Metrics:
Total lines of code: 1934
Total lines skipped (#nosec): 0

exec_used: Use of exec detected.
Test ID: B102
Severity: MEDIUM
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/EVAL.py
Line number: 35
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b102_exec_used.html
31	
32	    def EVAL(self, Python, a_bool=None, b_bool=None, a_int=None, b_int=None, a_float=None, b_float=None, a_string=None,
33	             b_string=None, c_string=None):
34	
35	        exec(Python)
36	
37	        return (c_bool, c_int, c_float, d_string, c_Number,)
38
request_without_timeout: Requests call without timeout
Test ID: B113
Severity: MEDIUM
Confidence: LOW
CWE: CWE-400
File: /custom_nodes/NodeGPT/Old/Textnode.py
Line number: 179
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b113_request_without_timeout.html
175	            'early_stopping': self.early_stopping,
176	            'seed': self.seed,
177	        }
178	        payload = json.dumps([self.prompt, params])
179	        response = requests.post(url, headers=headers, json={
180	            "data": [
181	                payload
182	            ]
183	        })
184	        
185	        # Check for errors in API response
186	        if response.status_code != 200:
request_without_timeout: Requests call without timeout
Test ID: B113
Severity: MEDIUM
Confidence: LOW
CWE: CWE-400
File: /custom_nodes/NodeGPT/Old/Textnode.py
Line number: 414
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b113_request_without_timeout.html
410	
411	
412	        payload = json.dumps([prompt, params])
413	
414	        response = requests.post(f"http://{server}:7860/run/textgen", json={
415	            "data": [
416	                payload
417	            ]
418	        }).json()
419	
420	        response_data = response["data"]
421
blacklist: Consider possible security implications associated with the subprocess module.
Test ID: B404
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/__init__.py
Line number: 3
More info: https://bandit.readthedocs.io/en/1.7.9/blacklists/blacklist_imports.html#b404-import-subprocess
1	import importlib
2	import os
3	import subprocess
4	import json
5	
6	
7	base_dir = os.path.dirname(os.path.abspath(__file__))
8
start_process_with_partial_path: Starting a process with a partial executable path
Test ID: B607
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/__init__.py
Line number: 27
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b607_start_process_with_partial_path.html
23	    # Navigate to the NodeGPT directory
24	    os.chdir(base_dir)
25	
26	    # Run the install.bat file
27	    subprocess.run('install.bat', shell=True)
28	
29	    venv_activate = ".\\venv\\Scripts\\activate"
30	    requirements_install = "pip install -r requirements.txt"
subprocess_popen_with_shell_equals_true: subprocess call with shell=True seems safe, but may be changed in the future, consider rewriting without shell
Test ID: B602
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/__init__.py
Line number: 27
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b602_subprocess_popen_with_shell_equals_true.html
23	    # Navigate to the NodeGPT directory
24	    os.chdir(base_dir)
25	
26	    # Run the install.bat file
27	    subprocess.run('install.bat', shell=True)
28	
29	    venv_activate = ".\\venv\\Scripts\\activate"
30	    requirements_install = "pip install -r requirements.txt"
subprocess_popen_with_shell_equals_true: subprocess call with shell=True identified, security issue.
Test ID: B602
Severity: HIGH
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/__init__.py
Line number: 32
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b602_subprocess_popen_with_shell_equals_true.html
28	
29	    venv_activate = ".\\venv\\Scripts\\activate"
30	    requirements_install = "pip install -r requirements.txt"
31	
32	    subprocess.run(f"{venv_activate} && {requirements_install}", shell=True, stdout=subprocess.DEVNULL, stderr=subprocess.STDOUT)
33	
34	def install_package2():
35	    # Navigate to the NodeGPT directory
start_process_with_partial_path: Starting a process with a partial executable path
Test ID: B607
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/__init__.py
Line number: 39
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b607_start_process_with_partial_path.html
35	    # Navigate to the NodeGPT directory
36	    os.chdir(base_dir)
37	
38	    # Run the install.bat file
39	    subprocess.run('install.bat', shell=True)
40	
41	    venv_activate = ".\\venv\\Scripts\\activate"
42	    requirements_install = "pip install -r requirements.txt"
subprocess_popen_with_shell_equals_true: subprocess call with shell=True seems safe, but may be changed in the future, consider rewriting without shell
Test ID: B602
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/__init__.py
Line number: 39
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b602_subprocess_popen_with_shell_equals_true.html
35	    # Navigate to the NodeGPT directory
36	    os.chdir(base_dir)
37	
38	    # Run the install.bat file
39	    subprocess.run('install.bat', shell=True)
40	
41	    venv_activate = ".\\venv\\Scripts\\activate"
42	    requirements_install = "pip install -r requirements.txt"
subprocess_popen_with_shell_equals_true: subprocess call with shell=True identified, security issue.
