:20
915	    if "mpt" in model_args.model_name_or_path:
916	        tokenizer = transformers.AutoTokenizer.from_pretrained(
917	            model_args.model_name_or_path,
918	            cache_dir=training_args.cache_dir,
919	            model_max_length=training_args.model_max_length,
920	            padding_side="right",
921	        )
922	    else:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:923:20
922	    else:
923	        tokenizer = transformers.AutoTokenizer.from_pretrained(
924	            model_args.model_name_or_path,
925	            cache_dir=training_args.cache_dir,
926	            model_max_length=training_args.model_max_length,
927	            padding_side="right",
928	            use_fast=False,
929	        )
930	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/dataset.py:333:36
332	        self.transform = ResizeLongestSide(image_size)
333	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
334	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/grefer.py:55:32
54	        if osp.exists(ref_file):
55	            self.data["refs"] = pickle.load(open(ref_file, "rb"), fix_imports=True)
56	        else:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/reason_seg_dataset.py:51:36
50	        self.transform = ResizeLongestSide(image_size)
51	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
52	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/refer.py:68:28
67	        self.data["dataset"] = dataset
68	        self.data["refs"] = pickle.load(open(ref_file, "rb"))
69	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/refer_seg_dataset.py:46:36
45	        self.transform = ResizeLongestSide(image_size)
46	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
47	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/sem_seg_dataset.py:154:36
153	        self.transform = ResizeLongestSide(image_size)
154	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
155	

--------------------------------------------------
>> Issue: [B307:blacklist] Use of possibly insecure function - consider using safer ast.literal_eval.
   Severity: Medium   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b307-eval
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/sem_seg_dataset.py:164:38
163	        for ds in self.sem_seg_datas:
164	            classes, images, labels = eval("init_{}".format(ds))(base_image_dir)
165	            self.data2list[ds] = (images, labels)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/vqa_dataset.py:58:36
57	        self.transform = ResizeLongestSide(image_size)
58	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
59	

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Player_Tracking/YOLOV3_Model/YOLOV3/utils/utils.py:468:8
467	    # Strip optimizer from *.pt files for lighter files (reduced by 2/3 size)
468	    a = torch.load(filename, map_location='cpu')
469	    a['optimizer'] = []

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Player_Tracking/tennis_tracking/court_line_detector/court_line_detector.py:10:35
9	        self.model.fc = torch.nn.Linear(self.model.fc.in_features,14*2)
10	        self.model.load_state_dict(torch.load(model_path,map_location='cpu'))
11	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Player_Tracking/tennis_tracking/trackers/ball_tracker.py:61:34
60	            with open(stub_path,'rb') as f:
61	                ball_detections = pickle.load(f)
62	            return ball_detections

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Player_Tracking/tennis_tracking/trackers/player_tracker.py:53:36
52	            with open(stub_path,'rb') as f:
53	                player_detections = pickle.load(f)
54	            return player_detections

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:44:49
43	    coco_names = os.getenv('COCO_NAMES')
44	    tmp_output_dir = os.getenv('TMP_OUTPUT_DIR', '/tmp')
45	

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:48:12
47	        if not os.path.exists(yolo_config):
48	            urllib.request.urlretrieve("https://raw.githubusercontent.com/AlexeyAB/darknet/master/cfg/yolov4.cfg", yolo_config)
49	        if not os.path.exists(yolo_weights):

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:50:12
49	        if not os.path.exists(yolo_weights):
50	            urllib.request.urlretrieve("https://github.com/AlexeyAB/darknet/releases/download/yolov4/yolov4.weights", yolo_weights)
51	        if not os.path.exists(coco_names):

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:52:12
51	        if not os.path.exists(coco_names):
52	            urllib.request.urlretrieve("https://raw.githubusercontent.com/pjreddie/darknet/master/data/coco.names", coco_names)
53	    except Exception as e:

--------------------------------------------------
>> Issue: [B113:request_without_timeout] Call to requests without timeout
   Severity: Medium   Confidence: Low
   CWE: CWE-400 (https://cwe.mitre.org/data/definitions/400.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b113_request_without_timeout.html
   Location: ./data_streaming_backend/api.py:216:19
215	        validate_url(health_url)
216	        response = requests.get(health_url)
217	        if response.status_code == 200:

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:16:16
15	    'RESULTS_TOPIC': 'face_results',
16	    'YOLO_CFG': '/tmp/yolov4-face.cfg',
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:17:20
16	    'YOLO_CFG': '/tmp/yolov4-face.cfg',
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:18:18
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:19:17
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:20:17
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request
31	    from PIL import Image

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:21:21
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request
31	    from PIL import Image
32	    from kafka import KafkaConsumer, KafkaProducer

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/detect_faces_and_features.py:36:12
35	        if not os.path.exists(path):
36	            urllib.request.urlretrieve(url, path)
37	

--------------------------------------------------

Code scanned:
	Total lines of code: 22016
	Total lines skipped (#nosec): 4
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 183
		Medium: 50
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 1
		Medium: 18
		High: 214
Files skipped (0):

No critical security issues detected.

The code has passed all critical security checks.

@github-actions
Copy link

github-actions bot commented Sep 23, 2025

🔒 Security Scan Results

🔒 Security Scan Results
=========================

Bandit Scan Results:
-------------------
Run started:2025-09-23 07:01:03.184931

Test results:
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:55:25
54	        # Create tokenizer
55	        self.tokenizer = AutoTokenizer.from_pretrained(
56	            self.args.version,
57	            cache_dir=None,
58	            model_max_length=self.args.model_max_length,
59	            padding_side="right",
60	            use_fast=False,
61	        )
62	        self.tokenizer.pad_token = self.tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:139:36
138	        # Initialize processors
139	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(self.model.config.vision_tower)
140	        self.transform = ResizeLongestSide(self.args.image_size)

--------------------------------------------------
>> Issue: [B104:hardcoded_bind_all_interfaces] Possible binding to all interfaces.
   Severity: Medium   Confidence: Medium
   CWE: CWE-605 (https://cwe.mitre.org/data/definitions/605.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b104_hardcoded_bind_all_interfaces.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:412:20
411	    demo.launch(
412	        server_name="0.0.0.0",
413	        server_port=7860,

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/chat.py:71:16
70	    # Create model
71	    tokenizer = AutoTokenizer.from_pretrained(
72	        args.version,
73	        cache_dir=None,
74	        model_max_length=args.model_max_length,
75	        padding_side="right",
76	        use_fast=False,
77	    )
78	    tokenizer.pad_token = tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/chat.py:149:27
148	
149	    clip_image_processor = CLIPImageProcessor.from_pretrained(model.config.vision_tower)
150	    transform = ResizeLongestSide(args.image_size)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/csrnet/run.py:23:13
22	
23	checkpoint = torch.load('weights.pth', map_location="cpu")
24	model.load_state_dict(checkpoint)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/csrnet_service.py:22:21
21	        self.model = CSRNet().to(self.device)
22	        checkpoint = torch.load(weights_path, map_location=self.device)
23	        self.model.load_state_dict(checkpoint)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/lisa_segmentor.py:55:25
54	        # Tokenizer
55	        self.tokenizer = AutoTokenizer.from_pretrained(
56	            self.args.version,
57	            cache_dir=None,
58	            model_max_length=self.args.model_max_length,
59	            padding_side="right",
60	            use_fast=False,
61	        )
62	        self.tokenizer.pad_token = self.tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/lisa_segmentor.py:147:36
146	
147	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(self.model.config.vision_tower)
148	        self.transform = ResizeLongestSide(self.args.image_size)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/apply_delta.py:15:11
14	    print("Loading base model")
15	    base = AutoModelForCausalLM.from_pretrained(
16	        base_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
17	    )
18	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/apply_delta.py:23:22
22	    )
23	    delta_tokenizer = AutoTokenizer.from_pretrained(delta_path)
24	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/consolidate.py:16:16
15	    auto_upgrade(src_path)
16	    src_model = AutoModelForCausalLM.from_pretrained(
17	        src_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
18	    )
19	    src_tokenizer = AutoTokenizer.from_pretrained(src_path, use_fast=False)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/consolidate.py:19:20
18	    )
19	    src_tokenizer = AutoTokenizer.from_pretrained(src_path, use_fast=False)
20	    src_model.save_pretrained(dst_path)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/llava_arch.py:69:35
68	        if pretrain_mm_mlp_adapter is not None:
69	            mm_projector_weights = torch.load(
70	                pretrain_mm_mlp_adapter, map_location="cpu"
71	            )
72	

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/llava_arch.py:378:39
377	            if model_args.pretrain_mm_mlp_adapter:
378	                mm_projector_weights = torch.load(
379	                    model_args.pretrain_mm_mlp_adapter, map_location="cpu"
380	                )
381	                embed_tokens_weight = mm_projector_weights["model.embed_tokens.weight"]

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:15:11
14	    print("Loading base model")
15	    base = AutoModelForCausalLM.from_pretrained(
16	        base_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
17	    )
18	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:21:13
20	    auto_upgrade(target_model_path)
21	    target = AutoModelForCausalLM.from_pretrained(
22	        target_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
23	    )
24	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:49:23
48	    target.save_pretrained(delta_path, **kwargs)
49	    target_tokenizer = AutoTokenizer.from_pretrained(target_model_path)
50	    target_tokenizer.save_pretrained(delta_path, **kwargs)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:19:28
18	        else:
19	            self.cfg_only = CLIPVisionConfig.from_pretrained(self.vision_tower_name)
20	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:22:31
21	    def load_model(self):
22	        self.image_processor = CLIPImageProcessor.from_pretrained(
23	            self.vision_tower_name
24	        )
25	        self.vision_tower = CLIPVisionModel.from_pretrained(

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:25:28
24	        )
25	        self.vision_tower = CLIPVisionModel.from_pretrained(
26	            self.vision_tower_name, low_cpu_mem_usage=True
27	        )
28	        self.vision_tower.requires_grad_(False)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/utils.py:5:10
4	def auto_upgrade(config):
5	    cfg = AutoConfig.from_pretrained(config)
6	    if "llava" in config and "llava" not in cfg.model_type:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:847:21
846	        if "mpt" in model_args.model_name_or_path:
847	            config = transformers.AutoConfig.from_pretrained(
848	                model_args.model_name_or_path, trust_remote_code=True
849	            )
850	            config.attn_config["attn_impl"] = training_args.mpt_attn_impl

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:864:16
863	    else:
864	        model = transformers.LlamaForCausalLM.from_pretrained(
865	            model_args.model_name_or_path,
866	            cache_dir=training_args.cache_dir,
867	            **bnb_model_from_pretrained_args,
868	        )
869	    model.config.use_cache = False

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:916:20
915	    if "mpt" in model_args.model_name_or_path:
916	        tokenizer = transformers.AutoTokenizer.from_pretrained(
917	            model_args.model_name_or_path,
918	            cache_dir=training_args.cache_dir,
919	            model_max_length=training_args.model_max_length,
920	            padding_side="right",
921	        )
922	    else:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:923:20
922	    else:
923	        tokenizer = transformers.AutoTokenizer.from_pretrained(
924	            model_args.model_name_or_path,
925	            cache_dir=training_args.cache_dir,
926	            model_max_length=training_args.model_max_length,
927	            padding_side="right",
928	            use_fast=False,
929	        )
930	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/dataset.py:333:36
332	        self.transform = ResizeLongestSide(image_size)
333	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
334	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/grefer.py:55:32
54	        if osp.exists(ref_file):
55	            self.data["refs"] = pickle.load(open(ref_file, "rb"), fix_imports=True)
56	        else:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/reason_seg_dataset.py:51:36
50	        self.transform = ResizeLongestSide(image_size)
51	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
52	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/refer.py:68:28
67	        self.data["dataset"] = dataset
68	        self.data["refs"] = pickle.load(open(ref_file, "rb"))
69	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/refer_seg_dataset.py:46:36
45	        self.transform = ResizeLongestSide(image_size)
46	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
47	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/sem_seg_dataset.py:154:36
153	        self.transform = ResizeLongestSide(image_size)
154	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
155	

--------------------------------------------------
>> Issue: [B307:blacklist] Use of possibly insecure function - consider using safer ast.literal_eval.
   Severity: Medium   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b307-eval
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/sem_seg_dataset.py:164:38
163	        for ds in self.sem_seg_datas:
164	            classes, images, labels = eval("init_{}".format(ds))(base_image_dir)
165	            self.data2list[ds] = (images, labels)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/vqa_dataset.py:58:36
57	        self.transform = ResizeLongestSide(image_size)
58	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
59	

