Skip to content

Code Valor: high-impact violation in ccpp_prebuild code generator #641

New issue
New issue
Closed
Bug
#642
Closed
Code Valor: high-impact violation in ccpp_prebuild code generator#641
Bug
#642
Assignees
climbfuji
Labels
bugFor issues describing bugs, or PRs fixing bugsccpp_prebuildbugs, requests, etc. that involve ccpp_prebuild
@climbfuji

Description

@climbfuji
climbfuji
opened on Feb 4, 2025

Description

Code Valor is being run on the ccpp-prebuild code generator at NRL as we prepare for transition to operations. It found one high-impact violation that must be addressed, namely the use of shell=True in a subprocess.Popen call in prebuild's scripts/common.py.

It turns out that the function that uses it (execute) is only used in one place (when cleaning files) and this can perfectly be substituted with Python os.remove.

Steps to Reproduce

Not possible unless you have access to Code Valor and the NRL configuration for it.

Additional Context

Code Valor high-impact violations must be addressed before transitioning code to operations

Output

n/a

Metadata

Metadata

Assignees

Labels

bugFor issues describing bugs, or PRs fixing bugsccpp_prebuildbugs, requests, etc. that involve ccpp_prebuild

Type

Bug

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions