0

I have a python code like below using ArgParser,

import argparse

parser = argparse.ArgumentParser()

parser.add_argument(
    "-s", "--schema", help="Schema", type=str, required=True
)
parser.add_argument(
    "-c", "--credentials", help="Credentials", type=str, required=True
)

When I run Sonarqube over this, I'm getting the following security hotspot,

Make sure that command line arguments are used safely here

with argparser.

How to fix this?

Sreeram TP
  • 11,346
  • 7
  • 54
  • 108
  • May be [this](https://rules.sonarsource.com/python/type/Security%20Hotspot/RSPEC-4823) will help. – Abdul Niyas P M Feb 03 '21 at 06:36
  • @AbdulNiyasPM - thanks. From this, I understand what that issue is about. But I want to figure out how to ignore that issue which is not given in the doc. – Sreeram TP Feb 03 '21 at 06:41
  • I don't see in the doc either. May be this question [Ignore SonarQube warnings in python](https://stackoverflow.com/questions/37609940/ignore-sonarqube-warnings-in-python) answer your question. – Abdul Niyas P M Feb 03 '21 at 06:51
  • I am also seeing same pattern in [OSS python projects](https://github.com/xenserver/auto-cert-kit/blob/38665707bf82ce3e02ec40c338406a81b543d6b5/autocertkit/ack_cli.py#L66) – Abdul Niyas P M Feb 03 '21 at 06:57

1 Answers1

0

I fixed (suppressed) this issue by following comments by @ Abdul Niyas P M.

import argparse

parser = argparse.ArgumentParser() # NOSONAR

parser.add_argument(
    "-s", "--schema", help="Schema", type=str, required=True
)
parser.add_argument(
    "-c", "--credentials", help="Credentials", type=str, required=True
)

Adding # NOSONAR makes sonarqube to ignore that line for analysis

Sreeram TP
  • 11,346
  • 7
  • 54
  • 108