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Player_Tracking/YOLOV3_Model/YOLOV3/utils/utils.py:468:8
467	    # Strip optimizer from *.pt files for lighter files (reduced by 2/3 size)
468	    a = torch.load(filename, map_location='cpu')
469	    a['optimizer'] = []

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Player_Tracking/tennis_tracking/court_line_detector/court_line_detector.py:10:35
9	        self.model.fc = torch.nn.Linear(self.model.fc.in_features,14*2)
10	        self.model.load_state_dict(torch.load(model_path,map_location='cpu'))
11	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Player_Tracking/tennis_tracking/trackers/ball_tracker.py:61:34
60	            with open(stub_path,'rb') as f:
61	                ball_detections = pickle.load(f)
62	            return ball_detections

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Player_Tracking/tennis_tracking/trackers/player_tracker.py:53:36
52	            with open(stub_path,'rb') as f:
53	                player_detections = pickle.load(f)
54	            return player_detections

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:44:49
43	    coco_names = os.getenv('COCO_NAMES')
44	    tmp_output_dir = os.getenv('TMP_OUTPUT_DIR', '/tmp')
45	

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:48:12
47	        if not os.path.exists(yolo_config):
48	            urllib.request.urlretrieve("https://raw.githubusercontent.com/AlexeyAB/darknet/master/cfg/yolov4.cfg", yolo_config)
49	        if not os.path.exists(yolo_weights):

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:50:12
49	        if not os.path.exists(yolo_weights):
50	            urllib.request.urlretrieve("https://github.com/AlexeyAB/darknet/releases/download/yolov4/yolov4.weights", yolo_weights)
51	        if not os.path.exists(coco_names):

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:52:12
51	        if not os.path.exists(coco_names):
52	            urllib.request.urlretrieve("https://raw.githubusercontent.com/pjreddie/darknet/master/data/coco.names", coco_names)
53	    except Exception as e:

--------------------------------------------------
>> Issue: [B113:request_without_timeout] Call to requests without timeout
   Severity: Medium   Confidence: Low
   CWE: CWE-400 (https://cwe.mitre.org/data/definitions/400.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b113_request_without_timeout.html
   Location: ./data_streaming_backend/api.py:216:19
215	        validate_url(health_url)
216	        response = requests.get(health_url)
217	        if response.status_code == 200:

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:16:16
15	    'RESULTS_TOPIC': 'face_results',
16	    'YOLO_CFG': '/tmp/yolov4-face.cfg',
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:17:20
16	    'YOLO_CFG': '/tmp/yolov4-face.cfg',
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:18:18
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:19:17
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:20:17
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request
31	    from PIL import Image

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:21:21
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request
31	    from PIL import Image
32	    from kafka import KafkaConsumer, KafkaProducer

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/detect_faces_and_features.py:36:12
35	        if not os.path.exists(path):
36	            urllib.request.urlretrieve(url, path)
37	

--------------------------------------------------

Code scanned:
	Total lines of code: 22016
	Total lines skipped (#nosec): 4
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 183
		Medium: 50
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 1
		Medium: 18
		High: 214
Files skipped (0):

No critical security issues detected.

The code has passed all critical security checks.

@JarrodG98
Copy link
Author

JarrodG98 commented Sep 23, 2025

Updated gitignore and added README.md

@lperry022 lperry022 self-assigned this Sep 24, 2025
lperry022
lperry022 reviewed Sep 24, 2025
View reviewed changes
Copy link
Contributor

@lperry022 lperry022 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The script runs, but the metric logic needs improvement before approval. Currently only one event_name column is used, so true positives/false positives/false negatives aren’t calculated correctly. fp is hard-coded to 0 and (no_event) always returns perfect scores, which makes the results misleading. Consider updating the script to compare separate ground truth vs predicted columns and compute TP/FP/FN properly.

@github-actions
Copy link

github-actions bot commented Sep 24, 2025

🔒 Security Scan Results

🔒 Security Scan Results
=========================

Bandit Scan Results:
-------------------
Run started:2025-09-24 06:27:04.614237

Test results:
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:55:25
54	        # Create tokenizer
55	        self.tokenizer = AutoTokenizer.from_pretrained(
56	            self.args.version,
57	            cache_dir=None,
58	            model_max_length=self.args.model_max_length,
59	            padding_side="right",
60	            use_fast=False,
61	        )
62	        self.tokenizer.pad_token = self.tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:139:36
138	        # Initialize processors
139	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(self.model.config.vision_tower)
140	        self.transform = ResizeLongestSide(self.args.image_size)

--------------------------------------------------
>> Issue: [B104:hardcoded_bind_all_interfaces] Possible binding to all interfaces.
   Severity: Medium   Confidence: Medium
   CWE: CWE-605 (https://cwe.mitre.org/data/definitions/605.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b104_hardcoded_bind_all_interfaces.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/LISA_gradio_interface.py:412:20
411	    demo.launch(
412	        server_name="0.0.0.0",
413	        server_port=7860,

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/chat.py:71:16
70	    # Create model
71	    tokenizer = AutoTokenizer.from_pretrained(
72	        args.version,
73	        cache_dir=None,
74	        model_max_length=args.model_max_length,
75	        padding_side="right",
76	        use_fast=False,
77	    )
78	    tokenizer.pad_token = tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/chat.py:149:27
148	
149	    clip_image_processor = CLIPImageProcessor.from_pretrained(model.config.vision_tower)
150	    transform = ResizeLongestSide(args.image_size)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/csrnet/run.py:23:13
22	
23	checkpoint = torch.load('weights.pth', map_location="cpu")
24	model.load_state_dict(checkpoint)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/csrnet_service.py:22:21
21	        self.model = CSRNet().to(self.device)
22	        checkpoint = torch.load(weights_path, map_location=self.device)
23	        self.model.load_state_dict(checkpoint)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/lisa_segmentor.py:55:25
54	        # Tokenizer
55	        self.tokenizer = AutoTokenizer.from_pretrained(
56	            self.args.version,
57	            cache_dir=None,
58	            model_max_length=self.args.model_max_length,
59	            padding_side="right",
60	            use_fast=False,
61	        )
62	        self.tokenizer.pad_token = self.tokenizer.unk_token

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/lisa_segmentor.py:147:36
146	
147	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(self.model.config.vision_tower)
148	        self.transform = ResizeLongestSide(self.args.image_size)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/apply_delta.py:15:11
14	    print("Loading base model")
15	    base = AutoModelForCausalLM.from_pretrained(
16	        base_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
17	    )
18	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/apply_delta.py:23:22
22	    )
23	    delta_tokenizer = AutoTokenizer.from_pretrained(delta_path)
24	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/consolidate.py:16:16
15	    auto_upgrade(src_path)
16	    src_model = AutoModelForCausalLM.from_pretrained(
17	        src_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
18	    )
19	    src_tokenizer = AutoTokenizer.from_pretrained(src_path, use_fast=False)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/consolidate.py:19:20
18	    )
19	    src_tokenizer = AutoTokenizer.from_pretrained(src_path, use_fast=False)
20	    src_model.save_pretrained(dst_path)

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/llava_arch.py:69:35
68	        if pretrain_mm_mlp_adapter is not None:
69	            mm_projector_weights = torch.load(
70	                pretrain_mm_mlp_adapter, map_location="cpu"
71	            )
72	

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/llava_arch.py:378:39
377	            if model_args.pretrain_mm_mlp_adapter:
378	                mm_projector_weights = torch.load(
379	                    model_args.pretrain_mm_mlp_adapter, map_location="cpu"
380	                )
381	                embed_tokens_weight = mm_projector_weights["model.embed_tokens.weight"]

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:15:11
14	    print("Loading base model")
15	    base = AutoModelForCausalLM.from_pretrained(
16	        base_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
17	    )
18	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:21:13
20	    auto_upgrade(target_model_path)
21	    target = AutoModelForCausalLM.from_pretrained(
22	        target_model_path, torch_dtype=torch.float16, low_cpu_mem_usage=True
23	    )
24	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/make_delta.py:49:23
48	    target.save_pretrained(delta_path, **kwargs)
49	    target_tokenizer = AutoTokenizer.from_pretrained(target_model_path)
50	    target_tokenizer.save_pretrained(delta_path, **kwargs)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:19:28
18	        else:
19	            self.cfg_only = CLIPVisionConfig.from_pretrained(self.vision_tower_name)
20	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:22:31
21	    def load_model(self):
22	        self.image_processor = CLIPImageProcessor.from_pretrained(
23	            self.vision_tower_name
24	        )
25	        self.vision_tower = CLIPVisionModel.from_pretrained(

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/multimodal_encoder/clip_encoder.py:25:28
24	        )
25	        self.vision_tower = CLIPVisionModel.from_pretrained(
26	            self.vision_tower_name, low_cpu_mem_usage=True
27	        )
28	        self.vision_tower.requires_grad_(False)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/model/utils.py:5:10
4	def auto_upgrade(config):
5	    cfg = AutoConfig.from_pretrained(config)
6	    if "llava" in config and "llava" not in cfg.model_type:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:847:21
846	        if "mpt" in model_args.model_name_or_path:
847	            config = transformers.AutoConfig.from_pretrained(
848	                model_args.model_name_or_path, trust_remote_code=True
849	            )
850	            config.attn_config["attn_impl"] = training_args.mpt_attn_impl

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:864:16
863	    else:
864	        model = transformers.LlamaForCausalLM.from_pretrained(
865	            model_args.model_name_or_path,
866	            cache_dir=training_args.cache_dir,
867	            **bnb_model_from_pretrained_args,
868	        )
869	    model.config.use_cache = False

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:916:20
915	    if "mpt" in model_args.model_name_or_path:
916	        tokenizer = transformers.AutoTokenizer.from_pretrained(
917	            model_args.model_name_or_path,
918	            cache_dir=training_args.cache_dir,
919	            model_max_length=training_args.model_max_length,
920	            padding_side="right",
921	        )
922	    else:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/model/llava/train/train.py:923:20
922	    else:
923	        tokenizer = transformers.AutoTokenizer.from_pretrained(
924	            model_args.model_name_or_path,
925	            cache_dir=training_args.cache_dir,
926	            model_max_length=training_args.model_max_length,
927	            padding_side="right",
928	            use_fast=False,
929	        )
930	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/dataset.py:333:36
332	        self.transform = ResizeLongestSide(image_size)
333	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
334	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/grefer.py:55:32
54	        if osp.exists(ref_file):
55	            self.data["refs"] = pickle.load(open(ref_file, "rb"), fix_imports=True)
56	        else:

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/reason_seg_dataset.py:51:36
50	        self.transform = ResizeLongestSide(image_size)
51	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
52	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/refer.py:68:28
67	        self.data["dataset"] = dataset
68	        self.data["refs"] = pickle.load(open(ref_file, "rb"))
69	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/refer_seg_dataset.py:46:36
45	        self.transform = ResizeLongestSide(image_size)
46	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
47	

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/sem_seg_dataset.py:154:36
153	        self.transform = ResizeLongestSide(image_size)
154	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
155	

--------------------------------------------------
>> Issue: [B307:blacklist] Use of possibly insecure function - consider using safer ast.literal_eval.
   Severity: Medium   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b307-eval
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/sem_seg_dataset.py:164:38
163	        for ds in self.sem_seg_datas:
164	            classes, images, labels = eval("init_{}".format(ds))(base_image_dir)
165	            self.data2list[ds] = (images, labels)

--------------------------------------------------
>> Issue: [B615:huggingface_unsafe_download] Unsafe Hugging Face Hub download without revision pinning in from_pretrained()
   Severity: Medium   Confidence: High
   CWE: CWE-494 (https://cwe.mitre.org/data/definitions/494.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b615_huggingface_unsafe_download.html
   Location: ./Crowd_Monitoring/LISA_Heatmap/utils/vqa_dataset.py:58:36
57	        self.transform = ResizeLongestSide(image_size)
58	        self.clip_image_processor = CLIPImageProcessor.from_pretrained(vision_tower)
59	

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Player_Tracking/YOLOV3_Model/YOLOV3/utils/utils.py:468:8
467	    # Strip optimizer from *.pt files for lighter files (reduced by 2/3 size)
468	    a = torch.load(filename, map_location='cpu')
469	    a['optimizer'] = []

--------------------------------------------------
>> Issue: [B614:pytorch_load] Use of unsafe PyTorch load
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b614_pytorch_load.html
   Location: ./Player_Tracking/tennis_tracking/court_line_detector/court_line_detector.py:10:35
9	        self.model.fc = torch.nn.Linear(self.model.fc.in_features,14*2)
10	        self.model.load_state_dict(torch.load(model_path,map_location='cpu'))
11	

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Player_Tracking/tennis_tracking/trackers/ball_tracker.py:61:34
60	            with open(stub_path,'rb') as f:
61	                ball_detections = pickle.load(f)
62	            return ball_detections

