Freyja: Use safe alternative to eval()#3531
Conversation
|
Summary: A small, correct, and well-targeted security fix. The change is straightforward and follows Python best practices. No functional regressions expected. DetailsOverviewReplaces Code Quality & Best Practices
SecurityThis is the primary motivation for the PR and it's handled correctly:
Potential Issues / Minor Notes
Test CoverageNo new tests are added. Given the nature of the change (a drop-in safer replacement), a unit test covering:
...would strengthen confidence, but is not strictly required for a change this mechanical. Summary
Looks good to merge. The one thing to double-check is whether |
Avoid use of
eval()which could potentially allow arbitrary code execution, if someone went to great lengths.