Home Explore Help
Sign In
yunoadmin
/
bambuddy
mirror of https://github.com/maziggy/bambuddy
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Use defusedxml in test files for Bandit compliance

Replace xml.etree.ElementTree with defusedxml in test files to satisfy
Bandit B314 scanner. While test XML is trusted, using defusedxml
consistently across the codebase prevents CI failures.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
maziggy 3 months ago
parent
85d0b91411
commit
17c8301b4b
2 changed files with 9 additions and 10 deletions
Unified View Show Diff Stats
  1. 8 8
      backend/tests/unit/services/test_archive_service.py
  2. 1 2
      backend/tests/unit/test_plate_object_extraction.py

+ 8 - 8
backend/tests/unit/services/test_archive_service.py
View File 

@@ -221,7 +221,7 @@ class TestPrintableObjectsExtraction:
 
 
 
     def test_extract_printable_objects_from_slice_info(self):
 
     def test_extract_printable_objects_from_slice_info(self):
 
         """Test parsing printable objects from slice_info.config XML."""
 
         """Test parsing printable objects from slice_info.config XML."""
 
-        from xml.etree import ElementTree as ET
 
+        from defusedxml import ElementTree as ET
 
 
 
         # Example slice_info.config content with 4 objects
 
         # Example slice_info.config content with 4 objects
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
@@ -250,7 +250,7 @@ class TestPrintableObjectsExtraction:
 
 
 
     def test_extract_printable_objects_empty_plate(self):
 
     def test_extract_printable_objects_empty_plate(self):
 
         """Test handling plate with no objects."""
 
         """Test handling plate with no objects."""
 
-        from xml.etree import ElementTree as ET
 
+        from defusedxml import ElementTree as ET
 
 
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         <config>
 
         <config>
 
@@ -272,7 +272,7 @@ class TestPrintableObjectsExtraction:
 
 
 
     def test_extract_printable_objects_all_skipped(self):
 
     def test_extract_printable_objects_all_skipped(self):
 
         """Test handling plate where all objects are skipped."""
 
         """Test handling plate where all objects are skipped."""
 
-        from xml.etree import ElementTree as ET
 
+        from defusedxml import ElementTree as ET
 
 
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         <config>
 
         <config>
 
@@ -299,7 +299,7 @@ class TestThreeMFPlateIndexExtraction:
 
 
 
     def test_extract_plate_index_from_slice_info(self):
 
     def test_extract_plate_index_from_slice_info(self):
 
         """Test parsing plate index from slice_info.config metadata."""
 
         """Test parsing plate index from slice_info.config metadata."""
 
-        from xml.etree import ElementTree as ET
 
+        from defusedxml import ElementTree as ET
 
 
 
         # Single-plate export from plate 5 of a multi-plate project
 
         # Single-plate export from plate 5 of a multi-plate project
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
@@ -325,7 +325,7 @@ class TestThreeMFPlateIndexExtraction:
 
 
 
     def test_extract_plate_index_plate_1(self):
 
     def test_extract_plate_index_plate_1(self):
 
         """Test parsing plate index when it's plate 1."""
 
         """Test parsing plate index when it's plate 1."""
 
-        from xml.etree import ElementTree as ET
 
+        from defusedxml import ElementTree as ET
 
 
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         <config>
 
         <config>
 
@@ -402,7 +402,7 @@ class TestThreeMFPlateIndexExtraction:
 
 
 
     def test_high_plate_number_extraction(self):
 
     def test_high_plate_number_extraction(self):
 
         """Test extracting high plate numbers (e.g., plate 28)."""
 
         """Test extracting high plate numbers (e.g., plate 28)."""
 
-        from xml.etree import ElementTree as ET
 
+        from defusedxml import ElementTree as ET
 
 
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         <config>
 
         <config>
 
@@ -433,7 +433,7 @@ class TestMultiPlate3MFParsing:
 
 
 
     def test_parse_multiple_plates_from_slice_info(self):
 
     def test_parse_multiple_plates_from_slice_info(self):
 
         """Test parsing multiple plates from slice_info.config."""
 
         """Test parsing multiple plates from slice_info.config."""
 
-        from xml.etree import ElementTree as ET
 
+        from defusedxml import ElementTree as ET
 
 
 
         # Multi-plate 3MF with 3 plates
 
         # Multi-plate 3MF with 3 plates
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
@@ -510,7 +510,7 @@ class TestMultiPlate3MFParsing:
 
 
 
     def test_filter_filaments_by_plate_id(self):
 
     def test_filter_filaments_by_plate_id(self):
 
         """Test filtering filaments for a specific plate."""
 
         """Test filtering filaments for a specific plate."""
 
-        from xml.etree import ElementTree as ET
 
+        from defusedxml import ElementTree as ET
 
 
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         slice_info_xml = """<?xml version="1.0" encoding="UTF-8"?>
 
         <config>
 
         <config>

+ 1 - 2
backend/tests/unit/test_plate_object_extraction.py
View File 

@@ -1,8 +1,7 @@
 
 """Unit tests for plate object extraction from 3MF model_settings.config."""
 
 """Unit tests for plate object extraction from 3MF model_settings.config."""
 
 
 
-from xml.etree import ElementTree as ET
 
-
 
 import pytest
 
 import pytest
 
+from defusedxml import ElementTree as ET
 
 
 
 
 
 class TestPlateObjectExtraction:
 
 class TestPlateObjectExtraction: