feat: Reduce level for Bandit and fix code to adapt (#1604)

crewAIInc · Nov 14, 2024 · 9285ebf · 9285ebf
1 parent 4ca785e
commit 9285ebf
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 7 deletions.
diff --git a/.github/workflows/security-checker.yml b/.github/workflows/security-checker.yml
@@ -19,5 +19,5 @@ jobs:
         run: pip install bandit
 
       - name: Run Bandit
-        run: bandit -c pyproject.toml -r src/ -lll
+        run: bandit -c pyproject.toml -r src/ -ll
 
diff --git a/src/crewai/cli/authentication/main.py b/src/crewai/cli/authentication/main.py
@@ -34,7 +34,9 @@ def _get_device_code(self) -> Dict[str, Any]:
             "scope": "openid",
             "audience": AUTH0_AUDIENCE,
         }
-        response = requests.post(url=self.DEVICE_CODE_URL, data=device_code_payload)
+        response = requests.post(
+            url=self.DEVICE_CODE_URL, data=device_code_payload, timeout=20
+        )
         response.raise_for_status()
         return response.json()
 
@@ -54,7 +56,7 @@ def _poll_for_token(self, device_code_data: Dict[str, Any]) -> None:
 
         attempts = 0
         while True and attempts < 5:
-            response = requests.post(self.TOKEN_URL, data=token_payload)
+            response = requests.post(self.TOKEN_URL, data=token_payload, timeout=30)
             token_data = response.json()
 
             if response.status_code == 200:

diff --git a/src/crewai/memory/storage/kickoff_task_outputs_storage.py b/src/crewai/memory/storage/kickoff_task_outputs_storage.py
@@ -103,7 +103,7 @@ def update(
                         else value
                     )
 
-                query = f"UPDATE latest_kickoff_task_outputs SET {', '.join(fields)} WHERE task_index = ?"
+                query = f"UPDATE latest_kickoff_task_outputs SET {', '.join(fields)} WHERE task_index = ?"  # nosec
                 values.append(task_index)
 
                 cursor.execute(query, tuple(values))

diff --git a/src/crewai/memory/storage/ltm_sqlite_storage.py b/src/crewai/memory/storage/ltm_sqlite_storage.py
@@ -83,7 +83,7 @@ def load(
                     WHERE task_description = ?
                     ORDER BY datetime DESC, score ASC
                     LIMIT {latest_n}
-                """,
+                """,  # nosec
                     (task_description,),
                 )
                 rows = cursor.fetchall()

diff --git a/src/crewai/utilities/file_handler.py b/src/crewai/utilities/file_handler.py
@@ -16,7 +16,11 @@ def __init__(self, file_path):
 
     def log(self, **kwargs):
         now = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
-        message = f"{now}: " + ", ".join([f"{key}=\"{value}\"" for key, value in kwargs.items()]) + "\n"
+        message = (
+            f"{now}: "
+            + ", ".join([f'{key}="{value}"' for key, value in kwargs.items()])
+            + "\n"
+        )
         with open(self._path, "a", encoding="utf-8") as file:
             file.write(message + "\n")
 
@@ -63,7 +67,7 @@ def load(self) -> dict:
 
         with open(self.file_path, "rb") as file:
             try:
-                return pickle.load(file)
+                return pickle.load(file)  # nosec
             except EOFError:
                 return {}  # Return an empty dictionary if the file is empty or corrupted
             except Exception: