Code Review
/
vvp
/
validation-scripts.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
[VVP] Adding bandit security scans and fixes
[vvp/validation-scripts.git]
/
ice_validator
/
tests
/
conftest.py
diff --git
a/ice_validator/tests/conftest.py
b/ice_validator/tests/conftest.py
index
b09a8aa
..
5653cca
100644
(file)
--- a/
ice_validator/tests/conftest.py
+++ b/
ice_validator/tests/conftest.py
@@
-43,6
+43,10
@@
import json
import os
import re
import time
import os
import re
import time
+try:
+ from html import escape
+except ImportError:
+ from cgi import escape
from collections import defaultdict
import traceback
from collections import defaultdict
import traceback
@@
-745,8
+749,9
@@
def generate_html_report(outpath, categories, template_path, failures):
{
"file_links": make_href(failure.files, template_path),
"test_id": failure.test_id,
{
"file_links": make_href(failure.files, template_path),
"test_id": failure.test_id,
- "error_message": failure.error_message.replace("\n", "<br/><br/>"),
- "raw_output": failure.raw_output,
+ "error_message": escape(failure.error_message).replace("\n",
+ "<br/><br/>"),
+ "raw_output": escape(failure.raw_output),
"requirements": docutils.core.publish_parts(
writer_name="html", source=failure.requirement_text(reqs)
)["body"],
"requirements": docutils.core.publish_parts(
writer_name="html", source=failure.requirement_text(reqs)
)["body"],
@@
-958,7
+963,7
@@
def hash_directory(path):
:param path: string directory containing files
:return: string MD5 hash code (hex)
"""
:param path: string directory containing files
:return: string MD5 hash code (hex)
"""
- md5 = hashlib.md5()
+ md5 = hashlib.md5()
# nosec
for dir_path, sub_dirs, filenames in os.walk(path):
for filename in filenames:
file_path = os.path.join(dir_path, filename)
for dir_path, sub_dirs, filenames in os.walk(path):
for filename in filenames:
file_path = os.path.join(dir_path, filename)