Bump org.jetbrains.kotlin.jvm from 1.9.0 to 1.9.20 #1005
test_action.yml
on: push
Execute the pycharm-security action
2m 15s
Annotations
30 warnings
Execute the pycharm-security action
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
Execute the pycharm-security action:
file:///github/workspace/do_assert.py#L2
AST100: Asserts should only be used in tests. Asserts are typically bypassed in a production environment. Found in 'assert 1 == 1'.
|
Execute the pycharm-security action:
file:///github/workspace/assert_and_try.py#L1
AST100: Asserts should only be used in tests. Asserts are typically bypassed in a production environment. Found in 'assert 1 == 1'.
|
Execute the pycharm-security action:
file:///github/workspace/test_shell.py#L19
PW100: Matching inputs, secrets or tokens using the == operator is vulnerable to timing attacks. Use compare_digest() instead. Found in '"PAS@#WOORD" == password'.
|
Execute the pycharm-security action:
file:///github/workspace/test_xmlrpc.py#L30
XML200: Using allow_dotted_names option may allow attackers to execute arbitrary code. Found in 'server.register_instance(MyFuncs(), True)'.
|
Execute the pycharm-security action:
file:///github/workspace/test_ssl.py#L3
SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket(ssl_version=None)'.
|
Execute the pycharm-security action:
file:///github/workspace/test_ssl.py#L6
SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket()'.
|
Execute the pycharm-security action:
file:///github/workspace/do_assert.py#L6
TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.
|
Execute the pycharm-security action:
file:///github/workspace/do_assert.py#L12
TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except: # do nothing pass'.
|
Execute the pycharm-security action:
file:///github/workspace/assert_and_try.py#L5
TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.
|
Execute the pycharm-security action
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
Execute the pycharm-security action:
file:///github/workspace/do_assert.py#L2
AST100: Asserts should only be used in tests. Asserts are typically bypassed in a production environment. Found in 'assert 1 == 1'.
|
Execute the pycharm-security action:
file:///github/workspace/assert_and_try.py#L1
AST100: Asserts should only be used in tests. Asserts are typically bypassed in a production environment. Found in 'assert 1 == 1'.
|
Execute the pycharm-security action:
file:///github/workspace/test_shell.py#L19
PW100: Matching inputs, secrets or tokens using the == operator is vulnerable to timing attacks. Use compare_digest() instead. Found in '"PAS@#WOORD" == password'.
|
Execute the pycharm-security action:
file:///github/workspace/test_xmlrpc.py#L30
XML200: Using allow_dotted_names option may allow attackers to execute arbitrary code. Found in 'server.register_instance(MyFuncs(), True)'.
|
Execute the pycharm-security action:
file:///github/workspace/test_ssl.py#L3
SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket(ssl_version=None)'.
|
Execute the pycharm-security action:
file:///github/workspace/test_ssl.py#L6
SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket()'.
|
Execute the pycharm-security action:
file:///github/workspace/do_assert.py#L6
TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.
|
Execute the pycharm-security action:
file:///github/workspace/do_assert.py#L12
TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except: # do nothing pass'.
|
Execute the pycharm-security action:
file:///github/workspace/assert_and_try.py#L5
TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.
|
Execute the pycharm-security action
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
Execute the pycharm-security action:
file:///github/workspace/do_assert.py#L2
AST100: Asserts should only be used in tests. Asserts are typically bypassed in a production environment. Found in 'assert 1 == 1'.
|
Execute the pycharm-security action:
file:///github/workspace/assert_and_try.py#L1
AST100: Asserts should only be used in tests. Asserts are typically bypassed in a production environment. Found in 'assert 1 == 1'.
|
Execute the pycharm-security action:
file:///github/workspace/test_shell.py#L19
PW100: Matching inputs, secrets or tokens using the == operator is vulnerable to timing attacks. Use compare_digest() instead. Found in '"PAS@#WOORD" == password'.
|
Execute the pycharm-security action:
file:///github/workspace/test_xmlrpc.py#L30
XML200: Using allow_dotted_names option may allow attackers to execute arbitrary code. Found in 'server.register_instance(MyFuncs(), True)'.
|
Execute the pycharm-security action:
file:///github/workspace/test_ssl.py#L3
SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket(ssl_version=None)'.
|
Execute the pycharm-security action:
file:///github/workspace/test_ssl.py#L6
SSL100: Calling wrap_socket without specifying an ssl_version could use an insecure default. Found in 'ssl.wrap_socket()'.
|
Execute the pycharm-security action:
file:///github/workspace/do_assert.py#L6
TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.
|
Execute the pycharm-security action:
file:///github/workspace/do_assert.py#L12
TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except: # do nothing pass'.
|
Execute the pycharm-security action:
file:///github/workspace/assert_and_try.py#L5
TRY100: Ignoring exceptions without either logging or handling is not considered good security practice. Found in 'except Exception as ex: pass'.
|