username/flaskpaste
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: use nosec for bandit SQL injection suppression
Some checks failed
CI / Lint & Format (push) Failing after 16s
Details
CI / Tests (push) Has been skipped
Details
CI / Security Scan (push) Successful in 22s
Details

Browse Source
This commit is contained in:
Username
2025-12-23 22:53:52 +01:00
parent 482bd9a152
commit 2a287c65f4
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/audit.py
View File

@@ -143,7 +143,7 @@ def query_audit_log(
# Get total count # Get total count
count_row = db.execute( count_row = db.execute(
f"SELECT COUNT(*) as total FROM audit_log WHERE {where_sql}", # noqa: S608 f"SELECT COUNT(*) as total FROM audit_log WHERE {where_sql}", # nosec B608
params, params,
).fetchone() ).fetchone()
total = count_row["total"] if count_row else 0 total = count_row["total"] if count_row else 0
@@ -155,7 +155,7 @@ def query_audit_log(
FROM audit_log FROM audit_log
WHERE {where_sql} WHERE {where_sql}
ORDER BY timestamp DESC ORDER BY timestamp DESC
LIMIT ? OFFSET ?""", # noqa: S608 LIMIT ? OFFSET ?""", # nosec B608
[*params, limit, offset], [*params, limit, offset],
).fetchall() ).fetchall()