Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[fix] bandit assert warnings #3243

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Jul 5, 2025
Merged

[fix] bandit assert warnings #3243

merged 13 commits into from
Jul 5, 2025

Conversation

@motorina0
Copy link
Collaborator

@motorina0 motorina0 commented Jul 4, 2025
edited
Loading

Summary

Python’s assert statement is meant for debugging, not production security checks. The issue is that:
- When Python runs in optimized mode (with -O or -OO), all assert statements are stripped out at compile time.
- That means any logic relying on assert will not run in production if the interpreter is optimized — potentially skipping critical checks.

Depends on: #3242

@motorina0 motorina0 changed the base branch from dev to fix_bandit_sql_injection_warnings July 4, 2025 17:14
@codecov
Copy link

codecov bot commented Jul 4, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 33.33333% with 110 lines in your changes missing coverage. Please review.

Project coverage is 60.27%. Comparing base (841c8ce) to head (daaae0b).
Report is 1 commits behind head on dev.

Files with missing lines Patch % Lines
lnbits/core/views/extension_api.py 0.00% 50 Missing ⚠️
lnbits/core/views/auth_api.py 80.00% 9 Missing ⚠️
lnbits/wallets/blink.py 0.00% 6 Missing ⚠️
lnbits/commands.py 0.00% 4 Missing ⚠️
lnbits/core/models/extensions.py 0.00% 4 Missing ⚠️
lnbits/core/services/extensions.py 0.00% 4 Missing ⚠️
lnbits/utils/nostr.py 50.00% 4 Missing ⚠️
lnbits/core/crud/settings.py 25.00% 3 Missing ⚠️
lnbits/core/views/payment_api.py 25.00% 3 Missing ⚠️
lnbits/wallets/corelightningrest.py 50.00% 3 Missing ⚠️
... and 15 more
Additional details and impacted files 
@@            Coverage Diff             @@
##              dev    #3243      +/-   ##
==========================================
- Coverage   60.45%   60.27%   -0.19%     
==========================================
  Files         111      111              
  Lines       14529    14583      +54     
==========================================
+ Hits         8784     8790       +6     
- Misses       5745     5793      +48

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@motorina0 motorina0 marked this pull request as ready for review July 4, 2025 17:30
@motorina0 motorina0 requested review from arcbtc, dni and talvasconcelos and removed request for dni July 4, 2025 17:30
Base automatically changed from fix_bandit_sql_injection_warnings to dev July 5, 2025 09:12
@dni dni force-pushed the fix_bandit_assert_warnings2 branch from 804b91b to 5c5814d Compare July 5, 2025 09:18
@motorina0 motorina0 merged commit 07c6228 into dev Jul 5, 2025
44 checks passed
@motorina0 motorina0 deleted the fix_bandit_assert_warnings2 branch July 5, 2025 10:16
dni added a commit that referenced this pull request Jul 15, 2025
@motorina0 @dni
[fix] bandit assert warnings (#3243)
fa89313 
Co-authored-by: dni ⚡ <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dni dni dni approved these changes

@talvasconcelos talvasconcelos Awaiting requested review from talvasconcelos

@arcbtc arcbtc Awaiting requested review from arcbtc

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@motorina0 @dni