From 2b5c3dfd03c1ba3faf4fb027581721512820e8e9 Mon Sep 17 00:00:00 2001 From: Santiago Bravo Date: Tue, 10 Dec 2024 08:46:01 -0300 Subject: [PATCH] Adding #nosec to trusted subprocess lines --- main.py | 8 ++++---- src/plot/plot_mdk3.py | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/main.py b/main.py index 96b0c1d..e44a0c5 100644 --- a/main.py +++ b/main.py @@ -367,8 +367,8 @@ def run_medslik_sim(self, simdir, simname, separate_slicks=False): # Compile and start running (replacing `cd` with `cwd`) compile_script = "MODEL_SRC/compile.sh" run_script = "RUN.sh" - subprocess.run(["sh", compile_script], check=True, cwd=os.path.join(model_dir, "RUN")) - subprocess.run(["./" + run_script], check=True, cwd=os.path.join(model_dir, "RUN")) + subprocess.run(["sh", compile_script], check=True, cwd=os.path.join(model_dir, "RUN")) # nosec + subprocess.run(["./" + run_script], check=True, cwd=os.path.join(model_dir, "RUN")) # nosec else: # Handle separate slicks @@ -391,8 +391,8 @@ def run_medslik_sim(self, simdir, simname, separate_slicks=False): # Compile and start running compile_script = "MODEL_SRC/compile.sh" run_script = "RUN.sh" - subprocess.run(["sh", compile_script], check=True, cwd=os.path.join(model_dir, "RUN")) - subprocess.run(["./" + run_script], check=True, cwd=os.path.join(model_dir, "RUN")) + subprocess.run(["sh", compile_script], check=True, cwd=os.path.join(model_dir, "RUN")) # nosec + subprocess.run(["./" + run_script], check=True, cwd=os.path.join(model_dir, "RUN")) # nosec # Copy output files (replacing `cp -r`) output_dest = os.path.join(simdir, simname, "out_files") diff --git a/src/plot/plot_mdk3.py b/src/plot/plot_mdk3.py index f8f5bfa..2c0ef6e 100644 --- a/src/plot/plot_mdk3.py +++ b/src/plot/plot_mdk3.py @@ -181,7 +181,7 @@ def create_gif(self): {self.out_figures}/oil_concentration_{self.config['simulation']['name']}.gif" ], # shell=True, - ) + ) # nosec def plot_pyngl( self, @@ -210,7 +210,7 @@ def plot_pyngl( ], # shell=True, check=True, - ) + ) # nosec if __name__ == "__main__":