PW100: Matching inputs, secrets or tokens using the == operator is vulnerable to timing attacks. Use compare_digest() instead. Found in '"PAS@#WOORD" == password'.

Execute the pycharm-security action: file:///github/workspace/test_xmlrpc.py#L30

XML200: Using allow_dotted_names option may allow attackers to execute arbitrary code. Found in 'server.register_instance(MyFuncs(), True)'.

Execute the pycharm-security action: file:///github/workspace/test_ssl.py#L3

SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket(ssl_version=None)'.

Execute the pycharm-security action: file:///github/workspace/test_ssl.py#L6

SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket()'.

Execute the pycharm-security action: file:///github/workspace/do_assert.py#L6

TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.

Execute the pycharm-security action: file:///github/workspace/do_assert.py#L12

TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except: # do nothing pass'.

Execute the pycharm-security action: file:///github/workspace/assert_and_try.py#L5

TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.

Execute the pycharm-security action

Execute the pycharm-security action: file:///github/workspace/do_assert.py#L2

AST100: Asserts should only be used in tests. Asserts are typically bypassed in a production environment. Found in 'assert 1 == 1'.

Execute the pycharm-security action: file:///github/workspace/assert_and_try.py#L1

AST100: Asserts should only be used in tests. Asserts are typically bypassed in a production environment. Found in 'assert 1 == 1'.

Execute the pycharm-security action: file:///github/workspace/test_shell.py#L19

PW100: Matching inputs, secrets or tokens using the == operator is vulnerable to timing attacks. Use compare_digest() instead. Found in '"PAS@#WOORD" == password'.

Execute the pycharm-security action: file:///github/workspace/test_xmlrpc.py#L30

XML200: Using allow_dotted_names option may allow attackers to execute arbitrary code. Found in 'server.register_instance(MyFuncs(), True)'.

Execute the pycharm-security action: file:///github/workspace/test_ssl.py#L3

SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket(ssl_version=None)'.

Execute the pycharm-security action: file:///github/workspace/test_ssl.py#L6

SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket()'.

Execute the pycharm-security action: file:///github/workspace/do_assert.py#L6

TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.

Execute the pycharm-security action: file:///github/workspace/do_assert.py#L12

TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except: # do nothing pass'.

Execute the pycharm-security action: file:///github/workspace/assert_and_try.py#L5

TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.

Execute the pycharm-security action

Execute the pycharm-security action: file:///github/workspace/do_assert.py#L2

AST100: Asserts should only be used in tests. Asserts are typically bypassed in a production environment. Found in 'assert 1 == 1'.

Execute the pycharm-security action: file:///github/workspace/assert_and_try.py#L1

AST100: Asserts should only be used in tests. Asserts are typically bypassed in a production environment. Found in 'assert 1 == 1'.

Execute the pycharm-security action: file:///github/workspace/test_shell.py#L19

PW100: Matching inputs, secrets or tokens using the == operator is vulnerable to timing attacks. Use compare_digest() instead. Found in '"PAS@#WOORD" == password'.

Execute the pycharm-security action: file:///github/workspace/test_xmlrpc.py#L30

XML200: Using allow_dotted_names option may allow attackers to execute arbitrary code. Found in 'server.register_instance(MyFuncs(), True)'.

Execute the pycharm-security action: file:///github/workspace/test_ssl.py#L3

SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket(ssl_version=None)'.

Execute the pycharm-security action: file:///github/workspace/test_ssl.py#L6

SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket()'.

Execute the pycharm-security action: file:///github/workspace/do_assert.py#L6

TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.

Execute the pycharm-security action: file:///github/workspace/do_assert.py#L12

TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except: # do nothing pass'.

Execute the pycharm-security action: file:///github/workspace/assert_and_try.py#L5

TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump org.jetbrains.kotlin.jvm from 1.9.0 to 1.9.20 #1005

Summary

Bump org.jetbrains.kotlin.jvm from 1.9.0 to 1.9.20 #1005

Jobs

Run details

test_action.yml

Annotations