--------------------------------------------------
>> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue.
   Severity: Medium   Confidence: High
   CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b301-pickle
   Location: ./Player_Tracking/tennis_tracking/trackers/player_tracker.py:53:36
52	            with open(stub_path,'rb') as f:
53	                player_detections = pickle.load(f)
54	            return player_detections

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:44:49
43	    coco_names = os.getenv('COCO_NAMES')
44	    tmp_output_dir = os.getenv('TMP_OUTPUT_DIR', '/tmp')
45	

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:48:12
47	        if not os.path.exists(yolo_config):
48	            urllib.request.urlretrieve("https://raw.githubusercontent.com/AlexeyAB/darknet/master/cfg/yolov4.cfg", yolo_config)
49	        if not os.path.exists(yolo_weights):

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:50:12
49	        if not os.path.exists(yolo_weights):
50	            urllib.request.urlretrieve("https://github.com/AlexeyAB/darknet/releases/download/yolov4/yolov4.weights", yolo_weights)
51	        if not os.path.exists(coco_names):

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/airflow/dags/heatmaps_kafka.py:52:12
51	        if not os.path.exists(coco_names):
52	            urllib.request.urlretrieve("https://raw.githubusercontent.com/pjreddie/darknet/master/data/coco.names", coco_names)
53	    except Exception as e:

--------------------------------------------------
>> Issue: [B113:request_without_timeout] Call to requests without timeout
   Severity: Medium   Confidence: Low
   CWE: CWE-400 (https://cwe.mitre.org/data/definitions/400.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b113_request_without_timeout.html
   Location: ./data_streaming_backend/api.py:216:19
215	        validate_url(health_url)
216	        response = requests.get(health_url)
217	        if response.status_code == 200:

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:16:16
15	    'RESULTS_TOPIC': 'face_results',
16	    'YOLO_CFG': '/tmp/yolov4-face.cfg',
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:17:20
16	    'YOLO_CFG': '/tmp/yolov4-face.cfg',
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:18:18
17	    'YOLO_WEIGHTS': '/tmp/yolov4-face.weights',
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:19:17
18	    'MASK_MODEL': '/tmp/mask_detector.model',
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:20:17
19	    'AGE_PROTO': '/tmp/age_deploy.prototxt',
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request
31	    from PIL import Image

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
   Location: ./data_streaming_backend/detect_faces_and_features.py:21:21
20	    'AGE_MODEL': '/tmp/age_net.caffemodel',
21	    'EMOTION_MODEL': '/tmp/emotion-ferplus-8.onnx'
22	}
23	
24	def detect_faces_and_features():
25	    import os
26	    import cv2
27	    import io
28	    import json
29	    import numpy as np
30	    import urllib.request
31	    from PIL import Image
32	    from kafka import KafkaConsumer, KafkaProducer

--------------------------------------------------
>> Issue: [B310:blacklist] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
   Severity: Medium   Confidence: High
   CWE: CWE-22 (https://cwe.mitre.org/data/definitions/22.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b310-urllib-urlopen
   Location: ./data_streaming_backend/detect_faces_and_features.py:36:12
35	        if not os.path.exists(path):
36	            urllib.request.urlretrieve(url, path)
37	

--------------------------------------------------

Code scanned:
	Total lines of code: 22009
	Total lines skipped (#nosec): 4
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 183
		Medium: 50
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 1
		Medium: 18
		High: 214
Files skipped (0):

No critical security issues detected.

The code has passed all critical security checks.

@JarrodG98
Copy link
Author

JarrodG98 commented Sep 24, 2025

Thanks for the feedback! I’ve updated prediction_vs_truth.py so it now computes TP/FP/FN properly by comparing truth_event vs pred_event.
At the moment our synced CSVs only have ground-truth (event_name), so pred_event defaults to the same value — this makes all scores perfect for now. Once a prediction pipeline is integrated, the script will correctly show TP/FP/FN values.

lperry022
lperry022 approved these changes Sep 26, 2025
View reviewed changes
Copy link
Contributor

@lperry022 lperry022 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work!

@lperry022 lperry022 merged commit 597048d into Redback-Operations:main Sep 26, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@lperry022 lperry022 lperry022 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@lperry022 lperry022

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JarrodG98 @lperry022