pandera
v0.29.0A light-weight and flexible data validation and testing tool for statistical data objects.
54
Total
1
Critical
22
High
31
Medium
Findings
unknownEnvironment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
93:
94: # Environments
>>> 95: .env
96: .venv
97: env/Report false positiveDecoded base64 content: �B���r�hv�vW�
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: v�,��.�ǿ�SD�TL�F
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveSubprocess execution
Detected by automated pattern matching (rule SC-001) with medium confidence. May be a false positive.
340: .strip()
341: )
>>> 342: except subprocess.CalledProcessError:
343: tag = None
344: Report false positiveDecoded base64 content: ��?z�j�^��(���
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: )mz���'��Z�*'Y��x,
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: )mz���'��Z�*'Y��x,
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: Y��x����v�vW�
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: ��ޟ�-i�^���z��q��zw�jם���u��
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: ��ޟ�-i�^���z��q��zw�jם���u��
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: ��}�t�ǚ��Zݭxk�����}�4�w��]�M8}�ߝ:�N�_t
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: �B���r�hv�vW�
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: �B���r�hv�vW�
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: �B���r�hv�vW�
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: ��ޭ��{����Z�֬
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveSubprocess execution
Detected by automated pattern matching (rule SC-001) with medium confidence. May be a false positive.
19: """Transient app server for testing."""
20: # pylint: disable=consider-using-with
>>> 21: process = subprocess.Popen(
22: ["uvicorn", "tests.fastapi.app:app", "--port", "8000"],
23: stdout=subprocess.PIPE,Report false positiveDynamic code execution via exec()
Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.
1409: local_dict = {}
1410: # pylint: disable=exec-used
>>> 1411: exec(script, globals(), local_dict)
1412:
1413: schema = local_dict["schema"]Report false positiveDynamic code execution via exec()
Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.
1419: schema_to_write.to_script(Path(f.name))
1420: # pylint: disable=exec-used
>>> 1421: exec(f.read(), globals(), local_dict)
1422: schema = local_dict["schema"]
1423: assert schema == schema_to_writeReport false positiveDecoded base64 content: u�]u�]u�]u�]u�]u�]u�]u�]u�]u�]u�]u�]u�]
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveDecoded base64 content: u�]u�]u�]u�]u�]u�]u�]u�]u�]u�]u�]u�]
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positiveSubprocess execution
Detected by automated pattern matching (rule SC-001) with medium confidence. May be a false positive.
66: )
67: cache_dir = str(test_module_dir / ".mypy_cache" / "test-mypy-default")
>>> 68: subprocess.run(
69: [
70: sys.executable,Report false positiveSubprocess execution
Detected by automated pattern matching (rule SC-001) with medium confidence. May be a false positive.
221: ]
222: # pylint: disable=subprocess-run-check
>>> 223: result = subprocess.run(commands, text=True)
224: # NOTE: mypy return code is 0 if no errors were found, 1 if errors were found
225: # or 2 if there was a failure in checkingReport false positiveDynamic code execution via exec()
Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.
14: different Operating Systems."""
15: # pylint: disable=W0122
>>> 16: exec(conf.doctest_global_setup)
17:
18: max_cols_after_being_set = pd.options.display.max_columnsReport false positiveHigh-entropy string (4.6 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.7 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.7 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.5 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.6 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.8 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.8 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positivePossible Base64-encoded payload (long encoded string)
Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.
1956: {
1957: "check": "str_length(3, 80)",
>>> 1958: "failure_case": "dddddddddddddddddddddddddddddddddddddddddddddddddddd"
1959: "dddddddddddddddddddddddddddddddddddddddddddddddd",
1960: },Report false positivePossible Base64-encoded payload (long encoded string)
Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.
62: def __class_getitem__(cls, item):
63: """Define this to override the patch that pyspark.pandas performs on pandas.
>>> 64: https://github.com/apache/spark/blob/master/python/pyspark/pandas/__init__.py#L124-L144
65: """
66: _type_check(item, "Parameters to generic types must be types.")Report false positiveHigh-entropy string (4.5 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.6 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.6 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positivePossible Base64-encoded payload (long encoded string)
Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.
135: def __class_getitem__(cls, item):
136: """Define this to override the patch that pyspark.pandas performs on pandas.
>>> 137: https://github.com/apache/spark/blob/master/python/pyspark/pandas/__init__.py#L124-L144
138: """
139: _type_check(item, "Parameters to generic types must be types.")Report false positivePossible Base64-encoded payload (long encoded string)
Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.
156: def __class_getitem__(cls, item):
157: """Define this to override the patch that pyspark.pandas performs on pandas.
>>> 158: https://github.com/apache/spark/blob/master/python/pyspark/pandas/__init__.py#L124-L144
159: """
160: _type_check(item, "Parameters to generic types must be types.")Report false positiveHigh-entropy string (4.5 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.5 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (5.0 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.5 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.7 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveSocket/database connection to literal address
Detected by automated pattern matching (rule NS-005) with medium confidence. May be a false positive.
457: add_docsearch_config(app)
458:
>>> 459: app.connect("config-inited", add_docsearch_assets)Report false positiveHigh-entropy string (5.1 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.8 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.7 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.5 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positivePython requests library HTTP call
Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.
31: for _ in range(20):
32: try:
>>> 33: requests.post("http://127.0.0.1:8000/")
34: break
35: except Exception: # pylint: disable=broad-exceptReport false positivePython requests library HTTP call
Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.
41: data = {"name": "Book", "value": 10, "description": "Hello"}
42: for _ in range(10):
>>> 43: response = requests.post("http://127.0.0.1:8000/items/", json=data)
44: if response.status_code != 200:
45: time.sleep(3.0)Report false positivePython requests library HTTP call
Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.
50: """Happy path test with pandera type endpoint type annotation."""
51: data = {"id": [1], "cost": [10.99]}
>>> 52: response = requests.post(
53: "http://127.0.0.1:8000/transactions/",
54: json=data,Report false positivePython requests library HTTP call
Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.
71: buf.seek(0)
72:
>>> 73: response = requests.post(
74: "http://127.0.0.1:8000/file/", files={"file": buf}
75: )Report false positivePossible Base64-encoded payload (long encoded string)
Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.
520: "vscode": {
521: "interpreter": {
>>> 522: "hash": "6bbffad058ea4c1a3a14a7a497e5fe0053e4f65d400b1604fe633506406cf190"
523: }
524: }Report false positiveHigh-entropy string (4.6 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveHigh-entropy string (4.6 bits/char) — possible encoded payload
Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.
Report false positiveScan History
| Date | Risk | Findings | Files | Duration |
|---|---|---|---|---|
| Feb 27, 2026 | critical | 54 | 368 | 0.00s |
| Feb 25, 2026 | critical | 54 | 368 | 0.00s |
| Feb 23, 2026 | critical | 54 | 368 | 0.00s |