Skip to content

CytoScnPy

Overview

Initializing search

djinn09/CytoScnPy

CytoScnPy

djinn09/CytoScnPy

Overview
User Guide
User Guide
- Overview
- Pre-commit Hooks
Reference
Reference
- CLI Reference
- Quality Rules
  Quality Rules
  - Overview
  - Best Practices
    Best Practices
    
    CSP-L001: Mutable Default Arguments
    
    CSP-L002: Bare Except
    
    CSP-L003: Dangerous Comparison
  - Performance
    Performance
    
    CSP-P001: Membership in List
    
    CSP-P002: File Read Memory Risk
    
    CSP-P003: String Concat in Loop
    
    CSP-P004: Unnecessary Cast
    
    CSP-P005: Regex/ast.parse in Loop
    
    CSP-P006: Attribute Hoisting
    
    CSP-P007: Pure Call Hoisting
    
    CSP-P008: Exception Flow in Loop
    
    CSP-P009: Incorrect Dict Iterator
    
    CSP-P010: Global Usage in Loop
    
    CSP-P011: Memoryview over Bytes
    
    CSP-P012: Tuple over List
    
    CSP-P013: Comprehension Suggestion
    
    CSP-P015: Pandas chunksize
- Migration Guide
Changelog
Roadmap
Security
Security
- Overview
- Dangerous Code Rules
  Dangerous Code Rules
  - Basics & Guidance
    Basics & Guidance
    
    Overview
    
    Modern Python Security
  - Critical Vulnerabilities
    Critical Vulnerabilities
    
    Code Execution
    Code Execution
    
    Overview
    
    CSP-D001: Eval
    
    CSP-D002: Exec
    
    CSP-D003: Command Injection
    
    CSP-D004: Async Command Injection
    
    CSP-D005: Unsafe input() in Python 2
    
    Injection
    Injection
    
    Overview
    
    CSP-D101: SQL Injection
    
    CSP-D102: Raw SQL String Concatenation
    
    CSP-D103: Cross-Site Scripting (XSS)
    
    CSP-D104: Insecure XML Parsing (XXE)
    
    CSP-D105: Use of `mark_safe`
    
    Deserialization
    Deserialization
    
    Overview
    
    CSP-D201: Insecure Deserialization with Pickle
    
    CSP-D202: Unsafe YAML Load
    
    CSP-D203: `marshal.load()`
    
    CSP-D204: ML Model Loading
    
    Open Redirect
    Open Redirect
    
    Overview
    
    CSP-D801: Open Redirect
  - Domain Specific
    Domain Specific
    
    Network & HTTP
    Network & HTTP
    
    Overview
    
    CSP-D401: Insecure Requests (verify=False)
    
    CSP-D402: Server-Side Request Forgery (SSRF)
    
    CSP-D403: Debug Mode in Production
    
    CSP-D404: Hardcoded Binding to 0.0.0.0
    
    CSP-D405: Requests Without Timeout
    
    CSP-D406: Insecure FTP
    
    CSP-D407: HTTPSConnection Without Context
    
    CSP-D408: Unverified SSL Context
    
    CSP-D409: Insecure Telnet
    
    CSP-D410: Insecure URL Opening
    
    CSP-D411: `ssl.wrap_socket` Usage
    
    File Operations
    File Operations
    
    Overview
    
    CSP-D501: Path Traversal
    
    CSP-D502: Insecure Tarfile Extraction
    
    CSP-D503: Insecure Zipfile Extraction
    
    CSP-D504: Insecure Temporary File Creation
    
    CSP-D505: Bad File Permissions
    
    CSP-D506: `os.tempnam`/`os.tmpnam`
    
    Cryptography
    Cryptography
    
    Overview
    
    CSP-D301: Weak Hashing (MD5)
    
    CSP-D302: Weak Hashing (SHA1)
    
    CSP-D304: Insecure Ciphers
    
    CSP-D305: Insecure Cipher Mode
    
    CSP-D311: Weak PRNG
  - Operational & Privacy
    Operational & Privacy
    
    Best Practices
    Best Practices
    
    Overview
    
    CSP-D701: Use of `assert` in Production
    
    CSP-D702: Insecure Module Import
    
    CSP-D703: Disabled Jinja2 Autoescaping
    
    CSP-D704: Blacklisted Function Calls
    
    Privacy
    Privacy
    
    Overview
    
    CSP-D901: Logging of Sensitive Data
    
    CSP-D902: Hardcoded Django `SECRET_KEY`
    
    Type Safety
    Type Safety
    
    Overview
    
    CSP-D601: Method Misuse
    
    Generic
    Generic
    
    Overview
    
    CSP-X001: Generic XSS
Integrations
Blog
Blog
- Blog
- Archive
  Archive
  - 2025
- Categories
  Categories
  - Announcements
Contributing

Filesystem Rules¶

This section details rules related to insecure file system operations.

CSP-D501: Path Traversal
CSP-D502: Insecure Tarfile Extraction
CSP-D503: Insecure Zipfile Extraction
CSP-D504: Insecure Temporary File Creation
CSP-D505: Bad File Permissions
CSP-D506: os.tempnam/os.tmpnam

Made with Material for MkDocs