Skip to content

CWE-460 #962

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 22 commits into from
Sep 3, 2025
Merged

CWE-460 #962

merged 22 commits into from
Sep 3, 2025

Conversation

kets99
Copy link
Contributor

@kets99 kets99 commented Aug 12, 2025

No description provided.

@kets99 kets99 changed the title Create compliant.py worked on docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460 Aug 12, 2025
@kets99
Update README.md
73e1102 
Signed-off-by: Ketki <[email protected]>
@kets99 kets99 changed the title worked on docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460 CWE-460 Aug 13, 2025
BartKaras1128
BartKaras1128 suggested changes Aug 14, 2025
View reviewed changes
Copy link
Contributor

@BartKaras1128 BartKaras1128 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very interesting code example! My comments are mostly cosmetic.
Thanks for the contribution!

docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/README.md Outdated

# CWE-460: Improper Cleanup on Thrown Exception

The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We usually make the first sentence something like:

Ensure that your code fully and correctly cleans up its state whenever an exception occurs to avoid unexpected state or control flow.

Rather than taking the actual CWE description. We have plans to change the naming of the rulesets in the future in order to avoid this confusion, but for now, I'd change the first sentence to be "always do this" or "never do this"

@kets99
Copy link
Contributor Author

kets99 commented Aug 15, 2025

hi @BartKaras1128 thank you so much for the feedback! i will keep it in mind when submitting other PRs! =)

kets99 and others added 12 commits August 16, 2025 00:58
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/noncomplia…
08fbbd6 
…nt.py

Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/README.md
7cbeb84 
Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/compliant.py
1e3b2b8 
Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/README.md
28481ac 
Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/README.md
ca47af4 
Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/README.md
f290377 
Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/README.md
4941976 
Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/README.md
d7e18de 
Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/README.md
80a4e94 
Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/README.md
de75910 
Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99 @BartKaras1128
Update docs/Secure-Coding-Guide-for-Python/CWE-664/CWE-460/README.md
9fe869b 
Co-authored-by: Bartlomiej Karas <[email protected]>
Signed-off-by: Ketki <[email protected]>
@kets99
Update README.md
abb9040 
Signed-off-by: Ketki <[email protected]>
@gkunz
Copy link
Contributor

gkunz commented Aug 25, 2025

Hi @kets99! Thanks for the PR and sorry for missing to kick-off the linter (which does not run automatically for new contributors). It found some minor syntax issues. Can you address them? You'll find the log here: https://github.com/ossf/wg-best-practices-os-developers/actions/runs/16997777562/job/48808825760?pr=962

If you need any support, please let me know!

gkunz
gkunz approved these changes Sep 3, 2025
View reviewed changes
Copy link
Contributor

@gkunz gkunz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you! Looks good to me.

@gkunz gkunz merged commit 8355298 into ossf:main Sep 3, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gkunz gkunz gkunz approved these changes

+1 more reviewer

@BartKaras1128 BartKaras1128 BartKaras1128 approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
Product: Python Hardening Guide
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kets99 @gkunz @BartKaras1128