-
Notifications
You must be signed in to change notification settings - Fork 106
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Co-authored-by: R-Palazzo <[email protected]>
- Loading branch information
Showing
1 changed file
with
113 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,113 @@ | ||
| Run started:2024-04-10 07:28:27.016244 | ||
|
|
||
| Test results: | ||
| >> Issue: [B403:blacklist] Consider possible security implications associated with pickle module. | ||
| Severity: Low Confidence: High | ||
| CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html) | ||
| More Info: https://bandit.readthedocs.io/en/1.7.7/blacklists/blacklist_imports.html#b403-import-pickle | ||
| Location: ./copulas/multivariate/base.py:3:0 | ||
| 2 | ||
| 3 import pickle | ||
| 4 | ||
|
|
||
| -------------------------------------------------- | ||
| >> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue. | ||
| Severity: Medium Confidence: High | ||
| CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html) | ||
| More Info: https://bandit.readthedocs.io/en/1.7.7/blacklists/blacklist_calls.html#b301-pickle | ||
| Location: ./copulas/multivariate/base.py:177:19 | ||
| 176 with open(path, 'rb') as pickle_file: | ||
| 177 return pickle.load(pickle_file) | ||
| 178 | ||
|
|
||
| -------------------------------------------------- | ||
| >> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. | ||
| Severity: Low Confidence: High | ||
| CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html) | ||
| More Info: https://bandit.readthedocs.io/en/1.7.7/plugins/b101_assert_used.html | ||
| Location: ./copulas/optimize/__init__.py:26:4 | ||
| 25 """ | ||
| 26 assert (f(xmin) <= 0.0).all() | ||
| 27 assert (f(xmax) >= 0.0).all() | ||
|
|
||
| -------------------------------------------------- | ||
| >> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. | ||
| Severity: Low Confidence: High | ||
| CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html) | ||
| More Info: https://bandit.readthedocs.io/en/1.7.7/plugins/b101_assert_used.html | ||
| Location: ./copulas/optimize/__init__.py:27:4 | ||
| 26 assert (f(xmin) <= 0.0).all() | ||
| 27 assert (f(xmax) >= 0.0).all() | ||
| 28 | ||
|
|
||
| -------------------------------------------------- | ||
| >> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. | ||
| Severity: Low Confidence: High | ||
| CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html) | ||
| More Info: https://bandit.readthedocs.io/en/1.7.7/plugins/b101_assert_used.html | ||
| Location: ./copulas/optimize/__init__.py:71:4 | ||
| 70 shape = np.shape(fa) | ||
| 71 assert shape == np.shape(fb) | ||
| 72 | ||
|
|
||
| -------------------------------------------------- | ||
| >> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. | ||
| Severity: Low Confidence: High | ||
| CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html) | ||
| More Info: https://bandit.readthedocs.io/en/1.7.7/plugins/b101_assert_used.html | ||
| Location: ./copulas/optimize/__init__.py:77:4 | ||
| 76 # Make sure we are bracketing a root in each case | ||
| 77 assert (np.sign(fa) * np.sign(fb) <= 0).all() | ||
| 78 t = 0.5 | ||
|
|
||
| -------------------------------------------------- | ||
| >> Issue: [B403:blacklist] Consider possible security implications associated with pickle module. | ||
| Severity: Low Confidence: High | ||
| CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html) | ||
| More Info: https://bandit.readthedocs.io/en/1.7.7/blacklists/blacklist_imports.html#b403-import-pickle | ||
| Location: ./copulas/univariate/base.py:3:0 | ||
| 2 | ||
| 3 import pickle | ||
| 4 from abc import ABC | ||
|
|
||
| -------------------------------------------------- | ||
| >> Issue: [B301:blacklist] Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue. | ||
| Severity: Medium Confidence: High | ||
| CWE: CWE-502 (https://cwe.mitre.org/data/definitions/502.html) | ||
| More Info: https://bandit.readthedocs.io/en/1.7.7/blacklists/blacklist_calls.html#b301-pickle | ||
| Location: ./copulas/univariate/base.py:477:19 | ||
| 476 with open(path, 'rb') as pickle_file: | ||
| 477 return pickle.load(pickle_file) | ||
| 478 | ||
|
|
||
| -------------------------------------------------- | ||
| >> Issue: [B110:try_except_pass] Try, Except, Pass detected. | ||
| Severity: Low Confidence: High | ||
| CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html) | ||
| More Info: https://bandit.readthedocs.io/en/1.7.7/plugins/b110_try_except_pass.html | ||
| Location: ./copulas/univariate/selection.py:32:8 | ||
| 31 best_model = model | ||
| 32 except Exception: | ||
| 33 # Distribution not supported | ||
| 34 pass | ||
| 35 | ||
|
|
||
| -------------------------------------------------- | ||
|
|
||
| Code scanned: | ||
| Total lines of code: 3973 | ||
| Total lines skipped (#nosec): 0 | ||
| Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0 | ||
|
|
||
| Run metrics: | ||
| Total issues (by severity): | ||
| Undefined: 0 | ||
| Low: 7 | ||
| Medium: 2 | ||
| High: 0 | ||
| Total issues (by confidence): | ||
| Undefined: 0 | ||
| Low: 0 | ||
| Medium: 0 | ||
| High: 9 | ||
| Files skipped (0): |