The following issues were found
tests/test_tutorial/test_metadata/test_tutorial004.py
7 issues
Line: 1
Column: 1
from fastapi.testclient import TestClient
from docs_src.metadata.tutorial004 import app
client = TestClient(app)
openapi_schema = {
"openapi": "3.0.2",
"info": {"title": "FastAPI", "version": "0.1.0"},
Reported by Pylint.
Line: 55
Column: 1
}
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
Reported by Pylint.
Line: 57
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_path_operations():
response = client.get("/items/")
Reported by Bandit.
Line: 58
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_path_operations():
response = client.get("/items/")
assert response.status_code == 200, response.text
Reported by Bandit.
Line: 61
Column: 1
assert response.json() == openapi_schema
def test_path_operations():
response = client.get("/items/")
assert response.status_code == 200, response.text
response = client.get("/users/")
assert response.status_code == 200, response.text
Reported by Pylint.
Line: 63
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_path_operations():
response = client.get("/items/")
assert response.status_code == 200, response.text
response = client.get("/users/")
assert response.status_code == 200, response.text
Reported by Bandit.
Line: 65
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
response = client.get("/items/")
assert response.status_code == 200, response.text
response = client.get("/users/")
assert response.status_code == 200, response.text
Reported by Bandit.
tests/test_tutorial/test_path_operation_advanced_configurations/test_tutorial001.py
7 issues
Line: 1
Column: 1
from fastapi.testclient import TestClient
from docs_src.path_operation_advanced_configuration.tutorial001 import app
client = TestClient(app)
openapi_schema = {
"openapi": "3.0.2",
"info": {"title": "FastAPI", "version": "0.1.0"},
Reported by Pylint.
Line: 27
Column: 1
}
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
Reported by Pylint.
Line: 29
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_get():
response = client.get("/items/")
Reported by Bandit.
Line: 30
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
Reported by Bandit.
Line: 33
Column: 1
assert response.json() == openapi_schema
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
assert response.json() == [{"item_id": "Foo"}]
Reported by Pylint.
Line: 35
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
assert response.json() == [{"item_id": "Foo"}]
Reported by Bandit.
Line: 36
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
assert response.json() == [{"item_id": "Foo"}]
Reported by Bandit.
tests/test_tutorial/test_path_operation_advanced_configurations/test_tutorial002.py
7 issues
Line: 1
Column: 1
from fastapi.testclient import TestClient
from docs_src.path_operation_advanced_configuration.tutorial002 import app
client = TestClient(app)
openapi_schema = {
"openapi": "3.0.2",
"info": {"title": "FastAPI", "version": "0.1.0"},
Reported by Pylint.
Line: 27
Column: 1
}
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
Reported by Pylint.
Line: 29
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_get():
response = client.get("/items/")
Reported by Bandit.
Line: 30
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
Reported by Bandit.
Line: 33
Column: 1
assert response.json() == openapi_schema
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
assert response.json() == [{"item_id": "Foo"}]
Reported by Pylint.
Line: 35
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
assert response.json() == [{"item_id": "Foo"}]
Reported by Bandit.
Line: 36
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
assert response.json() == [{"item_id": "Foo"}]
Reported by Bandit.
tests/test_tutorial/test_path_operation_advanced_configurations/test_tutorial003.py
7 issues
Line: 1
Column: 1
from fastapi.testclient import TestClient
from docs_src.path_operation_advanced_configuration.tutorial003 import app
client = TestClient(app)
openapi_schema = {
"openapi": "3.0.2",
"info": {"title": "FastAPI", "version": "0.1.0"},
Reported by Pylint.
Line: 14
Column: 1
}
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
Reported by Pylint.
Line: 16
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_get():
response = client.get("/items/")
Reported by Bandit.
Line: 17
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
Reported by Bandit.
Line: 20
Column: 1
assert response.json() == openapi_schema
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
assert response.json() == [{"item_id": "Foo"}]
Reported by Pylint.
Line: 22
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
assert response.json() == [{"item_id": "Foo"}]
Reported by Bandit.
Line: 23
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_get():
response = client.get("/items/")
assert response.status_code == 200, response.text
assert response.json() == [{"item_id": "Foo"}]
Reported by Bandit.
tests/test_tutorial/test_path_operation_advanced_configurations/test_tutorial006.py
7 issues
Line: 1
Column: 1
from fastapi.testclient import TestClient
from docs_src.path_operation_advanced_configuration.tutorial006 import app
client = TestClient(app)
openapi_schema = {
"openapi": "3.0.2",
"info": {"title": "FastAPI", "version": "0.1.0"},
Reported by Pylint.
Line: 43
Column: 1
}
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
Reported by Pylint.
Line: 45
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_post():
response = client.post("/items/", data=b"this is actually not validated")
Reported by Bandit.
Line: 46
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_post():
response = client.post("/items/", data=b"this is actually not validated")
assert response.status_code == 200, response.text
Reported by Bandit.
Line: 49
Column: 1
assert response.json() == openapi_schema
def test_post():
response = client.post("/items/", data=b"this is actually not validated")
assert response.status_code == 200, response.text
assert response.json() == {
"size": 30,
"content": {
Reported by Pylint.
Line: 51
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_post():
response = client.post("/items/", data=b"this is actually not validated")
assert response.status_code == 200, response.text
assert response.json() == {
"size": 30,
"content": {
"name": "Maaaagic",
"price": 42,
Reported by Bandit.
Line: 52
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_post():
response = client.post("/items/", data=b"this is actually not validated")
assert response.status_code == 200, response.text
assert response.json() == {
"size": 30,
"content": {
"name": "Maaaagic",
"price": 42,
"description": "Just kiddin', no magic here. ✨",
Reported by Bandit.
tests/test_tutorial/test_response_model/test_tutorial003.py
7 issues
Line: 1
Column: 1
from fastapi.testclient import TestClient
from docs_src.response_model.tutorial003 import app
client = TestClient(app)
openapi_schema = {
"openapi": "3.0.2",
"info": {"title": "FastAPI", "version": "0.1.0"},
Reported by Pylint.
Line: 99
Column: 1
}
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
Reported by Pylint.
Line: 101
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_post_user():
response = client.post(
Reported by Bandit.
Line: 102
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
def test_post_user():
response = client.post(
"/user/",
Reported by Bandit.
Line: 105
Column: 1
assert response.json() == openapi_schema
def test_post_user():
response = client.post(
"/user/",
json={
"username": "foo",
"password": "fighter",
Reported by Pylint.
Line: 115
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
"full_name": "Grave Dohl",
},
)
assert response.status_code == 200, response.text
assert response.json() == {
"username": "foo",
"email": "foo@example.com",
"full_name": "Grave Dohl",
}
Reported by Bandit.
Line: 116
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
},
)
assert response.status_code == 200, response.text
assert response.json() == {
"username": "foo",
"email": "foo@example.com",
"full_name": "Grave Dohl",
}
Reported by Bandit.
tests/test_tutorial/test_schema_extra_example/test_tutorial004.py
7 issues
Line: 1
Column: 1
from fastapi.testclient import TestClient
from docs_src.schema_extra_example.tutorial004 import app
client = TestClient(app)
openapi_schema = {
"openapi": "3.0.2",
"info": {"title": "FastAPI", "version": "0.1.0"},
Reported by Pylint.
Line: 40
Column: 1
},
"converted": {
"summary": "An example with converted data",
"description": "FastAPI can convert price `strings` to actual `numbers` automatically",
"value": {"name": "Bar", "price": "35.4"},
},
"invalid": {
"summary": "Invalid data is rejected with an error",
"value": {
Reported by Pylint.
Line: 117
Column: 1
}
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
Reported by Pylint.
Line: 119
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
# Test required and embedded body parameters with no bodies sent
def test_post_body_example():
Reported by Bandit.
Line: 120
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_openapi_schema():
response = client.get("/openapi.json")
assert response.status_code == 200, response.text
assert response.json() == openapi_schema
# Test required and embedded body parameters with no bodies sent
def test_post_body_example():
response = client.put(
Reported by Bandit.
Line: 124
Column: 1
# Test required and embedded body parameters with no bodies sent
def test_post_body_example():
response = client.put(
"/items/5",
json={
"name": "Foo",
"description": "A very nice Item",
Reported by Pylint.
Line: 134
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
"tax": 3.2,
},
)
assert response.status_code == 200
Reported by Bandit.
tests/test_tutorial/test_templates/test_tutorial001.py
7 issues
Line: 1
Column: 1
import os
import shutil
from fastapi.testclient import TestClient
def test_main():
if os.path.isdir("./static"): # pragma: nocover
shutil.rmtree("./static")
Reported by Pylint.
Line: 7
Column: 1
from fastapi.testclient import TestClient
def test_main():
if os.path.isdir("./static"): # pragma: nocover
shutil.rmtree("./static")
if os.path.isdir("./templates"): # pragma: nocover
shutil.rmtree("./templates")
shutil.copytree("./docs_src/templates/templates/", "./templates")
Reported by Pylint.
Line: 14
Column: 5
shutil.rmtree("./templates")
shutil.copytree("./docs_src/templates/templates/", "./templates")
shutil.copytree("./docs_src/templates/static/", "./static")
from docs_src.templates.tutorial001 import app
client = TestClient(app)
response = client.get("/items/foo")
assert response.status_code == 200, response.text
assert b"<h1>Item ID: foo</h1>" in response.content
Reported by Pylint.
Line: 18
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
client = TestClient(app)
response = client.get("/items/foo")
assert response.status_code == 200, response.text
assert b"<h1>Item ID: foo</h1>" in response.content
response = client.get("/static/styles.css")
assert response.status_code == 200, response.text
assert b"color: green;" in response.content
shutil.rmtree("./templates")
Reported by Bandit.
Line: 19
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
client = TestClient(app)
response = client.get("/items/foo")
assert response.status_code == 200, response.text
assert b"<h1>Item ID: foo</h1>" in response.content
response = client.get("/static/styles.css")
assert response.status_code == 200, response.text
assert b"color: green;" in response.content
shutil.rmtree("./templates")
shutil.rmtree("./static")
Reported by Bandit.
Line: 21
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
assert response.status_code == 200, response.text
assert b"<h1>Item ID: foo</h1>" in response.content
response = client.get("/static/styles.css")
assert response.status_code == 200, response.text
assert b"color: green;" in response.content
shutil.rmtree("./templates")
shutil.rmtree("./static")
Reported by Bandit.
Line: 22
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
assert b"<h1>Item ID: foo</h1>" in response.content
response = client.get("/static/styles.css")
assert response.status_code == 200, response.text
assert b"color: green;" in response.content
shutil.rmtree("./templates")
shutil.rmtree("./static")
Reported by Bandit.
tests/test_tutorial/test_wsgi/test_tutorial001.py
7 issues
Line: 1
Column: 1
from fastapi.testclient import TestClient
from docs_src.wsgi.tutorial001 import app
client = TestClient(app)
def test_flask():
response = client.get("/v1/")
Reported by Pylint.
Line: 8
Column: 1
client = TestClient(app)
def test_flask():
response = client.get("/v1/")
assert response.status_code == 200, response.text
assert response.text == "Hello, World from Flask!"
Reported by Pylint.
Line: 10
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_flask():
response = client.get("/v1/")
assert response.status_code == 200, response.text
assert response.text == "Hello, World from Flask!"
def test_app():
response = client.get("/v2")
Reported by Bandit.
Line: 11
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_flask():
response = client.get("/v1/")
assert response.status_code == 200, response.text
assert response.text == "Hello, World from Flask!"
def test_app():
response = client.get("/v2")
assert response.status_code == 200, response.text
Reported by Bandit.
Line: 14
Column: 1
assert response.text == "Hello, World from Flask!"
def test_app():
response = client.get("/v2")
assert response.status_code == 200, response.text
assert response.json() == {"message": "Hello World"}
Reported by Pylint.
Line: 16
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_app():
response = client.get("/v2")
assert response.status_code == 200, response.text
assert response.json() == {"message": "Hello World"}
Reported by Bandit.
Line: 17
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def test_app():
response = client.get("/v2")
assert response.status_code == 200, response.text
assert response.json() == {"message": "Hello World"}
Reported by Bandit.
docs_src/bigger_applications/app/dependencies.py
6 issues
Line: 1
Column: 1
from fastapi import Header, HTTPException
async def get_token_header(x_token: str = Header(...)):
if x_token != "fake-super-secret-token":
raise HTTPException(status_code=400, detail="X-Token header invalid")
async def get_query_token(token: str):
Reported by Pylint.
Line: 1
Column: 1
from fastapi import Header, HTTPException
async def get_token_header(x_token: str = Header(...)):
if x_token != "fake-super-secret-token":
raise HTTPException(status_code=400, detail="X-Token header invalid")
async def get_query_token(token: str):
Reported by Pylint.
Line: 4
Column: 1
from fastapi import Header, HTTPException
async def get_token_header(x_token: str = Header(...)):
if x_token != "fake-super-secret-token":
raise HTTPException(status_code=400, detail="X-Token header invalid")
async def get_query_token(token: str):
Reported by Pylint.
Line: 5
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
async def get_token_header(x_token: str = Header(...)):
if x_token != "fake-super-secret-token":
raise HTTPException(status_code=400, detail="X-Token header invalid")
async def get_query_token(token: str):
if token != "jessica":
Reported by Bandit.
Line: 9
Column: 1
raise HTTPException(status_code=400, detail="X-Token header invalid")
async def get_query_token(token: str):
if token != "jessica":
raise HTTPException(status_code=400, detail="No Jessica token provided")
Reported by Pylint.
Line: 10
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
async def get_query_token(token: str):
if token != "jessica":
raise HTTPException(status_code=400, detail="No Jessica token provided")
Reported by Bandit.