feat: Reduce level for Bandit and fix code to adapt (#1604)

2025-12-15 20:08:29 +00:00 · 2024-11-14 13:12:35 -03:00
parent 4ca785eb15
commit 9285ebf8a2
5 changed files with 13 additions and 7 deletions
--- a/.github/workflows/security-checker.yml
+++ b/.github/workflows/security-checker.yml
@@ -19,5 +19,5 @@ jobs:
        run: pip install bandit

      - name: Run Bandit
-        run: bandit -c pyproject.toml -r src/ -lll
+        run: bandit -c pyproject.toml -r src/ -ll

--- a/src/crewai/cli/authentication/main.py
+++ b/src/crewai/cli/authentication/main.py
@@ -34,7 +34,9 @@ class AuthenticationCommand:
            "scope": "openid",
            "audience": AUTH0_AUDIENCE,
        }
-        response = requests.post(url=self.DEVICE_CODE_URL, data=device_code_payload)
+        response = requests.post(
+            url=self.DEVICE_CODE_URL, data=device_code_payload, timeout=20
+        )
        response.raise_for_status()
        return response.json()

@@ -54,7 +56,7 @@ class AuthenticationCommand:

        attempts = 0
        while True and attempts < 5:
-            response = requests.post(self.TOKEN_URL, data=token_payload)
+            response = requests.post(self.TOKEN_URL, data=token_payload, timeout=30)
            token_data = response.json()

            if response.status_code == 200:
--- a/src/crewai/memory/storage/kickoff_task_outputs_storage.py
+++ b/src/crewai/memory/storage/kickoff_task_outputs_storage.py
@@ -103,7 +103,7 @@ class KickoffTaskOutputsSQLiteStorage:
                        else value
                    )

-                query = f"UPDATE latest_kickoff_task_outputs SET {', '.join(fields)} WHERE task_index = ?"
+                query = f"UPDATE latest_kickoff_task_outputs SET {', '.join(fields)} WHERE task_index = ?"  # nosec
                values.append(task_index)

                cursor.execute(query, tuple(values))
--- a/src/crewai/memory/storage/ltm_sqlite_storage.py
+++ b/src/crewai/memory/storage/ltm_sqlite_storage.py
@@ -83,7 +83,7 @@ class LTMSQLiteStorage:
                    WHERE task_description = ?
                    ORDER BY datetime DESC, score ASC
                    LIMIT {latest_n}
-                """,
+                """,  # nosec
                    (task_description,),
                )
                rows = cursor.fetchall()
--- a/src/crewai/utilities/file_handler.py
+++ b/src/crewai/utilities/file_handler.py
@@ -16,7 +16,11 @@ class FileHandler:

    def log(self, **kwargs):
        now = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
-        message = f"{now}: " + ", ".join([f"{key}=\"{value}\"" for key, value in kwargs.items()]) + "\n"
+        message = (
+            f"{now}: "
+            + ", ".join([f'{key}="{value}"' for key, value in kwargs.items()])
+            + "\n"
+        )
        with open(self._path, "a", encoding="utf-8") as file:
            file.write(message + "\n")

@@ -63,7 +67,7 @@ class PickleHandler:

        with open(self.file_path, "rb") as file:
            try:
-                return pickle.load(file)
+                return pickle.load(file)  # nosec
            except EOFError:
                return {}  # Return an empty dictionary if the file is empty or corrupted
            except Exception: