Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

tonybaloney / pycharm-security Public

Notifications You must be signed in to change notification settings
Fork 21
Star 337

Code
Issues 26
Pull requests 10
Actions
Projects
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Security
Insights

Releases: tonybaloney/pycharm-security

Releases Tags

Releases · tonybaloney/pycharm-security

v1.7.0

05 Feb 22:07

tonybaloney

1.7.0

e5db663

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

v1.7.0

Marketplace

Added pickle load inspection PIC100
Added django safe strings inspection DJG102
Added hardcoded temp path read or write inspection TMP101
Added XML standard library DoS inspection XML100
Added XML RPC dotted paths inspection XML200

Assets 3

All reactions

v1.6.0

04 Feb 05:04

tonybaloney

1.6.0

7e65096

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

v1.6.0

Marketplace

GitHub Action now supports "failure on warning"
GitHub Action now always uses latest image
GitHub Action supports setting path to custom inspection XML file

Assets 3

All reactions

v1.5.0

03 Feb 06:37

tonybaloney

1.5.0

6543ffe

This commit was signed with the committer’s verified signature. The key has expired.

tonybaloney Anthony Shaw

GPG key ID: A5B5836F7895863C

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

v1.5.0

Marketplace

Add annotations to the GitHub action

Assets 2

All reactions

1.4.5

03 Feb 02:34

tonybaloney

1.4.5

7cb2a51

This commit was signed with the committer’s verified signature. The key has expired.

tonybaloney Anthony Shaw

GPG key ID: A5B5836F7895863C

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

1.4.5

Marketplace

Update release notes

Assets 3

All reactions

1.4.4

03 Feb 01:26

tonybaloney

1.4.4

82698e3

This commit was signed with the committer’s verified signature. The key has expired.

tonybaloney Anthony Shaw

GPG key ID: A5B5836F7895863C

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

1.4.4

Marketplace

Update patch notes for 1.4.4

Assets 3

All reactions

1.4.3

02 Feb 23:45

tonybaloney

1.4.3

ed10728

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

1.4.3

Marketplace

Update action.yml

Assets 2

All reactions

1.4.2

02 Feb 22:11

tonybaloney

1.4.2

d3189ab

This commit was signed with the committer’s verified signature. The key has expired.

tonybaloney Anthony Shaw

GPG key ID: A5B5836F7895863C

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

1.4.2

Fixed a bug where packages that had a vulnerability in safetydb but no CVE record would raise a NPE to PyCharm issue#33

Assets 5

All reactions

1.4.1

02 Feb 04:57

tonybaloney

1.4.1

56c9a5d

This commit was signed with the committer’s verified signature. The key has expired.

tonybaloney Anthony Shaw

GPG key ID: A5B5836F7895863C

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

1.4.1

Changed YML100 to not match when loader=SafeLoader is used
Altered PW100 to only match on == and != operators, reducing false positives

Assets 4

All reactions

1.4.0: Merge pull request #30 from tonybaloney/django_sql

31 Jan 22:09

tonybaloney

1.4.0

8c2c9fc

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

1.4.0: Merge pull request #30 from tonybaloney/django_sql

Added DJG101 Using quoted, parametrized literal will bypass Django SQL Injection protection

Assets 3

All reactions

1.3.0: Merge pull request #29 from tonybaloney/rest_of_bandit

31 Jan 05:41

tonybaloney

1.3.0

67dc812

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

View all tags

1.3.0: Merge pull request #29 from tonybaloney/rest_of_bandit

Added TRY100 check for try..except..pass statements
Added TRY101 check for try..except..continue statements
Added AST100 check for assert usage outside of a test
Added NET100 check unspecified binding
Added PAR100 check for host key bypass in paramiko ssh client usage
Added OS100 check calls to os.chmod() for dangerous POSIX permissions

Assets 3

All reactions

Previous 1 2 3 4 5 Next

Previous Next

Footer

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.