You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
event though we kind of trust the stuwerk, it is better to be save than sorry
Issue: [B410:blacklist] Using html to parse untrusted XML data is known to be vulnerable to XML attacks. Replace html with the equivalent defusedxml package.
Severity: Low Confidence: High
Location: src/menu_parser.py:19
More Info: https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b410-import-lxml
18 import requests
19 from lxml import html
The text was updated successfully, but these errors were encountered:
tiran/defusedxml#38 states, that the package is no longer nessesary, but will be availibele until a real fix is found, so probably still worth to keep subscribed on this issue.
event though we kind of trust the stuwerk, it is better to be save than sorry
The text was updated successfully, but these errors were encountered: