Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SG-29997 Removing Python 2 code #345

Closed
wants to merge 7 commits into from

print deleted and also a test file

717af51
Select commit
Loading
Failed to load commit list.
Closed

SG-29997 Removing Python 2 code #345

print deleted and also a test file
717af51
Select commit
Loading
Failed to load commit list.
ShotGrid Chorus / security/semgrep required action Jun 6, 2024 in 24s

2 issue(s) found

Summary of Issues

Type Count Severity
rules.python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc 1 HIGH
rules.python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1 1 MEDIUM

How do I clear all these issues?

If you suspect these issues are not actual issues, click “Clear All Issues” above. Click here for more details.

Details and Annotations

Details

semgrep version 1.69.0

Annotations

Check warning on line 483 in shotgun_api3/lib/httplib2/__init__.py

See this annotation in the file changed.

@shotgrid-chorus shotgrid-chorus / security/semgrep

app.chorus.semgrep.rules.python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-sha1 

Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.

Check failure on line 49 in shotgun_api3/shotgun.py

See this annotation in the file changed.

@shotgrid-chorus shotgrid-chorus / security/semgrep

app.chorus.semgrep.rules.python.lang.security.use-defused-xmlrpc.use-defused-xmlrpc 

Detected use of xmlrpc. xmlrpc is not inherently safe from vulnerabilities. Use defusedxml.xmlrpc instead.
View more details on ShotGrid Chorus