Describe the bug
Up until this latest release, our bandit workflows have delivered passing results without issue. With our latest commit, 1.7.3 was installed and our unit testing failed with the following:
Issue: [B105:hardcoded_password_string] Possible hardcoded password: 'Unexpected API response received'
Severity: Low Confidence: Medium
CWE: CWE-[25](https://github.com/CrowdStrike/falconpy/runs/5401017629?check_suite_focus=true#step:5:25)9 (https://cwe.mitre.org/data/definitions/259.html)
Location: src/falconpy/oauth2.py:157:41
More Info: https://bandit.readthedocs.io/en/1.7.3/plugins/b105_hardcoded_password_string.html
156 returned = generate_error_result("Unexpected API response received", 403)
157 self.token_fail_reason = "Unexpected API response received"
158 self.token_status = 403Impacted code block
if isinstance(returned, dict):
self.token_status = returned["status_code"]
if self.token_status == 201:
self.token_expiration = returned["body"]["expires_in"]
self.token_time = time.time()
self.token_value = returned["body"]["access_token"]
self.token_fail_reason = None
# unrelated code continues...
else:
returned = generate_error_result("Unexpected API response received", 403)
self.token_fail_reason = "Unexpected API response received"
self.token_status = 403Reproduction steps
Started occurring with the 1.7.3 install. (I've confirmed it's not an issue in 1.7.0 - 1.7.2)
Expected behavior
I don't believe there is a problem with the code above.
Bandit version
1.7.3 (Default)
Python version
3.10 (Default)
Additional context
Appears to be similar to issue #842.
Describe the bug
Up until this latest release, our bandit workflows have delivered passing results without issue. With our latest commit, 1.7.3 was installed and our unit testing failed with the following:
Impacted code block
Reproduction steps
Expected behavior
I don't believe there is a problem with the code above.
Bandit version
1.7.3 (Default)
Python version
3.10 (Default)
Additional context
Appears to be similar to issue #842.