-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sonar tmpfile codemod #393
Conversation
src/codemodder/temporary.py
Outdated
@@ -0,0 +1,3 @@ | |||
import tempfile | |||
|
|||
tempfile.mktemp() |
Check failure
Code scanning / SonarCloud
Insecure temporary file creation methods should not be used
e9d2da6
to
bf5925a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pending the test failures, this looks good to me.
bf5925a
to
94689a7
Compare
Quality Gate passedIssues Measures |
@@ -314,6 +314,11 @@ class DocMetadata: | |||
guidance_explained=CORE_METADATA["fix-missing-self-or-cls"].guidance_explained, | |||
need_sarif="Yes (Sonar)", | |||
), | |||
"secure-tempfile-S5445": DocMetadata( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not necessarily for this PR but we should be able to rewrite this whole section in terms of a dict comprehension and avoid a lot of duplication.
Overview
Added a sonar codemod for
secure-tempfile
Description
Closes #371