Test ID: B602
Severity: HIGH
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/__init__.py
Line number: 44
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b602_subprocess_popen_with_shell_equals_true.html
40	
41	    venv_activate = ".\\venv\\Scripts\\activate"
42	    requirements_install = "pip install -r requirements.txt"
43	
44	    subprocess.run(f"{venv_activate} && {requirements_install}", shell=True)
45	
46	def read_config(file_path):
47	    with open(file_path, 'r') as file:
start_process_with_partial_path: Starting a process with a partial executable path
Test ID: B607
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/__init__.py
Line number: 56
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b607_start_process_with_partial_path.html
52	        # Navigate to the repository directory
53	        os.chdir(repo_path)
54	
55	        # Execute 'git pull' command
56	        result = subprocess.run(['git', 'pull'], check=True)#, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
57	        print(result.stdout.decode())
58	
59	    except Exception as e:
subprocess_without_shell_equals_true: subprocess call - check for execution of untrusted input.
Test ID: B603
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/__init__.py
Line number: 56
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b603_subprocess_without_shell_equals_true.html
52	        # Navigate to the repository directory
53	        os.chdir(repo_path)
54	
55	        # Execute 'git pull' command
56	        result = subprocess.run(['git', 'pull'], check=True)#, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
57	        print(result.stdout.decode())
58	
59	    except Exception as e:
blacklist: Consider possible security implications associated with the subprocess module.
Test ID: B404
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/update.py
Line number: 3
More info: https://bandit.readthedocs.io/en/1.7.9/blacklists/blacklist_imports.html#b404-import-subprocess
1	import importlib
2	import os
3	import subprocess
4	
5	base_dir = os.path.dirname(os.path.abspath(__file__))
6	
7	def install_package():
8	    # Navigate to the NodeGPT directory
start_process_with_partial_path: Starting a process with a partial executable path
Test ID: B607
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/update.py
Line number: 12
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b607_start_process_with_partial_path.html
8	    # Navigate to the NodeGPT directory
9	    os.chdir(base_dir)
10	
11	    # Run the install.bat file
12	    subprocess.run('install.bat', shell=True)
13	
14	    venv_activate = ".\\venv\\Scripts\\activate"
15	    requirements_install = "pip install -r requirements.txt"
subprocess_popen_with_shell_equals_true: subprocess call with shell=True seems safe, but may be changed in the future, consider rewriting without shell
Test ID: B602
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/update.py
Line number: 12
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b602_subprocess_popen_with_shell_equals_true.html
8	    # Navigate to the NodeGPT directory
9	    os.chdir(base_dir)
10	
11	    # Run the install.bat file
12	    subprocess.run('install.bat', shell=True)
13	
14	    venv_activate = ".\\venv\\Scripts\\activate"
15	    requirements_install = "pip install -r requirements.txt"
subprocess_popen_with_shell_equals_true: subprocess call with shell=True identified, security issue.
Test ID: B602
Severity: HIGH
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/update.py
Line number: 17
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b602_subprocess_popen_with_shell_equals_true.html
13	
14	    venv_activate = ".\\venv\\Scripts\\activate"
15	    requirements_install = "pip install -r requirements.txt"
16	
17	    subprocess.run(f"{venv_activate} && {requirements_install}", shell=True)#, stdout=subprocess.DEVNULL, stderr=subprocess.STDOUT)
18	
19	def update_repository(repo_path):
20	    try:
start_process_with_partial_path: Starting a process with a partial executable path
Test ID: B607
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/update.py
Line number: 25
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b607_start_process_with_partial_path.html
21	        # Navigate to the repository directory
22	        os.chdir(repo_path)
23	
24	        # Execute 'git pull' command
25	        result = subprocess.run(['git', 'pull'], check=True)#, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
26	        print(result.stdout.decode())
27	
28	    except Exception as e:
subprocess_without_shell_equals_true: subprocess call - check for execution of untrusted input.
Test ID: B603
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/NodeGPT/update.py
Line number: 25
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b603_subprocess_without_shell_equals_true.html
21	        # Navigate to the repository directory
22	        os.chdir(repo_path)
23	
24	        # Execute 'git pull' command
25	        result = subprocess.run(['git', 'pull'], check=True)#, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
26	        print(result.stdout.decode())
27	
28	    except Exception as e: