Close Open Privacy Scan

bolt Snapshot: commit e825f67
science engine v2
schedule 2026-07-05T02:34:31.231204+00:00

verified_user No application data leak found

No high-confidence exfiltration was found in application code. Dependency data flows are listed separately and do not affect this verdict.

App Privacy Score

87 /100
Low privacy risk

Low risk · 791 finding(s)

Dependency score: 52 (Medium risk)

bar_chart Score Breakdown

egress −10
env_fs −3

list Scan Summary

1 high 1 medium 789 low
First-party packages: 1
Dependency packages: 12
Ecosystem: python

swap_horiz Application data flows

No application data flows were found. See dependency data flows below.

hub Dependency data flows (1)
high mcp dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:433 pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:452

</> First-Party Code

first-party (python)

python first-party
expand_more 34 low-confidence finding(s)
low env_fs production #fd5eaa38885e1a70 Environment-variable access.
repo/agent_reach/backends/opencli.py:49
    local_app_data = os.environ.get("LOCALAPPDATA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #edc5341167f8bac4 Hardcoded external endpoint. Review what data is sent to this destination.
repo/agent_reach/channels/bilibili.py:26
    req = urllib.request.Request(_SEARCH_API, headers={"User-Agent": _UA})

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #d26e6214d187bfaa Environment-variable access.
repo/agent_reach/channels/xiaoyuzhou.py:48
        has_key = bool(os.environ.get("GROQ_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #ac40d6c08fbc7476 Hardcoded external endpoint. Review what data is sent to this destination.
repo/agent_reach/channels/xueqiu.py:126
    req = urllib.request.Request(_XUEQIU_HOME, headers={"User-Agent": _UA})

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #b98fda95c6d7c0ab Environment-variable access.
repo/agent_reach/cli.py:29
    if os.environ.get("PYTEST_CURRENT_TEST"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #041e3d68a9ecb644 Environment-variable access.
repo/agent_reach/cli.py:367
            os.environ.get("AGENT_REACH_LANG", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #769a57798ff7b8d4 Environment-variable access.
repo/agent_reach/cli.py:368
            os.environ.get("LC_ALL", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #78e4d94a4d524a33 Environment-variable access.
repo/agent_reach/cli.py:369
            os.environ.get("LC_MESSAGES", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3d2d0c7f6d3fe2f1 Environment-variable access.
repo/agent_reach/cli.py:370
            os.environ.get("LANG", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #201b74569adbd1af Filesystem access.
repo/agent_reach/cli.py:379
            return skill_pkg.joinpath(resource_name).read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4919b8a8e84833fa Filesystem access.
repo/agent_reach/cli.py:381
            return skill_pkg.joinpath("SKILL.md").read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #51acd8d67be2c33d Filesystem access.
repo/agent_reach/cli.py:407
            with open(os.path.join(target, "SKILL.md"), "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1b7b03368476bd32 Filesystem access.
repo/agent_reach/cli.py:418
                    content = ref_file.read_text(encoding="utf-8") if hasattr(ref_file, 'read_text') else ref_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9bc7aa746f663cc5 Filesystem access.
repo/agent_reach/cli.py:419
                    with open(os.path.join(refs_target, name), "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #caa055fad98ab52f Environment-variable access.
repo/agent_reach/cli.py:435
    openclaw_home = os.environ.get("OPENCLAW_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5067ee7e159008f Environment-variable access.
repo/agent_reach/cli.py:477
    openclaw_home = os.environ.get("OPENCLAW_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #644bf8a674f9d291 Filesystem access.
repo/agent_reach/cli.py:564
                with open(list_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb21abf0fd5136d4 Filesystem access.
repo/agent_reach/cli.py:641
            with open(ytdlp_config, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a97d7e44a83dff90 Filesystem access.
repo/agent_reach/cli.py:648
                with open(ytdlp_config, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #65e9cff4bd3a0595 Environment-variable access.
repo/agent_reach/cli.py:694
    has_key = bool(os.environ.get("GROQ_API_KEY")) or bool(config.get("groq_api_key"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bcfd1d84a63217ae Environment-variable access.
repo/agent_reach/cli.py:985
    if os.environ.get("SSH_CONNECTION") or os.environ.get("SSH_CLIENT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e9a8fceb6222112a Environment-variable access.
repo/agent_reach/cli.py:993
    if not os.environ.get("DISPLAY") and not os.environ.get("WAYLAND_DISPLAY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff017914d3cdbfd8 Filesystem access.
repo/agent_reach/cli.py:1000
                with open(cloud_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ce3aa138d38b292 Environment-variable access.
repo/agent_reach/cli.py:1093
                    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d8711e0a5d54f07 Filesystem access.
repo/agent_reach/cli.py:1148
        Path(args.output).write_text(text + "\n", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c2ec8cead06847f9 Filesystem access.
repo/agent_reach/cli.py:1281
            with open(cookie_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2de4b9e73253177d Filesystem access.
repo/agent_reach/config.py:46
            with open(self.config_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cf35a684aac55629 Filesystem access.
repo/agent_reach/config.py:70
            with open(self.config_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #da926b01861fd74f Environment-variable access.
repo/agent_reach/config.py:81
        env_val = os.environ.get(key.upper())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d65272bda405bf70 Filesystem access.
repo/agent_reach/cookie_extract.py:170
        handle = open(path, "w", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7feeb82e811b9b7d Filesystem access.
repo/agent_reach/cookie_extract.py:190
                with open(session_path, "r", encoding="utf-8") as sf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #89a25b9f614d3dc6 Environment-variable access.
repo/agent_reach/utils/paths.py:23
        appdata = os.environ.get("APPDATA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c4519c08987531c Environment-variable access.
repo/agent_reach/utils/process.py:16
    env = dict(base or os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c38ad68d47124354 Filesystem access.
repo/agent_reach/utils/text.py:14
    return target.read_text(encoding="utf-8", errors="replace")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

</> Dependencies

mcp

python dependency
high pii_flow dependency Excluded from app score #1da2f98c31292ebc User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:452 · flow /tmp/closeopen-5e76zij8/pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:433 → /tmp/closeopen-5e76zij8/pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:452
        return httpx.Request("POST", token_url, data=refresh_data, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 31 low-confidence finding(s)
low env_fs dependency Excluded from app score #b8f3b20181e913d7 Environment-variable access.
pkgs/python/[email protected]/.github/actions/conformance/client.py:72
    context_json = os.environ.get("MCP_CONFORMANCE_CONTEXT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5cb303950fbd61ee Environment-variable access.
pkgs/python/[email protected]/.github/actions/conformance/client.py:281
    context_json = os.environ.get("MCP_CONFORMANCE_CONTEXT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c4239d2e01288be Environment-variable access.
pkgs/python/[email protected]/.github/actions/conformance/client.py:349
    scenario = os.environ.get("MCP_CONFORMANCE_SCENARIO")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ab81c2a549a0d3d4 Environment-variable access.
pkgs/python/[email protected]/examples/clients/conformance-auth-client/mcp_conformance_auth_client/__init__.py:50
    context_json = os.environ.get("MCP_CONFORMANCE_CONTEXT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #bf5e4f86e748af57 Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-auth-client/mcp_simple_auth_client/main.py:343
    server_url = os.getenv("MCP_SERVER_PORT", 8000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a1b0c90d1e2e12fe Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-auth-client/mcp_simple_auth_client/main.py:344
    transport_type = os.getenv("MCP_TRANSPORT_TYPE", "streamable-http")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8fb0c1c2c2758056 Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-auth-client/mcp_simple_auth_client/main.py:345
    client_metadata_url = os.getenv("MCP_CLIENT_METADATA_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3b732dc108eb1247 Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-chatbot/mcp_simple_chatbot/main.py:24
        self.api_key = os.getenv("LLM_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #145a096a1a940400 Filesystem access.
pkgs/python/[email protected]/examples/clients/simple-chatbot/mcp_simple_chatbot/main.py:45
        with open(file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a48f1ee4449a4f28 Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-chatbot/mcp_simple_chatbot/main.py:83
            env={**os.environ, **self.config["env"]} if self.config.get("env") else None,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2a4644eee8fc674e Filesystem access.
pkgs/python/[email protected]/examples/fastmcp/icons_demo.py:14
icon_data = base64.standard_b64encode(icon_path.read_bytes()).decode()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #dea7cb8fef8209ea Environment-variable access.
pkgs/python/[email protected]/examples/fastmcp/memory.py:52
PROFILE_DIR = (Path.home() / ".fastmcp" / os.environ.get("USER", "anon") / "memory").resolve()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #435aee118ef6469b Environment-variable access.
pkgs/python/[email protected]/examples/snippets/clients/completion_client.py:17
    env={"UV_INDEX": os.environ.get("UV_INDEX", "")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b9e181bad5c4a5f4 Environment-variable access.
pkgs/python/[email protected]/examples/snippets/clients/display_utilities.py:17
    env={"UV_INDEX": os.environ.get("UV_INDEX", "")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2c2e0659ba7799fd Environment-variable access.
pkgs/python/[email protected]/examples/snippets/clients/stdio_client.py:19
    env={"UV_INDEX": os.environ.get("UV_INDEX", "")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #30f885e7410597ba Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/binary_resources.py:9
    with open("logo.png", "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #794b6731e8741edc Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/embedded_resource_results.py:10
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #894e406ea06976aa Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/embedded_resource_results_binary.py:12
    with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3830f2f52af8a0d1 Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/prompt_embedded_resources.py:11
    file_content = open(filename).read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a810600e4e117c88 Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/tool_errors.py:27
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f28a2412d6ed8f3c Filesystem access.
pkgs/python/[email protected]/scripts/update_doc_snippets.py:53
        code = file.read_text().rstrip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #fb75b23b4cf79d64 Filesystem access.
pkgs/python/[email protected]/scripts/update_doc_snippets.py:109
    content = doc_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b020b2b475403cb0 Filesystem access.
pkgs/python/[email protected]/scripts/update_doc_snippets.py:134
            doc_path.write_text(updated_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18b93e440ef7b93e Environment-variable access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:24
        path = Path(os.environ.get("XDG_CONFIG_HOME", Path.home() / ".config"), "Claude")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #136f15d477674899 Filesystem access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:77
            config_file.write_text("{}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3af47b3297054685 Filesystem access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:88
        config = json.loads(config_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65e4fae921950009 Filesystem access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:135
        config_file.write_text(json.dumps(config, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8fc5835c7fbc2245 Environment-variable access.
pkgs/python/[email protected]/src/mcp/cli/cli.py:282
            env=dict(os.environ.items()),  # Convert to list of tuples for env update

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #111b3baaf89ebe4f Environment-variable access.
pkgs/python/[email protected]/src/mcp/client/stdio/__init__.py:59
        value = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18c2ab15528066ec Filesystem access.
pkgs/python/[email protected]/src/mcp/server/fastmcp/utilities/types.py:47
            with open(self.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00fdffb405a20e33 Filesystem access.
pkgs/python/[email protected]/src/mcp/server/fastmcp/utilities/types.py:94
            with open(self.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

rich

python dependency
medium telemetry dependency Excluded from app score #d0b1603f90ed750e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/rich/progress.py:173
        yield from progress.track(
            sequence,
            total=total,
            completed=completed,
            description=description,
            update_period=update_period,
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 22 low-confidence finding(s)
low env_fs dependency Excluded from app score #b19098114dede229 Environment-variable access.
pkgs/python/[email protected]/rich/_unicode_data/__init__.py:67
        unicode_version = os.environ.get("UNICODE_VERSION", "latest")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f3e5c8244e99ac5 Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:441
        self.write_text(text)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e55460ff9b4d92ef Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:612
    term.write_text("went back and wrapped to prev line")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3346fbfe9cf9192 Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:615
    term.write_text("we go up")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63386cb094f48b4a Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:618
    term.write_text("and down")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ac9592df094e7db Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:623
    term.write_text("we went up and back 2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eba6cb0d3ce1d539 Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:628
    term.write_text("we went down and back 2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a198e349b2fe34ea Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:636
    term.write_text("The red arrow shows the cursor location, and direction of erase")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a7ff39433575ca9 Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:646
    term.write_text("The red arrow shows the cursor location, and direction of erase")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3b26189945409958 Filesystem access.
pkgs/python/[email protected]/rich/_windows_renderer.py:19
                term.write_text(text)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #007245b70e958d0d Filesystem access.
pkgs/python/[email protected]/rich/_windows_renderer.py:28
                    term.write_text("\r")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc53ce94d83fee9e Environment-variable access.
pkgs/python/[email protected]/rich/console.py:515
        or os.getenv("DATABRICKS_RUNTIME_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e095666c939d7a89 Environment-variable access.
pkgs/python/[email protected]/rich/console.py:617
    _environ: Mapping[str, str] = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbd5e7af4e198d2a Filesystem access.
pkgs/python/[email protected]/rich/console.py:2241
        with open(path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3da5de6ddefe153c Filesystem access.
pkgs/python/[email protected]/rich/console.py:2349
        with open(path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c98747a92e0bf10 Filesystem access.
pkgs/python/[email protected]/rich/console.py:2641
        with open(path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18114fb099da2a1f Environment-variable access.
pkgs/python/[email protected]/rich/diagnose.py:32
    env = {name: os.getenv(name) for name in env_names}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ef8534fdfb82d74 Filesystem access.
pkgs/python/[email protected]/rich/json.py:134
            json_data = Path(args.path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a20c4a7835e369ad Filesystem access.
pkgs/python/[email protected]/rich/markdown.py:777
        with open(args.path, encoding="utf-8") as markdown_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9dc2f1835b53e6b6 Filesystem access.
pkgs/python/[email protected]/rich/progress.py:1373
        handle = io.open(file, "rb", buffering=buffering)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de96146ecf5b3682 Filesystem access.
pkgs/python/[email protected]/rich/syntax.py:360
        code = Path(path).read_text(encoding=encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8ec4a9dc845d553 Filesystem access.
pkgs/python/[email protected]/rich/theme.py:73
        with open(path, encoding=encoding) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

browser-cookie3

python dependency
expand_more 7 low-confidence finding(s)
low env_fs dependency Excluded from app score #468ceb7bd50143aa Environment-variable access.
pkgs/python/[email protected]/browser_cookie3/__init__.py:127
    return os.path.join(os.getenv(path['env'], ''), path['path'])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d03d6dfe5b2cb039 Filesystem access.
pkgs/python/[email protected]/browser_cookie3/__init__.py:479
                with open(key_file, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19d9d2104ffd68cf Filesystem access.
pkgs/python/[email protected]/browser_cookie3/__init__.py:1021
            with open(self.session_file, 'rb') as file_obj:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #58d1b85e367e82c4 Filesystem access.
pkgs/python/[email protected]/browser_cookie3/__init__.py:1036
            with open(self.session_file_lz4, 'rb') as file_obj:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a08c0fb34f7fef2 Filesystem access.
pkgs/python/[email protected]/browser_cookie3/__init__.py:1138
        self.__buffer = open(cookie_file, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33a37a3cc9f867fa Filesystem access.
pkgs/python/[email protected]/browser_cookie3/__init__.py:1251
        with open(self.cookie_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee8f55a57eea041e Filesystem access.
pkgs/python/[email protected]/browser_cookie3/__init__.py:1287
        with open(self.cookie_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

feedparser

python dependency
expand_more 8 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #8b3e2d7fbe2d1e6d Filesystem access.
pkgs/python/[email protected]/docs/conf.py:7
content = (pathlib.Path(__file__).parent.parent / 'feedparser/__init__.py').read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0182c921f5b7dc2b Filesystem access.
pkgs/python/[email protected]/feedparser/api.py:119
        with open(url_file_stream_or_string, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #696113b90a76a4df Filesystem access.
pkgs/python/[email protected]/setup.py:36
long_description = (root / 'README.rst').read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #64ff093e901bcd66 Environment-variable access.
pkgs/python/[email protected]/setup.py:39
if os.getenv('NAME_SUFFIX'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d683d21bbe973ef3 Environment-variable access.
pkgs/python/[email protected]/setup.py:40
    name = f"{name}_{os.getenv('NAME_SUFFIX')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18ad2c33cc43a9aa Filesystem access.
pkgs/python/[email protected]/setup.py:42
content = (root / 'feedparser/__init__.py').read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37f64fe0888dd948 Environment-variable access.
pkgs/python/[email protected]/setup.py:45
if os.getenv('VERSION_SUFFIX'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9c5a951be5d2139 Environment-variable access.
pkgs/python/[email protected]/setup.py:46
    version = f"{version}rc{os.getenv('VERSION_SUFFIX')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

loguru

python dependency
expand_more 9 low-confidence finding(s)
low env_fs dependency Excluded from app score #967dade728e722f3 Environment-variable access.
pkgs/python/[email protected]/loguru/_colorama.py:25
        if "CI" in os.environ and any(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d36241966e89068 Environment-variable access.
pkgs/python/[email protected]/loguru/_colorama.py:26
            ci in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e6dda1d9c70d43db Environment-variable access.
pkgs/python/[email protected]/loguru/_colorama.py:30
        if "PYCHARM_HOSTED" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #372599807f5b15db Environment-variable access.
pkgs/python/[email protected]/loguru/_colorama.py:32
        if os.name == "nt" and "TERM" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e24cb683e1d47bc Environment-variable access.
pkgs/python/[email protected]/loguru/_defaults.py:5
    if key not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69908900a2d17667 Environment-variable access.
pkgs/python/[email protected]/loguru/_defaults.py:8
    val = environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06b90ac55850fb12 Filesystem access.
pkgs/python/[email protected]/loguru/_file_sink.py:53
        with open(path_in, "rb") as f_in:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3854ee1c6dc09bac Filesystem access.
pkgs/python/[email protected]/loguru/_file_sink.py:226
        self._file = open(path, **self._kwargs)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b400c66a212b4732 Filesystem access.
pkgs/python/[email protected]/loguru/_logger.py:1868
                with open(str(file)) as fileobj:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

mypy

python dependency
expand_more 106 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #40622365f4568b84 Filesystem access.
pkgs/python/[email protected]/docs/source/html_builder.py:41
        self.strict_file.write_text(
            "For this version of mypy, the list of flags enabled by strict is: " + strict_part
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b03313e765e2163f Environment-variable access.
pkgs/python/[email protected]/docs/source/html_builder.py:55
        if os.getenv("VERIFY_MYPY_ERROR_CODES"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #26bae113a511d848 Filesystem access.
pkgs/python/[email protected]/docs/source/html_builder.py:74
        p.write_text(textwrap.dedent(data))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d65473a09dd91385 Filesystem access.
pkgs/python/[email protected]/misc/apply-cache-diff.py:38
    with open(diff_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a1da0e095b6cb47 Filesystem access.
pkgs/python/[email protected]/misc/diff-cache.py:241
    with open(args.output, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63eb4459c3135e25 Filesystem access.
pkgs/python/[email protected]/mypy/build.py:394
        with open(options_data, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf886ed639bb0f6c Environment-variable access.
pkgs/python/[email protected]/mypy/build.py:398
                f".mypy_worker.{build_id}.{idx}.json", options_data, worker_env or os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac779da597bcde7a Filesystem access.
pkgs/python/[email protected]/mypy/build.py:757
        with open(module.__file__, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84fd78c347f07bc0 Filesystem access.
pkgs/python/[email protected]/mypy/build.py:773
        with open(path, encoding="UTF-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f71919e7fe66b64 Filesystem access.
pkgs/python/[email protected]/mypy/build.py:1762
            with open(options.quickstart_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f24def3f270a358 Filesystem access.
pkgs/python/[email protected]/mypy/build.py:1890
        with open(gitignore, "x") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe7bc14a6037c4e3 Filesystem access.
pkgs/python/[email protected]/mypy/build.py:1904
        with open(cachedir_tag, "x") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6ac86c7a3735ca7 Filesystem access.
pkgs/python/[email protected]/mypy/build.py:2967
        interface_hash = read_bytes(buf)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63c8a6839d05583b Filesystem access.
pkgs/python/[email protected]/mypy/build.py:2976
        dep_hashes = {read_str_bare(buf): read_bytes(buf) for _ in range(read_int_bare(buf))}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f87e9e31dc12c10 Filesystem access.
pkgs/python/[email protected]/mypy/build.py:4198
    with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b9cc30aced90c7b Filesystem access.
pkgs/python/[email protected]/mypy/build.py:4205
    with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eab1b08c993a66e2 Filesystem access.
pkgs/python/[email protected]/mypy/build.py:5122
        with open(fnam, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eedf7db1cbfd0ce7 Filesystem access.
pkgs/python/[email protected]/mypy/build.py:5216
                    read_bytes(buf),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #443875674cd2e8f9 Filesystem access.
pkgs/python/[email protected]/mypy/build_worker/worker.py:95
    with open(args.options_data, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2268ac2e0b36fad4 Filesystem access.
pkgs/python/[email protected]/mypy/build_worker/worker.py:106
        with open(status_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e28e1a3d99386ba9 Environment-variable access.
pkgs/python/[email protected]/mypy/build_worker/worker.py:317
    alt_lib_path = os.environ.get("MYPY_ALT_LIB_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e584c50b5f1fe67e Filesystem access.
pkgs/python/[email protected]/mypy/cache.py:389
    return read_bytes_bare(data)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92eb52c21becbc48 Filesystem access.
pkgs/python/[email protected]/mypy/cache.py:458
    return [read_bytes_bare(data) for _ in range(size)]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9854bfd8bc014c96 Filesystem access.
pkgs/python/[email protected]/mypy/config_parser.py:246
            with open(config_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3068ac009430c92a Environment-variable access.
pkgs/python/[email protected]/mypy/config_parser.py:328
    os.environ["MYPY_CONFIG_FILE_DIR"] = os.path.dirname(os.path.abspath(file_read))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e6b9910a9f7b91f Environment-variable access.
pkgs/python/[email protected]/mypy/defaults.py:23
if os.environ.get("XDG_CONFIG_HOME"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4694c6962090a81 Environment-variable access.
pkgs/python/[email protected]/mypy/defaults.py:24
    USER_CONFIG_FILES.insert(0, os.path.join(os.environ["XDG_CONFIG_HOME"], "mypy/config"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85cdc318b2550afa Filesystem access.
pkgs/python/[email protected]/mypy/dmypy/client.py:584
        with open(perf_stats_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #628d926537dfcd4a Filesystem access.
pkgs/python/[email protected]/mypy/dmypy/client.py:616
        sys.stdout = sys.stderr = open(args.log_file, "a", buffering=1)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4f0d10b4ca54b6e8 Filesystem access.
pkgs/python/[email protected]/mypy/dmypy_server.py:113
                sys.stdout = sys.stderr = open(log_file, "a", buffering=1)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11c53a3f66fa72ca Filesystem access.
pkgs/python/[email protected]/mypy/dmypy_server.py:221
            with open(self.status_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #16ddd531ccb7d0d9 Filesystem access.
pkgs/python/[email protected]/mypy/dmypy_server.py:302
            with open(fswatcher_dump_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd26d666587e0a47 Filesystem access.
pkgs/python/[email protected]/mypy/exportjson.py:598
        with open(fnam, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2828eb708f33366f Filesystem access.
pkgs/python/[email protected]/mypy/exportjson.py:606
        with open(new_fnam, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f1dc66ba61e0954 Filesystem access.
pkgs/python/[email protected]/mypy/fscache.py:282
                with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #510d822153dd4dba Filesystem access.
pkgs/python/[email protected]/mypy/git.py:39
        with open(head_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ff56bb5accf1065 Filesystem access.
pkgs/python/[email protected]/mypy/git.py:45
                with open(ref_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8da8c174de1d8730 Filesystem access.
pkgs/python/[email protected]/mypy/git.py:50
                with open(packed_refs_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eba01156b05178fa Filesystem access.
pkgs/python/[email protected]/mypy/ipc.py:88
        return self.read_bytes(size).decode("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #beb68574bb10a8db Filesystem access.
pkgs/python/[email protected]/mypy/ipc.py:366
    with open(status_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6a79a48e4958f10 Filesystem access.
pkgs/python/[email protected]/mypy/ipc.py:479
    bdata = connection.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79ea5535150b796f Environment-variable access.
pkgs/python/[email protected]/mypy/main.py:1464
    environ_cache_dir = os.getenv("MYPY_CACHE_DIR", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f10450a679eba431 Environment-variable access.
pkgs/python/[email protected]/mypy/main.py:1470
    environ_num_workers = os.getenv("MYPY_NUM_WORKERS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3db43215bc619513 Filesystem access.
pkgs/python/[email protected]/mypy/main.py:1740
    with open(fnam) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bece8b69beb47055 Filesystem access.
pkgs/python/[email protected]/mypy/metastore.py:110
        with open(os_path_join(self.cache_dir_prefix, name), "rb", buffering=0) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c937898fc79def4 Filesystem access.
pkgs/python/[email protected]/mypy/metastore.py:123
            with open(tmp_filename, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76d32ba5bc0d7c9e Filesystem access.
pkgs/python/[email protected]/mypy/modulefinder.py:733
            with open(git_info_exclude) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f31b6e99db36532 Filesystem access.
pkgs/python/[email protected]/mypy/modulefinder.py:744
        with open(gitignore) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29300f01872bc21c Environment-variable access.
pkgs/python/[email protected]/mypy/modulefinder.py:788
    path_env = os.getenv("MYPYPATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e7f611c9366c2f0 Environment-variable access.
pkgs/python/[email protected]/mypy/modulefinder.py:862
        env = {**dict(os.environ), "PYTHONSAFEPATH": "1"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97581c575c5ec993 Environment-variable access.
pkgs/python/[email protected]/mypy/modulefinder.py:907
        root_dir = os.getenv("MYPY_TEST_PREFIX", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb1908843f2f9996 Filesystem access.
pkgs/python/[email protected]/mypy/modulefinder.py:986
    with open(versions_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d9430d55ef846ac Filesystem access.
pkgs/python/[email protected]/mypy/nodes.py:419
        defs = read_bytes(data)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7d3c17ab151d88f Filesystem access.
pkgs/python/[email protected]/mypy/nodes.py:420
        imports = read_bytes(data)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d864519070efdd4 Filesystem access.
pkgs/python/[email protected]/mypy/report.py:177
            with open(tree.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4bcf3107f8dd27d5 Filesystem access.
pkgs/python/[email protected]/mypy/report.py:207
        with open(os.path.join(self.output_dir, "linecount.txt"), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8d785d470fb63f2 Filesystem access.
pkgs/python/[email protected]/mypy/report.py:266
        with open(os.path.join(self.output_dir, filename), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b36eb008a87ea508 Filesystem access.
pkgs/python/[email protected]/mypy/report.py:430
        with open(tree.path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1741845272114741 Filesystem access.
pkgs/python/[email protected]/mypy/report.py:444
        with open(os.path.join(self.output_dir, "coverage.json"), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6673988001f623b0 Filesystem access.
pkgs/python/[email protected]/mypy/report.py:793
        with open(out_path, "wb") as out_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bfea5bf0ccd7221 Filesystem access.
pkgs/python/[email protected]/mypy/report.py:802
        with open(out_path, "wb") as out_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e20edef392c1571 Filesystem access.
pkgs/python/[email protected]/mypy/report.py:836
        with open(out_path, "wb") as out_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ffd1ae2b2deb4a0 Filesystem access.
pkgs/python/[email protected]/mypy/report.py:907
        with open(report_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1265e58808d10c19 Environment-variable access.
pkgs/python/[email protected]/mypy/stubgen.py:1728
    environ_cache_dir = os.getenv("MYPY_CACHE_DIR", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49dd7afb20e53a64 Filesystem access.
pkgs/python/[email protected]/mypy/stubgen.py:1743
    with open(mod.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a63dbf34b6fdba9 Filesystem access.
pkgs/python/[email protected]/mypy/stubgen.py:1837
    with open(target, "w", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1005ee47750831b8 Filesystem access.
pkgs/python/[email protected]/mypy/stubgenc.py:61
            with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1291e5fcc3fe6717 Filesystem access.
pkgs/python/[email protected]/mypy/stubgenc.py:184
    with open(target, "w", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e79617f2a2bc6160 Filesystem access.
pkgs/python/[email protected]/mypy/stubtest.py:219
    with open(os.devnull, "w") as devnull:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #07eff6f4d417a96b Filesystem access.
pkgs/python/[email protected]/mypy/stubtest.py:2328
    with open(allowlist_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10320ea3821e763e Environment-variable access.
pkgs/python/[email protected]/mypy/typeshed/stdlib/cgi.pyi:27
    environ: SupportsItemAccess[str, str] = os.environ,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #279982a5e7052d4c Environment-variable access.
pkgs/python/[email protected]/mypy/typeshed/stdlib/cgi.pyi:41
def test(environ: _Environ = os.environ) -> None: ...

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ad48377b3257923 Environment-variable access.
pkgs/python/[email protected]/mypy/typeshed/stdlib/cgi.pyi:42
def print_environ(environ: _Environ = os.environ) -> None: ...

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9cbdfc4dc75e947a Environment-variable access.
pkgs/python/[email protected]/mypy/typeshed/stdlib/cgi.pyi:89
        environ: SupportsContainsAndGetItem[str, str] = os.environ,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f6888ff237fbd80e Filesystem access.
pkgs/python/[email protected]/mypy/util.py:330
    with open(path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #98fb777a450cc82a Environment-variable access.
pkgs/python/[email protected]/mypy/util.py:530
        int(os.getenv("MYPY_FORCE_TERMINAL_WIDTH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3275330ab0874776 Environment-variable access.
pkgs/python/[email protected]/mypy/util.py:599
    env_var = os.getenv("MYPY_FORCE_COLOR", os.getenv("FORCE_COLOR", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f686dded01399b6 Filesystem access.
pkgs/python/[email protected]/mypy/util.py:695
                with open("/dev/null", "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #64c7af4cc723b8df Environment-variable access.
pkgs/python/[email protected]/mypyc/__main__.py:46
    opt_level = os.getenv("MYPYC_OPT_LEVEL", "3")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36e2397ad2e39368 Environment-variable access.
pkgs/python/[email protected]/mypyc/__main__.py:47
    debug_level = os.getenv("MYPYC_DEBUG_LEVEL", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99e90cc2eda9346e Environment-variable access.
pkgs/python/[email protected]/mypyc/__main__.py:48
    strict_dunder_typing = bool(int(os.getenv("MYPYC_STRICT_DUNDER_TYPING", "0")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9983330001478c61 Environment-variable access.
pkgs/python/[email protected]/mypyc/__main__.py:51
    log_trace = bool(int(os.getenv("MYPYC_LOG_TRACE", "0")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #785fd399a053ab91 Filesystem access.
pkgs/python/[email protected]/mypyc/__main__.py:54
    with open(setup_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #512790b84521a570 Environment-variable access.
pkgs/python/[email protected]/mypyc/__main__.py:64
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e1b97432172df6f Filesystem access.
pkgs/python/[email protected]/mypyc/annotate.py:158
    with open(html_fnam, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5bd95094afa4329f Filesystem access.
pkgs/python/[email protected]/mypyc/annotate.py:444
        with open(src.path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec25df4c47c9b2b9 Filesystem access.
pkgs/python/[email protected]/mypyc/build.py:271
    with open(os.path.join(include_dir(), shim_name)) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2d325ba999b18eb5 Filesystem access.
pkgs/python/[email protected]/mypyc/build.py:436
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30c2707cf5e7ddf3 Filesystem access.
pkgs/python/[email protected]/mypyc/build.py:442
        with open(path, "wb") as g:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #414772048bf38e9e Filesystem access.
pkgs/python/[email protected]/mypyc/build.py:899
            with open(os.path.join(include_dir(), name), encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dca8b7121eee0d98 Filesystem access.
pkgs/python/[email protected]/mypyc/build.py:929
            with open(os.path.join(include_dir(), name), encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc0f16bb121c5cb1 Filesystem access.
pkgs/python/[email protected]/mypyc/build.py:934
                with open(os.path.join(include_dir(), file_name), encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #724ea647cf05ae8b Environment-variable access.
pkgs/python/[email protected]/mypyc/build_setup.py:31
PYODIDE = "PYODIDE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da6ef3c1c980a3b0 Environment-variable access.
pkgs/python/[email protected]/mypyc/build_setup.py:32
NO_EXTRA_FLAGS = "MYPYC_NO_EXTRA_FLAGS" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #20f534d4dd8bf10a Filesystem access.
pkgs/python/[email protected]/mypyc/codegen/emitmodule.py:187
                with open(os.path.join(self.compiler_options.target_dir, path), "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d57d5f82f27e517 Environment-variable access.
pkgs/python/[email protected]/mypyc/lib-rt/build_setup.py:31
PYODIDE = "PYODIDE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #32cea26ae5c23a70 Environment-variable access.
pkgs/python/[email protected]/mypyc/lib-rt/build_setup.py:32
NO_EXTRA_FLAGS = "MYPYC_NO_EXTRA_FLAGS" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6abc9f3afd57378a Filesystem access.
pkgs/python/[email protected]/setup.py:58
        with open(os.path.join(path, "version.py"), "w") as stream:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #24a0a647632cc255 Environment-variable access.
pkgs/python/[email protected]/setup.py:73
if os.getenv("MYPY_USE_MYPYC", None) == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dfb003b08ecfa771 Environment-variable access.
pkgs/python/[email protected]/setup.py:139
    use_other_mypyc = os.getenv("ALTERNATE_MYPYC_PATH", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bde3dc00d34a0357 Environment-variable access.
pkgs/python/[email protected]/setup.py:152
    opt_level = os.getenv("MYPYC_OPT_LEVEL", "3")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c26c5987f4d5c48 Environment-variable access.
pkgs/python/[email protected]/setup.py:153
    debug_level = os.getenv("MYPYC_DEBUG_LEVEL", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fcc0adcf635f840 Environment-variable access.
pkgs/python/[email protected]/setup.py:154
    force_multifile = os.getenv("MYPYC_MULTI_FILE", "") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #504d894b0b31f2d9 Environment-variable access.
pkgs/python/[email protected]/setup.py:155
    log_trace = bool(int(os.getenv("MYPYC_LOG_TRACE", "0")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc2eef67c8d2815c Environment-variable access.
pkgs/python/[email protected]/setup.py:156
    separate = os.getenv("MYPYC_SEPARATE", "") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99864a3457eb46ca Filesystem access.
pkgs/python/[email protected]/test-data/unit/plugins/config_data.py:13
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pytest

python dependency
expand_more 433 low-confidence finding(s)
low env_fs dependency Excluded from app score #29b543bea4f43e23 Environment-variable access.
pkgs/python/[email protected]/doc/en/conf.py:272
    os.getenv("READTHEDOCS", "False") == "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a80badb5f7facd6b Environment-variable access.
pkgs/python/[email protected]/doc/en/conf.py:273
    and os.environ["READTHEDOCS_VERSION_TYPE"] == "tag"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #944c5ec6f57f3035 Filesystem access.
pkgs/python/[email protected]/doc/en/example/customdirectory/conftest.py:16
        manifest = json.loads(manifest_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #622dbeaee5c39ea7 Filesystem access.
pkgs/python/[email protected]/doc/en/example/multipython.py:36
        dumpfile.write_text(
            textwrap.dedent(
                rf"""
                import pickle
                f = open({str(self.picklefile)!r}, 'wb')
                s = pickle.dump({obj!r}, f, protocol=2)
                f.close()
                """
            )
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6ba4d5d683d2899 Filesystem access.
pkgs/python/[email protected]/doc/en/example/multipython.py:50
        loadfile.write_text(
            textwrap.dedent(
                rf"""
                import pickle
                f = open({str(self.picklefile)!r}, 'rb')
                obj = pickle.load(f)
                f.close()
                res = eval({expression!r})
                if not res:
                    raise SystemExit(1)
                """
            )
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bcde98b83663f64c Filesystem access.
pkgs/python/[email protected]/extra/get_issues.py:41
        cachefile.write_text(json.dumps(issues), "utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91d082823ece6b29 Filesystem access.
pkgs/python/[email protected]/extra/get_issues.py:43
        issues = json.loads(cachefile.read_text("utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8114eabf001e2ae9 Filesystem access.
pkgs/python/[email protected]/scripts/generate-gh-release-notes.py:24
    changelog_lines = p.read_text(encoding="UTF-8").splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #dbd70eeb0ccb90d7 Filesystem access.
pkgs/python/[email protected]/scripts/generate-gh-release-notes.py:61
    Path(filename).write_text(md_body, encoding="UTF-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #dc9fa1a28d4801a1 Filesystem access.
pkgs/python/[email protected]/scripts/release.py:44
    template_text = (
        Path(__file__).parent.joinpath(template_name).read_text(encoding="UTF-8")
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ca4010151c2e88d7 Filesystem access.
pkgs/python/[email protected]/scripts/release.py:54
    target.write_text(text, encoding="UTF-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8a05566d1f0b8faa Filesystem access.
pkgs/python/[email protected]/scripts/release.py:59
    lines = index_path.read_text(encoding="UTF-8").splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c1985a517ea9fb18 Filesystem access.
pkgs/python/[email protected]/scripts/release.py:66
                index_path.write_text("\n".join(lines) + "\n", encoding="UTF-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #74694c7f9fc969f5 Environment-variable access.
pkgs/python/[email protected]/scripts/release.py:84
        env={**os.environ, "SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST": version},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #58d9c305861287f4 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_argcomplete.py:102
if os.environ.get("_ARGCOMPLETE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7932f559647d39d Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_io/terminalwriter.py:37
    if os.environ.get("PY_COLORS") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b29da384ab13e08b Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_io/terminalwriter.py:39
    if os.environ.get("PY_COLORS") == "0":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ecaee239370d96b8 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_io/terminalwriter.py:41
    if os.environ.get("NO_COLOR"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #499b5be02d00ebc4 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_io/terminalwriter.py:43
    if os.environ.get("FORCE_COLOR"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e76d6c7bb2e4c5d Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_io/terminalwriter.py:46
        hasattr(file, "isatty") and file.isatty() and os.environ.get("TERM") != "dumb"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85c9a5eae94a776b Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_io/terminalwriter.py:219
        theme = os.getenv("PYTEST_THEME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4cf251cf08bb0b7 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_io/terminalwriter.py:220
        theme_mode = os.getenv("PYTEST_THEME_MODE", "dark")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea0ed390849395bb Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_py/path.py:1137
                ignore = os.getenv("PY_IGNORE_IMPORTMISMATCH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37083632b04a0da0 Filesystem access.
pkgs/python/[email protected]/src/_pytest/_py/path.py:1152
                    with open(str(self), "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1cbced71158836ed Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_py/path.py:1208
                    paths = os.environ["Path"].split(";")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #def9531eef4a9422 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_py/path.py:1212
                        systemroot = os.environ["SYSTEMROOT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #afb0ea1b9c920dd4 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_py/path.py:1220
                    paths = os.environ["PATH"].split(":")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9a94bf4b179e2c9 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_py/path.py:1223
                tryadd += os.environ["PATHEXT"].split(os.pathsep)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d4cd91baef15ebe Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_py/path.py:1242
            x = os.environ["HOME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9fcc6ac21d618cf5 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_py/path.py:1245
                x = os.environ["HOMEDRIVE"] + os.environ["HOMEPATH"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #924d2a995b3c296b Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_py/path.py:1416
            username = os.environ["USER"]  # linux, et al

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5005d4c92bd0dc0 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/_py/path.py:1419
                username = os.environ["USERNAME"]  # windows

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b007d11be4d2adef Filesystem access.
pkgs/python/[email protected]/src/_pytest/assertion/rewrite.py:293
        with open(pathname, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #186096f9e3813d0c Filesystem access.
pkgs/python/[email protected]/src/_pytest/assertion/rewrite.py:326
        with open(proc_pyc, "wb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb839bbbfdbb1bb7 Filesystem access.
pkgs/python/[email protected]/src/_pytest/assertion/rewrite.py:346
    source = fn.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac069a0f42d2e82a Filesystem access.
pkgs/python/[email protected]/src/_pytest/assertion/rewrite.py:362
        fp = open(pyc, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb586c86eaaae0e3 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/cacheprovider.py:519
    if "TOX_ENV_DIR" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c423a9f629323c2 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/cacheprovider.py:520
        cache_dir_default = os.path.join(os.environ["TOX_ENV_DIR"], cache_dir_default)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37f78179e2fd1691 Filesystem access.
pkgs/python/[email protected]/src/_pytest/capture.py:143
            open(os.dup(f.fileno()), mode, buffering),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5fc2e710d6bb3d0 Filesystem access.
pkgs/python/[email protected]/src/_pytest/capture.py:489
            self.tmpfile = open(os.devnull, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #70e43d89b0be6724 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/compat.py:315
    return any(os.environ.get(var) for var in env_vars)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb6ea2750d5c9c0c Environment-variable access.
pkgs/python/[email protected]/src/_pytest/config/__init__.py:219
    old_pytest_version = os.environ.get("PYTEST_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5089697746b2d6a1 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/config/__init__.py:221
        os.environ["PYTEST_VERSION"] = __version__

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a941010a0922e4e7 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/config/__init__.py:241
            os.environ.pop("PYTEST_VERSION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #27d8526d5d207f52 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/config/__init__.py:243
            os.environ["PYTEST_VERSION"] = old_pytest_version

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5b9c11affdd1025 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/config/__init__.py:501
        if os.environ.get("PYTEST_DEBUG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a941df857b0dfd7b Filesystem access.
pkgs/python/[email protected]/src/_pytest/config/__init__.py:505
                err = open(
                    os.dup(err.fileno()),
                    mode=err.mode,
                    buffering=1,
                    encoding=encoding,
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8389786cc62bf54f Environment-variable access.
pkgs/python/[email protected]/src/_pytest/config/__init__.py:874
        self._import_plugin_specs(os.environ.get("PYTEST_PLUGINS"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45d8e57e7a6a9b6b Environment-variable access.
pkgs/python/[email protected]/src/_pytest/config/__init__.py:1336
        ) or bool(os.environ.get("PYTEST_DISABLE_PLUGIN_AUTOLOAD"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4774eb3f8e3ee429 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/config/__init__.py:1523
            env_addopts = os.environ.get("PYTEST_ADDOPTS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04ca2feb910d532c Environment-variable access.
pkgs/python/[email protected]/src/_pytest/config/__init__.py:1578
            not os.environ.get("PYTEST_DISABLE_PLUGIN_AUTOLOAD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e09ee7f597579fb Filesystem access.
pkgs/python/[email protected]/src/_pytest/config/findpaths.py:102
        toml_text = filepath.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19c20ca6c5a4b2d6 Filesystem access.
pkgs/python/[email protected]/src/_pytest/doctest.py:144
    contents = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a95519fde7ab1a6c Filesystem access.
pkgs/python/[email protected]/src/_pytest/doctest.py:429
        text = self.path.read_text(encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c4a93b93e191a94 Filesystem access.
pkgs/python/[email protected]/src/_pytest/helpconfig.py:129
        debugfile = open(path, "w", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9cff10f0d701f64f Filesystem access.
pkgs/python/[email protected]/src/_pytest/junitxml.py:652
        with open(self.logfile, "w", encoding="utf-8") as logfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9881a5805c7d2916 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/monkeypatch.py:324
        if prepend and name in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f799244d29ae9b20 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/monkeypatch.py:325
            value = value + prepend + os.environ[name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5486c7308d092ffc Environment-variable access.
pkgs/python/[email protected]/src/_pytest/monkeypatch.py:326
        self.setitem(os.environ, name, value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0fe22e25a9b45fa Environment-variable access.
pkgs/python/[email protected]/src/_pytest/monkeypatch.py:334
        environ: MutableMapping[str, str] = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e91bca33471a5742 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/_pytest/pastebin.py:91
            urlopen(url, data=urlencode(params).encode("ascii")).read().decode("utf-8")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #80c1bea1fc9f2cad Environment-variable access.
pkgs/python/[email protected]/src/_pytest/pathlib.py:602
    ignore = os.environ.get("PY_IGNORE_IMPORTMISMATCH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6afc62d9b1fc583f Filesystem access.
pkgs/python/[email protected]/src/_pytest/pytester.py:790
            p.write_text(source.strip(), encoding=encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f161f69adc4a84c Environment-variable access.
pkgs/python/[email protected]/src/_pytest/pytester.py:1364
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b98ceba2c7b795e1 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/runner.py:215
        os.environ[var_name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b0b93b3504bc5fb Environment-variable access.
pkgs/python/[email protected]/src/_pytest/runner.py:217
        os.environ.pop(var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c33dcef5083692ea Environment-variable access.
pkgs/python/[email protected]/src/_pytest/terminalprogress.py:28
    if reporter is not None and reporter.isatty() and os.environ.get("TERM") != "dumb":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #595489bc11249a23 Environment-variable access.
pkgs/python/[email protected]/src/_pytest/tmpdir.py:161
            from_env = os.environ.get("PYTEST_DEBUG_TEMPROOT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1f4a62491f782d3 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:378
            s1 = initpy.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65393101086dfb0b Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:379
            s2 = copied.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #03afe2361af7c87a Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:392
            s1 = otherdir.join("__init__.py").read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #24dbd41d491d5adf Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:393
            s2 = copied.join("__init__.py").read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea41cf23ca056f1e Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:464
        stream = open(f, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8ab5c509c871edf Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:478
    samplefile.write_text("samplefile\n", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bdc94435b91daf8f Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:481
    execfile.write_text("x=42", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dcdfbeb97e445f33 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:484
    execfilepy.write_text("x=42", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #178684464ef3f241 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:496
    module_a.write_text("from .b import stuff as result\n", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f6c52edc14b2c40 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:498
    module_b.write_text('stuff="got it"\n', encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c4244618e0d7e24 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:500
    module_c.write_text(
        """import py;
import otherdir.a
value = otherdir.a.result
""",
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b02625dd91eaa0f Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:508
    module_d.write_text(
        """import py;
from otherdir import a
value2 = a.result
""",
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e009224f59c3df69 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:551
        file_.write_text(f"{i}", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3a2b9a0688889d7 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:552
        actual = int(file_.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4988271a20eefde2 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:714
        assert p.read_text(encoding="utf-8") == "hello"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25375e11f1929c64 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:718
        p.write_text("hello", ensure=1, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d79a4665d7297cde Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:719
        assert p.read_text(encoding="utf-8") == "hello"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d1bfbad1ed6d711 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:786
        newfile.write_text("42", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c33c2fa28701171 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:788
        s = newfile.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #096b33d21678816f Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:822
        l1.write_text("foo", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f88ce044aba6c731 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:824
        assert l2.read_text(encoding="utf-8") == "foo"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d99742cb2bab2f69 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1300
        filepath.write_text("Hello", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f070b292d43237e3 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1307
        filepath.write_text("Hello", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f37d39abbe06d232 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1315
        filepath.write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5e36d9ba585fe3e Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1324
        filepath.write_text("Hello", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d023d12ac59a88b4 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1327
        assert filepath.read_text(encoding="utf-8") == linkpath.read_text(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #31294dcbcaa2f3e5 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1327
        assert filepath.read_text(encoding="utf-8") == linkpath.read_text(
            encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b2a312fb7cca2ff Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1362
        filepath.write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5549f85830a37289 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1493
            src.join(f).write_text(f, ensure=True, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b8c727789d87ace Environment-variable access.
pkgs/python/[email protected]/testing/_py/test_local.py:1528
        if "LANG" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #420e7cc72b3b0756 Environment-variable access.
pkgs/python/[email protected]/testing/_py/test_local.py:1536
        if "LANG" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #75f1ae9e7fefe61f Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1561
        s = x.read_text(encoding="utf8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b473aa2b75418ca Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1569
        x.write_text(part, encoding="utf8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6eb75cca5df6f61a Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1571
        assert x.read_text(encoding="utf8") == part

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d98aa4fc08f25a7f Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1577
        x.write_text(part, "ascii")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0f3edd039f1c699 Filesystem access.
pkgs/python/[email protected]/testing/_py/test_local.py:1578
        s = x.read_text("ascii")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bf4a6e9867b468e Environment-variable access.
pkgs/python/[email protected]/testing/acceptance_test.py:22
    cur = os.getenv("PYTHONPATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33f2431e37583e8c Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:279
        sub1.joinpath("conftest.py").write_text("assert 0", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8da90c90fa0e8084 Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:518
        p.write_text("def test_foo(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e68d3f4b2ca89e65 Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:663
        path.joinpath("test_hello.py").write_text("raise ImportError", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf86ce5ba9248067 Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:672
        pkg.joinpath("test_foo.py").write_text(
            "print('hello from test_foo')\ndef test(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #56b0fd11c6ae0ec0 Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:675
        pkg.joinpath("conftest.py").write_text(
            "def pytest_configure(config): print('configuring')", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cba8e27744da9a7f Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:689
        pytester.path.joinpath("t.py").write_text("def test(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f787a6b23453ca85 Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:698
        path.joinpath("test_hello.py").write_text(
            "def test_hello(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42efb09db27a1045 Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:701
        path.joinpath("test_world.py").write_text(
            "def test_world(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91c71ce627a21c2d Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:745
            ns.joinpath("__init__.py").write_text(
                "__import__('pkg_resources').declare_namespace(__name__)",
                encoding="utf-8",
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d69c2e23350001f Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:752
            lib.joinpath(f"test_{dirname}.py").write_text(
                f"def test_{dirname}(): pass\ndef test_other():pass",
                encoding="utf-8",
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02911cdb0164090f Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:839
        lib.joinpath("test_bar.py").write_text(
            "def test_bar(): pass\ndef test_other(a_fixture):pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b68835b37d954ee Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:842
        lib.joinpath("conftest.py").write_text(
            "import pytest\[email protected]\ndef a_fixture():pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e8af9ba2f6d4be04 Filesystem access.
pkgs/python/[email protected]/testing/acceptance_test.py:1447
    fullXml = pytester.path.joinpath("output.xml").read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1989c5870b8f65e9 Filesystem access.
pkgs/python/[email protected]/testing/code/test_excinfo.py:399
    tmp_path.joinpath("test.txt").write_text("{{ h()}}:", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #885e15db953ddb24 Filesystem access.
pkgs/python/[email protected]/testing/code/test_excinfo.py:596
            modpath.write_text(source, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6da1df493a6e4bb Filesystem access.
pkgs/python/[email protected]/testing/code/test_excinfo.py:1252
        tmp_path.joinpath("mod.py").write_text("asdf", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd2faa3d9bef313b Filesystem access.
pkgs/python/[email protected]/testing/code/test_source.py:298
    path.write_text(str(source), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c203ef3b6effee9 Filesystem access.
pkgs/python/[email protected]/testing/example_scripts/customdirectory/conftest.py:13
        manifest = json.loads(manifest_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc80e48960dc485b Filesystem access.
pkgs/python/[email protected]/testing/example_scripts/perf_examples/collect_stats/generate_folders.py:9
TEST_CONTENT = (HERE / "template_test.py").read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af24e8a130fde691 Filesystem access.
pkgs/python/[email protected]/testing/io/test_terminalwriter.py:75
            f = open(str(p), "w+", encoding="utf8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7aeaec11ad8f43f4 Filesystem access.
pkgs/python/[email protected]/testing/io/test_terminalwriter.py:80
                with open(str(p), encoding="utf8") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2efb69c1c5bd4eb9 Environment-variable access.
pkgs/python/[email protected]/testing/io/test_terminalwriter.py:188
    monkeypatch.setitem(os.environ, "PY_COLORS", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b864e62eec76c603 Environment-variable access.
pkgs/python/[email protected]/testing/io/test_terminalwriter.py:193
    monkeypatch.setitem(os.environ, "PY_COLORS", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e76923705343ed23 Environment-variable access.
pkgs/python/[email protected]/testing/io/test_terminalwriter.py:198
    monkeypatch.setitem(os.environ, "NO_COLOR", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb3afd64b95a01d1 Environment-variable access.
pkgs/python/[email protected]/testing/io/test_terminalwriter.py:203
    monkeypatch.setitem(os.environ, "FORCE_COLOR", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f371fdbeaea6d04c Environment-variable access.
pkgs/python/[email protected]/testing/io/test_terminalwriter.py:221
    monkeypatch.setitem(os.environ, "NO_COLOR", NO_COLOR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6363d8e6489734f1 Environment-variable access.
pkgs/python/[email protected]/testing/io/test_terminalwriter.py:222
    monkeypatch.setitem(os.environ, "FORCE_COLOR", FORCE_COLOR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #145c4794ed93f1c4 Environment-variable access.
pkgs/python/[email protected]/testing/io/test_terminalwriter.py:228
    monkeypatch.setitem(os.environ, "NO_COLOR", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #538b40af192c7bb5 Environment-variable access.
pkgs/python/[email protected]/testing/io/test_terminalwriter.py:229
    monkeypatch.setitem(os.environ, "FORCE_COLOR", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14ac208eebf1d1e4 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:87
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf679cf03eef1f2f Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:661
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89b9b96497a977b7 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:684
    with open(log_file, mode="w", encoding="utf-8") as wfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f8e08dc9879f275 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:700
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4353f0016595ad0 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:759
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ae153d1a4357570 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:808
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eba2f1680d036e25 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:838
    with open(log_file, mode="w", encoding="utf-8") as wfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0f5e7847f26b681b Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:848
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c7f70e7138cca15 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:886
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c9089da87052203 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:918
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c2ada0948038c2a Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1055
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4dd4994984c1fce1 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1089
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69ae702fe04b89eb Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1123
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #abc0165432f08f90 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1165
    with open(os.path.join(report_dir_base, "test_first"), encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9667e1058eb78542 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1169
    with open(os.path.join(report_dir_base, "test_second"), encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f152bf343718117 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1214
    with open(test_first_log_file, mode="w", encoding="utf-8") as wfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #468890407bab7964 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1217
    with open(test_second_log_file, mode="w", encoding="utf-8") as wfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #657c95eba02a4830 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1223
    with open(test_first_log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6645c41bef5c4f6b Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1228
    with open(test_second_log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9eaa0109bfef3362 Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1553
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc8f6ad2f7ff668a Filesystem access.
pkgs/python/[email protected]/testing/logging/test_reporting.py:1574
    with open(log_file, encoding="utf-8") as rfh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5e48a6d292c073b Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:57
        p.write_text(
            textwrap.dedent(
                f"""\
                import x456
                def test():
                    assert x456.__file__.startswith({str(root2)!r})
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4405f576d08a033 Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:929
        b.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest
                @pytest.hookimpl(wrapper=True)
                def pytest_pycollect_makemodule():
                    mod = yield
                    mod.obj.hello = "world"
                    return mod
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0db6be9ff42433f Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:942
        b.joinpath("test_module.py").write_text(
            textwrap.dedent(
                """\
                def test_hello():
                    assert hello == "world"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1ed1207562f67af Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:957
        b.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest
                @pytest.hookimpl(wrapper=True)
                def pytest_pycollect_makeitem():
                    result = yield
                    if result:
                        for func in result:
                            func._some123 = "world"
                    return result
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22785e07d7803a5b Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:972
        b.joinpath("test_module.py").write_text(
            textwrap.dedent(
                """\
                import pytest

                @pytest.fixture()
                def obj(request):
                    return request.node._some123
                def test_hello(obj):
                    assert obj == "world"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95c34f1ea07bce9c Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1073
    sub1.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            import pytest
            def pytest_runtest_setup(item):
                assert item.path.stem == "test_in_sub1"
            def pytest_runtest_call(item):
                assert item.path.stem == "test_in_sub1"
            def pytest_runtest_teardown(item):
                assert item.path.stem == "test_in_sub1"
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #674c19b4b6aa5d81 Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1087
    sub2.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            import pytest
            def pytest_runtest_setup(item):
                assert item.path.stem == "test_in_sub2"
            def pytest_runtest_call(item):
                assert item.path.stem == "test_in_sub2"
            def pytest_runtest_teardown(item):
                assert item.path.stem == "test_in_sub2"
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3f142c163a5a5e8 Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1101
    sub1.joinpath("test_in_sub1.py").write_text("def test_1(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2675a01be0b15f5 Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1102
    sub2.joinpath("test_in_sub2.py").write_text("def test_2(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66397c0c8cf22f43 Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1484
    fh.write_text(
        textwrap.dedent(
            """\
            import pytest
            def test_real():
                pass
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b14ba51d7f89eb74 Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1505
    fh.write_text(
        textwrap.dedent(
            """\
            import pytest
            def test_real():
                pass
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65a440ef3a4a0544 Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1563
    sub1_test.joinpath("test_in_sub1.py").write_text(
        "def test_1(): pass", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83872832a2637a0c Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1566
    sub2_test.joinpath("test_in_sub2.py").write_text(
        "def test_2(): pass", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf0296f7da9e9c8b Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1612
    root.joinpath("Test_root.py").write_text("def test_1(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acb429681ff5a7e7 Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1613
    sub1.joinpath("Test_sub1.py").write_text("def test_2(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf32e3954711e5dd Filesystem access.
pkgs/python/[email protected]/testing/python/collect.py:1614
    sub2_test.joinpath("test_sub2.py").write_text(
        "def test_3(): pass", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73a882eb0e7e00f2 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:311
        subdir.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest

                @pytest.fixture
                def spam():
                    return 'spam'
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b92445b34d2237c Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:324
        testfile.write_text(
            textwrap.dedent(
                """\
                def test_spam(spam):
                    assert spam == "spam"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48daec9138a660bc Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:385
        subdir.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest

                @pytest.fixture(params=[1, 2, 3])
                def spam(request):
                    return request.param
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82e7499d2819e181 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:398
        testfile.write_text(
            textwrap.dedent(
                """\
                params = {'spam': 1}

                def test_spam(spam):
                    assert spam == params['spam']
                    params['spam'] += 1
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b589ef0f920dab89 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:431
        subdir.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest

                @pytest.fixture(params=[1, 2, 3])
                def spam(request):
                    return request.param
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee9221e9224d2431 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:444
        testfile.write_text(
            textwrap.dedent(
                """\
                params = {'spam': 1}

                def test_spam(spam):
                    assert spam == params['spam']
                    params['spam'] += 1
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7014f85021f425da Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:1233
        b.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest
                @pytest.fixture
                def arg1():
                    pass
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66422536dcb0daf7 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:1245
        p.write_text("def test_func(arg1): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6afbca8e519f299f Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:1958
        package.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
            import pytest
            @pytest.fixture
            def one():
                return 1
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3e8b9e556a85fb0 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:1969
        package.joinpath("test_x.py").write_text(
            textwrap.dedent(
                """\
                def test_x(one):
                    assert one == 1
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e3d613e872a50d29 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:1981
        sub.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest
                @pytest.fixture
                def one():
                    return 2
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #505a53df773038dd Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:1992
        sub.joinpath("test_y.py").write_text(
            textwrap.dedent(
                """\
                def test_x(one):
                    assert one == 2
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab62ae84242bea9a Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2015
        package.joinpath("__init__.py").write_text(
            textwrap.dedent(
                """\
                from .. import values
                def setup_module():
                    values.append("package")
                def teardown_module():
                    values[:] = []
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1f928f40c61c37e0 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2027
        package.joinpath("test_x.py").write_text(
            textwrap.dedent(
                """\
                from .. import values
                def test_x():
                    assert values == ["package"]
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e2ecbaa865e1388 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2038
        package.joinpath("__init__.py").write_text(
            textwrap.dedent(
                """\
                from .. import values
                def setup_module():
                    values.append("package2")
                def teardown_module():
                    values[:] = []
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab149a6059365414 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2050
        package.joinpath("test_x.py").write_text(
            textwrap.dedent(
                """\
                from .. import values
                def test_x():
                    assert values == ["package2"]
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2e6cd06b42878e6 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2071
        package.joinpath("__init__.py").write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #241fff6aa16b9eed Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2072
        package.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest
                from .. import values
                @pytest.fixture(scope="package")
                def one():
                    values.append("package")
                    yield values
                    values.pop()
                @pytest.fixture(scope="package", autouse=True)
                def two():
                    values.append("package-auto")
                    yield values
                    values.pop()
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b25a38c0f6805dc Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2091
        package.joinpath("test_x.py").write_text(
            textwrap.dedent(
                """\
                from .. import values
                def test_package_autouse():
                    assert values == ["package-auto"]
                def test_package(one):
                    assert values == ["package-auto", "package"]
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e0d34cdc8c634e7 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2251
        a.joinpath("test_something.py").write_text(
            "def test_func(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4429780c69b9511d Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2254
        b.joinpath("test_otherthing.py").write_text(
            "def test_func(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de593f5fd2a5a555 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2293
        pkgdir.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest
                @pytest.fixture(autouse=True)
                def app():
                    import sys
                    sys._myapp = "hello"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e34b31a086b5da76 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:2309
        t.write_text(
            textwrap.dedent(
                """\
                import sys
                def test_app():
                    assert sys._myapp == "hello"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1236818d94679a46 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:3340
        b.joinpath("test_overridden_fixture_finalizer.py").write_text(
            textwrap.dedent(
                """\
                import pytest
                @pytest.fixture
                def browser(browser):
                    browser['visited'] = True
                    return browser

                def test_browser(browser):
                    assert browser['visited'] is True
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd78473a8a47f5de Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:4318
        fixfile.write_text(
            textwrap.dedent(
                """\
                import pytest

                @pytest.fixture(params=[0, 1, 2])
                def fix_with_param(request):
                    return request.param
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1680f4e368898ee2 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:4332
        testfile.write_text(
            textwrap.dedent(
                """\
                from fix import fix_with_param

                def test_foo(request):
                    request.getfixturevalue('fix_with_param')
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8cf046c92aa8ffd7 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:4837
        root.joinpath("__init__.py").write_text("values = []", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #96fd96dccfbaeb0b Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:4841
        sub1.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
            import pytest
            from .. import values
            @pytest.fixture(scope="package")
            def fix():
                values.append("pre-sub1")
                yield values
                assert values.pop() == "pre-sub1"
        """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb3e3d67feff1e86 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:4855
        sub1.joinpath("test_1.py").write_text(
            textwrap.dedent(
                """\
            from .. import values
            def test_1(fix):
                assert values == ["pre-sub1"]
        """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d4e196ac05fccb9 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:4868
        sub2.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
            import pytest
            from .. import values
            @pytest.fixture(scope="package")
            def fix():
                values.append("pre-sub2")
                yield values
                assert values.pop() == "pre-sub2"
        """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fefe91f373208e10 Filesystem access.
pkgs/python/[email protected]/testing/python/fixtures.py:4882
        sub2.joinpath("test_2.py").write_text(
            textwrap.dedent(
                """\
            from .. import values
            def test_2(fix):
                assert values == ["pre-sub2"]
        """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1e35933789d93e2 Filesystem access.
pkgs/python/[email protected]/testing/python/metafunc.py:1585
        sub1.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                def pytest_generate_tests(metafunc):
                    assert metafunc.function.__name__ == "test_1"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b907188d322025d4 Filesystem access.
pkgs/python/[email protected]/testing/python/metafunc.py:1594
        sub2.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                def pytest_generate_tests(metafunc):
                    assert metafunc.function.__name__ == "test_2"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #460cbe101c8c1ba4 Filesystem access.
pkgs/python/[email protected]/testing/python/metafunc.py:1603
        sub1.joinpath("test_in_sub1.py").write_text(
            "def test_1(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a63d9d399f8869ee Filesystem access.
pkgs/python/[email protected]/testing/python/metafunc.py:1606
        sub2.joinpath("test_in_sub2.py").write_text(
            "def test_2(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d83c761d2a6e386 Filesystem access.
pkgs/python/[email protected]/testing/test_assertion.py:1879
    a.joinpath("test_a.py").write_text("def test_a(): assert 1 == 2", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a0dda80ae00357b Filesystem access.
pkgs/python/[email protected]/testing/test_assertion.py:1880
    a.joinpath("conftest.py").write_text(
        'def pytest_assertrepr_compare(): return ["summary a"]', encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63489fef7e73da7d Filesystem access.
pkgs/python/[email protected]/testing/test_assertion.py:1884
    b.joinpath("test_b.py").write_text("def test_b(): assert 1 == 2", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd7171dcaf4d6989 Filesystem access.
pkgs/python/[email protected]/testing/test_assertion.py:1885
    b.joinpath("conftest.py").write_text(
        'def pytest_assertrepr_compare(): return ["summary b"]', encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d37e2bf20be41d0d Filesystem access.
pkgs/python/[email protected]/testing/test_assertrewrite.py:361
        pkgdir.joinpath("__init__.py").write_text(
            "import pytest\n"
            "@pytest.fixture\n"
            "def special_asserter():\n"
            "    def special_assert(x, y):\n"
            "        assert x == y\n"
            "    return special_assert\n",
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4621fee392ed7b8 Filesystem access.
pkgs/python/[email protected]/testing/test_assertrewrite.py:381
        xdir.joinpath("test_Y").joinpath("__init__.py").write_text(
            "x = 2", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8b0057ffdb21362 Filesystem access.
pkgs/python/[email protected]/testing/test_assertrewrite.py:998
        pytester.path.joinpath("__pycache__").write_text("Hello", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c57cc6c1e3318461 Filesystem access.
pkgs/python/[email protected]/testing/test_assertrewrite.py:1172
        pkg.joinpath("test_blah.py").write_text(
            """
def test_rewritten():
    assert "@py_builtins" in globals()""",
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9bd7c92da723231 Filesystem access.
pkgs/python/[email protected]/testing/test_assertrewrite.py:1356
        source.write_text("def test(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a38b1055e1521df Filesystem access.
pkgs/python/[email protected]/testing/test_assertrewrite.py:1359
        contents = pyc.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #282996016a078bbf Filesystem access.
pkgs/python/[email protected]/testing/test_assertrewrite.py:1382
        fn.write_text("def test(): assert True", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83477a53f474e830 Filesystem access.
pkgs/python/[email protected]/testing/test_assertrewrite.py:1468
        path.joinpath("test_foo.py").write_text(
            textwrap.dedent(
                """\
                class Test(object):
                    def test_foo(self):
                        import pkgutil
                        data = pkgutil.get_data('foo.test_foo', 'data.txt')
                        assert data == b'Hey'
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbd1ff314f204fef Filesystem access.
pkgs/python/[email protected]/testing/test_assertrewrite.py:1480
        path.joinpath("data.txt").write_text("Hey", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fdba8ed803750898 Filesystem access.
pkgs/python/[email protected]/testing/test_cacheprovider.py:64
        pytester.path.joinpath(".pytest_cache").write_text(
            "gone wrong", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #20e2bb6aeb8ae7a1 Filesystem access.
pkgs/python/[email protected]/testing/test_cacheprovider.py:1167
        p1.write_text(
            "def test_1(): assert 1\ndef test_2(): assert 1\n", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #288a96584858b9d2 Filesystem access.
pkgs/python/[email protected]/testing/test_cacheprovider.py:1239
        p1.write_text(
            "import pytest\n"
            "@pytest.mark.parametrize('num', [1, 2, 3])\n"
            "def test_1(num): assert num\n",
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6bb7dd6ed60d16da Filesystem access.
pkgs/python/[email protected]/testing/test_cacheprovider.py:1308
    assert gitignore_path.read_text(encoding="UTF-8") == msg

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62365f496b555d5e Filesystem access.
pkgs/python/[email protected]/testing/test_cacheprovider.py:1311
    gitignore_path.write_text("custom", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #21bfb8f747773eac Filesystem access.
pkgs/python/[email protected]/testing/test_cacheprovider.py:1318
    assert gitignore_path.read_text(encoding="UTF-8") == "custom"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4279a411bfc648b7 Filesystem access.
pkgs/python/[email protected]/testing/test_cacheprovider.py:1359
    assert cachedir_tag_path.read_bytes() == CACHEDIR_FILES["CACHEDIR.TAG"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7847608681b40b87 Filesystem access.
pkgs/python/[email protected]/testing/test_capture.py:796
    sub1.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            def pytest_runtest_setup(item):
                raise ValueError(42)
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aee019714b57a9a3 Filesystem access.
pkgs/python/[email protected]/testing/test_capture.py:805
    sub1.joinpath("test_mod.py").write_text("def test_func1(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b93b83fb1599715b Filesystem access.
pkgs/python/[email protected]/testing/test_capture.py:1092
        with open(tmpfile.name, "rb") as stmp_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfd999a8d185d215 Filesystem access.
pkgs/python/[email protected]/testing/test_capture.py:1624
    with open("caplog", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bf43583a3775ad5 Filesystem access.
pkgs/python/[email protected]/testing/test_capture.py:1631
    with open("capstdout", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fdcf546c4619c4d8 Filesystem access.
pkgs/python/[email protected]/testing/test_collect_imported_tests.py:16
    src_file.write_text(
        textwrap.dedent("""\
            class Testament:
                def test_collections(self):
                    pass

            def test_testament(): pass
        """),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #caa416cebecd52e5 Filesystem access.
pkgs/python/[email protected]/testing/test_collect_imported_tests.py:28
    test_file.write_text(
        textwrap.dedent("""\
            from foo import Testament, test_testament

            class TestDomain:
                def test(self):
                    testament = Testament()
                    assert testament
        """),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dde9758eeaa44296 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:151
            x.write_text("def test_hello(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c65b2fb2deb785d3 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:170
        testfile.write_text("def test_hello(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5ae58b5aacceed2 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:189
        testfile.write_text("def test_hello(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fce123d3b6aa311a Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:214
        ensure_file(tmp_path / "mydir" / "test_hello.py").write_text(
            "def test_1(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #27a4e906edd83cf5 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:217
        ensure_file(tmp_path / "xyz123" / "test_2.py").write_text(
            "def test_2(): 0/0", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b3f7ce10ea2c8e8 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:220
        ensure_file(tmp_path / "xy" / "test_ok.py").write_text(
            "def test_3(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed0a03139e5dc31f Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:236
        ensure_file(tmp_path / "a" / "test_1.py").write_text(
            "def test_a(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c36e4939e863eda0 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:239
        ensure_file(tmp_path / "b" / "tests" / "test_2.py").write_text(
            "def test_b(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #afe676582418b181 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:242
        ensure_file(tmp_path / "c" / "tests" / "test_3.py").write_text(
            "def test_c(): pass", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9322850f01d57d14 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:378
        ensure_file(sub / "test_hello.py").write_text("syntax error", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e12e31e9223d1ba Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:379
        sub.joinpath("conftest.py").write_text("syntax error", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba19a25e7258c6d0 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1138
    foo_path.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            import pytest
            @pytest.fixture
            def fix():
                return 1
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55d9daf616dade91 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1149
    foo_path.joinpath("test_foo.py").write_text(
        "def test_foo(fix): assert fix == 1", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25757f786879860c Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1155
    food_path.joinpath("test_food.py").write_text(
        "def test_food(fix): assert fix == 1", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2fc6ccede88978d Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1295
    pytester.path.joinpath("conftest.py").write_text(
        textwrap.dedent(
            f"""
            import os
            os.chdir({str(subdir)!r})
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9ddb5e5a68d91b2 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1331
    testmod.joinpath("__init__.py").write_text(
        "def test_func(): pass", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65987283ddbe68df Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1334
    testmod.joinpath("test_file.py").write_text(
        "def test_func(): pass", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2af65230c8983f08 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1339
    root.joinpath("pytest.ini").write_text(
        textwrap.dedent(
            """
        [pytest]
        addopts = --pyargs
        testpaths = testmod
    """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f258975c03426efe Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1359
    p.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """
            def pytest_sessionstart(session):
                raise Exception("pytest_sessionstart hook successfully run")
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #247f71c57f6fbbd7 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1425
    real.write_text(
        textwrap.dedent(
            """
        def test_nodeid(request):
            # Should not contain sub/ prefix.
            assert request.node.nodeid == "test_real.py::test_nodeid"
        """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e343be5ed2747447 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1453
    dir.joinpath("test_it.py").write_text("def test_it(): pass", "utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa5c5cd6246be38e Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1462
    tests.joinpath("conftest.py").write_text(
        "collect_ignore = ['ignore_me']", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8637bb1985fd1f5a Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1469
    ignore_me.joinpath("conftest.py").write_text(
        "assert 0, 'should_not_be_called'", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e3ea58d58789737c Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1480
    init.write_text("def test_init(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c87c232587283f94 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1482
    p.write_text("def test_file(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86fade6181038112 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1517
    init.write_text("def test_init(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1677d9a965018360 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1535
    sub.joinpath("test_file.py").write_text("def test_file(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #911130a512e09695 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1573
    pydir.joinpath("__init__.py").write_text("assert False", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15cbdeedf58c4bc9 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1780
    test_file.write_text("def test(): pass", encoding="UTF-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dc165b0755ca4f42 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1803
    (target / "test_chain.py").write_text("def test_chain(): pass", encoding="UTF-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c02745a6f02d322 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1880
    tmp_path.joinpath("test_foo.py").write_text("def test(): pass", encoding="UTF-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #662f3b44912a7a39 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1905
    ensure_file(pytester.path / "test_eggs.py").write_text(
        f"print('{head}')", encoding="UTF-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9be7dc461fcb8038 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1908
    ensure_file(pytester.path / "test_ham.py").write_text(
        f"raise {exception_class.__name__}()", encoding="UTF-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22efce22216acd72 Filesystem access.
pkgs/python/[email protected]/testing/test_collection.py:1911
    ensure_file(pytester.path / "test_spam.py").write_text(
        f"print('{tail}')", encoding="UTF-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a56293ebd12b063 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:54
        (tmp_path / filename).write_text(
            textwrap.dedent(
                f"""\
                [{section}]
                name = value
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73e6fe25a0d20f49 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:87
        tmp_path.joinpath("pytest.ini").write_text(
            textwrap.dedent(
                """\
                [pytest]
                addopts = --verbose
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2c9646c738b01d5 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:141
        pytester.path.joinpath(name).write_text(
            textwrap.dedent(
                f"""
            [{section}]
            minversion = 3.36
        """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2be0bcfa13170f6b Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:155
        pytester.path.joinpath(name).write_text(
            textwrap.dedent(
                """
            [pytest]
            minversion = "3.36"
        """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c55e3b814b9a8ef4 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:216
        pytest_toml.write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c242dccc78ca3c8f Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:288
        sub.joinpath("tox.ini").write_text(
            textwrap.dedent(
                """
            [pytest]
            minversion = 2.0
        """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2e356901c3bc180 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:297
        pytester.path.joinpath("pytest.ini").write_text(
            textwrap.dedent(
                """
            [pytest]
            minversion = 1.5
        """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #823fbb7ace8a1ad9 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:310
        pytester.path.joinpath("pytest.ini").write_text(
            "addopts = -x", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac61ec605646d001 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:328
        pytester.path.joinpath("pytest.toml").write_text(
            """
            \\"
            """,
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bdbf580736e534f2 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:834
        p.write_text(f"mylist = {['.', str(somepath)]}", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #993b1d0a43ee8d02 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:1426
        p1.write_text(
            textwrap.dedent(
                """\
                [pytest]
                name = value
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd755a894d1cb7ce Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:1443
        p2.write_text(
            textwrap.dedent(
                """\
                [pytest]
                name = wrong-value
                should_not_be_set = true
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4729f552157fd4f2 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:1935
        inipath.write_text(contents, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f26816d5583199ab Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:2027
        p.write_text(contents, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b60f754ea6c9a1d5 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:2142
        (tmp_path / "setup.cfg").write_text("[tool:pytest]\n", "utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1efdcdd41af8cbc6 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:2144
        (tmp_path / "myproject" / "setup.cfg").write_text("[tool:pytest]\n", "utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #75f6bfc991dd10a4 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:2164
        pytester.path.joinpath(name).write_text(
            textwrap.dedent(
                f"""
            {section}
            custom = 1.0"""
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c5359b77a79f22f Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:2818
        tmp_path.joinpath("pytest.ini").write_text(
            textwrap.dedent(
                """\
                [pytest]
                addopts = --verbose
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93509b03b7f6052e Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:2839
        tmp_path.joinpath("pytest.ini").write_text(
            textwrap.dedent(
                """\
                [pytest]
                addopts = --verbose
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e7d039354485098 Filesystem access.
pkgs/python/[email protected]/testing/test_config.py:2858
        tmp_path.joinpath("pytest.ini").write_text(
            textwrap.dedent(
                f"""\
                [pytest]
                addopts = --verbose
                {setting_name} = {TestVerbosity.SOME_OUTPUT_VERBOSITY_LEVEL}
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e24a9f4a14cd7d7 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:49
        tmp_path.joinpath("adir/conftest.py").write_text(
            "a=1 ; Directory = 3", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a9e03516f76e012 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:52
        tmp_path.joinpath("adir/b/conftest.py").write_text(
            "b=2 ; a = 1.5", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22256ecbc60cdcbd Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:134
    tmp_path.joinpath("adir-1.0/conftest.py").write_text(
        "a=1 ; Directory = 3", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9a300ab2eeff9e0 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:137
    tmp_path.joinpath("adir-1.0/b/conftest.py").write_text(
        "b=2 ; a = 1.5", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59eb9bbd5cf5d439 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:270
    x.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            def pytest_addoption(parser):
                parser.addoption("--xyz", action="store_true")
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17badcae3f51e770 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:298
    tmp_path.joinpath("foo", "conftest.py").write_text(
        textwrap.dedent(
            """\
            import pytest
            @pytest.fixture
            def fix(): return None
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1990721969dd891 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:308
    tmp_path.joinpath("foo", "test_it.py").write_text(
        "def test_it(fix): pass", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6099a603aada2222 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:429
    x.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            def pytest_addoption(parser):
                parser.addoption("--xyz", action="store_true")
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #510b2e78ec8193c8 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:469
    ct2.write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #23b8a7173c0029ec Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:493
    sub.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            import pytest

            @pytest.fixture
            def not_needed():
                assert False, "Should not be called!"

            @pytest.fixture
            def foo():
                assert False, "Should not be called!"

            @pytest.fixture
            def bar(foo):
                return 'bar'
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #572a76b169b82dad Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:516
    subsub.joinpath("test_bar.py").write_text(
        textwrap.dedent(
            """\
            import pytest

            @pytest.fixture
            def bar():
                return 'sub bar'

            def test_event_fixture(bar):
                assert bar == 'sub bar'
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #748a91d6e3e0538a Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:537
    sub.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            def pytest_addoption(parser):
                parser.addoption("--hello-world", action="store_true")
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e103ea1dee3a22a Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:547
    p.write_text("def test_hello(): pass", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1005f902553d8af Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:563
        package.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest
                @pytest.fixture
                def fxtr():
                    return "from-package"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #131c28fd2b3a18fe Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:574
        package.joinpath("test_pkgroot.py").write_text(
            textwrap.dedent(
                """\
                def test_pkgroot(fxtr):
                    assert fxtr == "from-package"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e9578ee1c4e56e9 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:587
        swc.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
                import pytest
                @pytest.fixture
                def fxtr():
                    return "from-swc"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e83a27f9175faee0 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:598
        swc.joinpath("test_with_conftest.py").write_text(
            textwrap.dedent(
                """\
                def test_with_conftest(fxtr):
                    assert fxtr == "from-swc"
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1dfc03fcc358379f Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:611
        snc.joinpath("test_no_conftest.py").write_text(
            textwrap.dedent(
                """\
                def test_no_conftest(fxtr):
                    assert fxtr == "from-package"   # No local conftest.py, so should
                                                    # use value from parent dir's
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bb5677dd1b3f971 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:685
    src.joinpath("pytest.ini").write_text("[pytest]", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02fca7c6f6b1fd20 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:686
    src.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            import pytest
            @pytest.fixture
            def fix1(): pass
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b9b4de9d65ddd0b Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:696
    src.joinpath("test_foo.py").write_text(
        textwrap.dedent(
            """\
            def test_1(fix1):
                pass
            def test_2(out_of_reach):
                pass
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #342e3a5418ef929d Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:707
    root.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            import pytest
            @pytest.fixture
            def out_of_reach(): pass
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1dfcf0601e6de9c1 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:811
    sdk.joinpath("pyproject.toml").write_text(
        textwrap.dedent("""\
            [tool.pytest.ini_options]
            testpaths = ["../tests/sdk"]
        """),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #974ad5630a294033 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:821
    tests_sdk.joinpath("conftest.py").write_text(
        textwrap.dedent("""\
            import pytest

            @pytest.fixture(autouse=True)
            def outer_fixture():
                pass
        """),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84efdb1b15b82d8c Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:831
    tests_sdk.joinpath("test_outer.py").write_text(
        textwrap.dedent("""\
            def test_outer(request):
                fixturenames = request.fixturenames
                assert "outer_fixture" in fixturenames
                assert "inner_fixture" not in fixturenames
        """),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b8a7d644d8624ae Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:843
    inner.joinpath("conftest.py").write_text(
        textwrap.dedent("""\
            import pytest

            @pytest.fixture(autouse=True)
            def inner_fixture():
                pass
        """),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #931c09c100b380f1 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:853
    inner.joinpath("test_inner.py").write_text(
        textwrap.dedent("""\
            def test_inner(request):
                fixturenames = request.fixturenames
                assert "outer_fixture" in fixturenames
                assert "inner_fixture" in fixturenames
        """),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b50074e918cea730 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:887
    root.joinpath("conftest.py").write_text(
        textwrap.dedent("""\
            import pytest

            @pytest.fixture
            def ancestor_fixture():
                return "from-ancestor"
        """),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a850c90bf47c608 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:899
    sub.joinpath("pyproject.toml").write_text(
        "[tool.pytest.ini_options]\n", encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a70e9f287bcfbfa4 Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:902
    sub.joinpath("test_it.py").write_text(
        textwrap.dedent("""\
            def test_uses_ancestor(ancestor_fixture):
                assert ancestor_fixture == "from-ancestor"
        """),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #973c94ae3088e0ca Filesystem access.
pkgs/python/[email protected]/testing/test_conftest.py:917
    x.joinpath("conftest.py").write_text(
        textwrap.dedent(
            """\
            def pytest_addoption(parser):
                parser.addoption("--xyz", action="store_true", required=True)
            """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cdd3ca5de270137d Filesystem access.
pkgs/python/[email protected]/testing/test_debugging.py:387
        sub_dir.joinpath("conftest").with_suffix(".py").write_text(
            "import unknown", "utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33ad45f35dc543f6 Filesystem access.
pkgs/python/[email protected]/testing/test_debugging.py:390
        sub_dir.joinpath("test_file").with_suffix(".py").write_text(
            "def test_func(): pass", "utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b7d23a39f0ae68e Filesystem access.
pkgs/python/[email protected]/testing/test_doctest.py:201
        fn.write_text(doctest, encoding=encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0038d44f76833bce Filesystem access.
pkgs/python/[email protected]/testing/test_doctest.py:350
        pytester.path.joinpath("hello.py").write_text(
            textwrap.dedent(
                """\
                class Fun(object):
                    @property
                    def test(self):
                        '''
                        >>> a = 1
                        >>> 1/0
                        '''
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f08b6e04caef7b2 Filesystem access.
pkgs/python/[email protected]/testing/test_doctest.py:448
        pytester.path.joinpath("hello.py").write_text(
            textwrap.dedent(
                """\
                import asdalsdkjaslkdjasd
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c7ac1244a1555ce Filesystem access.
pkgs/python/[email protected]/testing/test_doctest.py:506
        p.joinpath("__init__.py").write_text(
            textwrap.dedent(
                """\
                def somefunc():
                    '''
                        >>> i = 0
                        >>> i + 1
                        2
                    '''
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c2e13351f5c081eb Filesystem access.
pkgs/python/[email protected]/testing/test_doctest.py:1365
        assert Path("out").read_text("utf-8").split() == ["RUN"] * 2

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b7f5326c0a49ecad Filesystem access.
pkgs/python/[email protected]/testing/test_doctest.py:1687
    not_setup_py.write_text(
        'from setuptools import setup; setup(name="foo")', encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0022f138c7a2f49b Filesystem access.
pkgs/python/[email protected]/testing/test_doctest.py:1696
    setup_py.write_text(f'from {mod} import setup; setup(name="foo")', "utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83aaca3e878c214e Environment-variable access.
pkgs/python/[email protected]/testing/test_faulthandler.py:82
                bool(os.environ.get("CI"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #68cc3bff726db858 Environment-variable access.
pkgs/python/[email protected]/testing/test_faulthandler.py:123
    "CI" in os.environ and sys.platform == "linux" and sys.version_info >= (3, 14),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #58f2a64dc7a0b0b4 Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:22
        fn.write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4db07b678ecb19b Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:28
        fn.write_text("[pytest]\nx=1", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2f1c7e18a232256 Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:36
        fn.write_text("[pytest]\nx=1", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fff8cc0892fb9ffb Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:44
        fn.write_text("[custom]", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f702c72c37160a1f Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:50
        fn.write_text("[custom]", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d8a6b3ca3a88b54 Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:56
        fn.write_text("[tool:pytest]\nx=1", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bed8b736764ee42 Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:64
        fn.write_text("[pytest]", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b3d838e787bf813 Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:71
        fn.write_text("]invalid toml[", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9cfe536bc3b57e5f Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:78
        fn.write_text(
            dedent(
                """
            [build_system]
            x = 1
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #54443fbc48414cd2 Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:93
        fn.write_text(
            dedent(
                """
            [tool.pytest.ini_options]
            x = 1
            y = 20.0
            values = ["tests", "integration"]
            name = "foo"
            heterogeneous_array = [1, "str"]
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86db0775946aa982 Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:117
        fn.write_text(
            dedent(
                """
                [tool.pytest]
                minversion = "7.0"
                xfail_strict = true
                testpaths = ["tests", "integration"]
                python_files = ["test_*.py", "*_test.py"]
                verbosity_assertions = 2
                maxfail = 5
                timeout = 300.5
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80fcd6b95a3bae9b Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:150
        fn.write_text(
            dedent(
                """
            [tool.pytest]
            xfail_strict = true

            [tool.pytest.ini_options]
            minversion = "7.0"
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93a1bab82f2def4e Filesystem access.
pkgs/python/[email protected]/testing/test_findpaths.py:168
        fn.write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3b17db7c86e0be5 Filesystem access.
pkgs/python/[email protected]/testing/test_helpconfig.py:129
    assert "pytest_sessionstart" in p.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #01d16dbe046d4d7b Filesystem access.
pkgs/python/[email protected]/testing/test_junitxml.py:542
        p.write_text("def test_func(): 0/0", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85b050bca5241848 Filesystem access.
pkgs/python/[email protected]/testing/test_junitxml.py:1058
        pytester.path.joinpath("myfile.xyz").write_text("hello", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5b25f6303ca584b Filesystem access.
pkgs/python/[email protected]/testing/test_junitxml.py:1084
    text = xmlf.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f173cd881b56149 Filesystem access.
pkgs/python/[email protected]/testing/test_junitxml.py:1106
    text = xmlf.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a2b2382706c95f26 Filesystem access.
pkgs/python/[email protected]/testing/test_link_resolve.py:58
    p.write_text(
        textwrap.dedent(
            """
        import pytest
        def test_foo():
            raise AssertionError()
        """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7e80440e8c1427d Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:169
        os.environ[key] = "world"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #644e01db0c2a791e Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:172
    del os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5ca90a3ef1259c3 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:175
        assert os.environ[key] == "world"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a74309bdae302d1 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:176
        del os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b2529f1ede9b13b0 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:178
        assert key not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6ea99186aa4fcfa6 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:205
    assert os.environ["XYZ123"] == "2"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #386cf2f4521356f0 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:207
    assert "XYZ123" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #674eca911f816b95 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:212
    assert name not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7cf06fc1ef5cadd6 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:218
    os.environ[name] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4653fdf0e1f5a58a Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:222
        assert name not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50542ced202bcdf5 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:224
        assert os.environ[name] == "3"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c322ade8dbe2a29 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:226
        assert os.environ[name] == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69175ea7a09ba059 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:228
        if name in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab1576d96f594d5c Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:229
            del os.environ[name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e7c62dc58670e69 Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:257
    assert os.environ["XYZ123"] == "3-2"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #684d1cfd5f798e3c Environment-variable access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:259
    assert "XYZ123" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74636762c242b0ec Filesystem access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:342
    p.joinpath("a.py").write_text(
        textwrap.dedent(
            """\
        import doesnotexist

        x = 1
    """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #007535fb72f553c6 Filesystem access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:352
    pytester.path.joinpath("test_importerror.py").write_text(
        textwrap.dedent(
            """\
        def test_importerror(monkeypatch):
            monkeypatch.setattr('package.a.x', 2)
    """
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #156ea0f964b390bf Filesystem access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:466
        ns.joinpath("__init__.py").write_text(
            "__import__('pkg_resources').declare_namespace(__name__)", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b84365320666e49 Filesystem access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:471
        lib.joinpath("__init__.py").write_text(
            f"def check(): return {dirname!r}", encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18843590b60d14a5 Filesystem access.
pkgs/python/[email protected]/testing/test_monkeypatch.py:500
    modules_tmpdir.joinpath("main_app.py").write_text("app = True", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36fcbcbb43b32795 Filesystem access.
pkgs/python/[email protected]/testing/test_parseopt.py:143
        args_file.write_text("\n".join(tests), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ee6ecc3df28e06e Filesystem access.
pkgs/python/[email protected]/testing/test_parseopt.py:311
    with open(str(script), "w", encoding="utf-8") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fd0daf2a395a02b Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:147
        samplefile.write_text("samplefile\n", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9180838aaf0980f8 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:150
        execfile.write_text("x=42", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e45c9638365a7672 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:153
        execfilepy.write_text("x=42", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ef7633bc24c393d Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:167
        module_a.write_text("from .b import stuff as result\n", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f69fa10dadeef17b Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:169
        module_b.write_text('stuff="got it"\n', encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa8a986ecb0a9cc1 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:171
        module_c.write_text(
            dedent(
                """
            import pluggy;
            import otherdir.a
            value = otherdir.a.result
        """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba0bbc475b959f78 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:182
        module_d.write_text(
            dedent(
                """
            import pluggy;
            from otherdir import a
            value2 = a.result
        """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #12f89bc486823d46 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:355
        fn.write_text("def foo(x): return 40 + x", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be2ed65dc1c0d41c Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:559
    module_path.write_text("def foo(): return 42", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78a95ba0b10ae00a Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:603
        fn.write_text(
            dedent(
                """
                from dataclasses import dataclass

                @dataclass
                class Data:
                    value: str
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84e2e72b470f885f Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:636
        fn.write_text(
            dedent(
                """
                import pickle

                def _action():
                    return 42

                def round_trip():
                    s = pickle.dumps(_action)
                    return pickle.loads(s)
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #959c977953c5170e Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:674
        fn1.write_text(
            dedent(
                """
                import dataclasses
                import pickle

                @dataclasses.dataclass
                class Data:
                    x: int = 42
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73beb250df574c2d Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:690
        fn2.write_text(
            dedent(
                """
                import dataclasses
                import pickle

                @dataclasses.dataclass
                class Data:
                    x: str = ""
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ff6c2e85132d4d3 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:821
        file_path.write_text("my_name='demo'", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e8587ecacdfd8fc Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:824
            (tmp_path / "a/b/__init__.py").write_text(
                "my_name='b.__init__'", encoding="utf-8"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50134b877cbf5544 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:890
        init.write_text(
            dedent(
                """
                from .singleton import Singleton

                instance = Singleton()
                """
            ),
            encoding="ascii",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8158a33088fdb5f4 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:901
        singleton.write_text(
            dedent(
                """
                class Singleton:
                    INSTANCES = []

                    def __init__(self) -> None:
                        self.INSTANCES.append(self)
                        if len(self.INSTANCES) > 1:
                            raise RuntimeError("Already initialized")
                """
            ),
            encoding="ascii",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5bdf7d87db19d76 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:955
        file_path.write_text(
            dedent(
                """
            def test_demo():
                pass
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb5937e5266373b6 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:992
        core_py.write_text(
            dedent(
                """
                def foo():
                    '''
                    >>> 1 + 1
                    2
                    '''
                """
            ),
            encoding="ascii",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60617f6069ac5a7e Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1019
        conftest_path1.write_text(
            dedent(
                """
                import pytest
                @pytest.fixture
                def a_fix(): return "a"
                """
            ),
            encoding="ascii",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e57eb47b12a9692c Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1030
        test_path1.write_text(
            dedent(
                """
                import app.core
                def test(a_fix):
                    assert a_fix == "a"
                """,
            ),
            encoding="ascii",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2abd17302b825641 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1043
        conftest_path2.write_text(
            dedent(
                """
                import pytest
                @pytest.fixture
                def b_fix(): return "b"
                """
            ),
            encoding="ascii",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c06322ea3bcee17 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1055
        test_path2.write_text(
            dedent(
                """
                import app.core
                def test(b_fix):
                    assert b_fix == "b"
                """,
            ),
            encoding="ascii",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a01d7957e027da2 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1175
        x_at_root.write_text("raise AssertionError('x at root')", encoding="ascii")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #56d210a120b635e0 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1181
        x_in_sub_dir.write_text("X = 'a/b/x'", encoding="ascii")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c867f63da48c593 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1400
        (tmp_path / "src/dist1/com/company/app/__init__.py").write_text(
            code, encoding="UTF-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3adaffcb33336f1f Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1403
        (tmp_path / "src/dist1/com/company/app/core/__init__.py").write_text(
            code, encoding="UTF-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #852fb64880927071 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1410
        (tmp_path / "src/dist2/com/company/calc/__init__.py").write_text(
            code, encoding="UTF-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c8486160c72d39e Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1413
        (tmp_path / "src/dist2/com/company/calc/algo/__init__.py").write_text(
            code, encoding="UTF-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #725ac02c7d58e206 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1417
        algorithms_py.write_text(code, encoding="UTF-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1014626eddc82ca2 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1503
        test_py.write_text(code, encoding="UTF-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #015faced20f68d57 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1532
        file.write_text("data=123", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5123209874163803 Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1537
        tests.write_text(
            dedent(
                """
            from cow.moo.moo import data

            def test_moo():
                print(data)
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fff9a6fd5628c66a Filesystem access.
pkgs/python/[email protected]/testing/test_pathlib.py:1693
    test_y.write_text("def test(): pass", encoding="UTF-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6eff3ac69e8dd925 Environment-variable access.
pkgs/python/[email protected]/testing/test_pluginmanager.py:351
        monkeypatch.setitem(os.environ, "PYTEST_PLUGINS", "xy123")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11fe419fb539eb38 Filesystem access.
pkgs/python/[email protected]/testing/test_pluginmanager.py:409
        pytester.mkpydir("pkg").joinpath("plug.py").write_text("x=3", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c967d6822464940 Filesystem access.
pkgs/python/[email protected]/testing/test_pytester.py:218
    assert "mixed_encoding = 'São Paulo'".encode() in p.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b47220db7a7c240 Filesystem access.
pkgs/python/[email protected]/testing/test_pytester.py:227
        test_mod.write_text("def test_foo(): assert False", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #561be4709143a3cf Environment-variable access.
pkgs/python/[email protected]/testing/test_pytester.py:613
    assert "PYTEST_ADDOPTS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48dbd0c4d98be32c Environment-variable access.
pkgs/python/[email protected]/testing/test_pytester.py:705
    assert os.environ.get("HOME") == tmphome

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74ce18e3d24b6d8e Filesystem access.
pkgs/python/[email protected]/testing/test_python_path.py:38
    foo_py.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d978e0533c09f0b Filesystem access.
pkgs/python/[email protected]/testing/test_python_path.py:47
    bar_py.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e3390c325fd8b384 Filesystem access.
pkgs/python/[email protected]/testing/test_python_path.py:76
    localplugin_py.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99754b8d986bb384 Filesystem access.
pkgs/python/[email protected]/testing/test_reports.py:411
        sub_dir.joinpath("conftest.py").write_text("import unknown", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e39c5fcd503b051 Environment-variable access.
pkgs/python/[email protected]/testing/test_runner.py:1086
    assert "PYTEST_CURRENT_TEST" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b52442fffd13adc5 Environment-variable access.
pkgs/python/[email protected]/testing/test_runner.py:1225
    assert os.environ["PYTEST_VERSION"] == "old version"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #081572f9abe000b7 Filesystem access.
pkgs/python/[email protected]/testing/test_session.py:273
    hellodir.joinpath("test_hello.py").write_text("x y syntaxerror", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97a9c454d52b11dd Filesystem access.
pkgs/python/[email protected]/testing/test_session.py:275
    hello2dir.joinpath("test_hello2.py").write_text("x y syntaxerror", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae0003a66ad49f01 Filesystem access.
pkgs/python/[email protected]/testing/test_session.py:284
    hellodir.joinpath("test_hello.py").write_text("x y syntaxerror", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c9bb4c84cb28fce Filesystem access.
pkgs/python/[email protected]/testing/test_session.py:286
    hello2dir.joinpath("test_hello2.py").write_text("x y syntaxerror", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2acf83e742bc229a Filesystem access.
pkgs/python/[email protected]/testing/test_session.py:288
    hello3dir.joinpath("test_hello3.py").write_text("x y syntaxerror", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #669379183957419a Filesystem access.
pkgs/python/[email protected]/testing/test_session.py:290
    subdir.joinpath("test_hello4.py").write_text("x y syntaxerror", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15027a3b09b6746b Filesystem access.
pkgs/python/[email protected]/testing/test_skipping.py:191
        root.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
            import pytest

            def pytest_markeval_namespace():
                return {"arg": "root"}
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80405e6dfa8f37de Filesystem access.
pkgs/python/[email protected]/testing/test_skipping.py:202
        root.joinpath("test_root.py").write_text(
            textwrap.dedent(
                """\
            import pytest

            @pytest.mark.skipif("arg == 'root'")
            def test_root():
                assert False
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0d8550c65f82a53 Filesystem access.
pkgs/python/[email protected]/testing/test_skipping.py:217
        foo.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
            import pytest

            def pytest_markeval_namespace():
                return {"arg": "foo"}
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2e523fb6010b2eb7 Filesystem access.
pkgs/python/[email protected]/testing/test_skipping.py:228
        foo.joinpath("test_foo.py").write_text(
            textwrap.dedent(
                """\
            import pytest

            @pytest.mark.skipif("arg == 'foo'")
            def test_foo():
                assert False
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ad7317a823435ee Filesystem access.
pkgs/python/[email protected]/testing/test_skipping.py:243
        bar.joinpath("conftest.py").write_text(
            textwrap.dedent(
                """\
            import pytest

            def pytest_markeval_namespace():
                return {"arg": "bar"}
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e076b19332d6b7ee Filesystem access.
pkgs/python/[email protected]/testing/test_skipping.py:254
        bar.joinpath("test_bar.py").write_text(
            textwrap.dedent(
                """\
            import pytest

            @pytest.mark.skipif("arg == 'bar'")
            def test_bar():
                assert False
            """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6161e8018c6b4f76 Filesystem access.
pkgs/python/[email protected]/testing/test_stepwise.py:534
    cache_file.write_text(json.dumps({"invalid": True}), encoding="UTF-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50c49bc12c3c90b0 Filesystem access.
pkgs/python/[email protected]/testing/test_terminal.py:271
        a.joinpath("test_hello123.py").write_text(
            textwrap.dedent(
                """\
                class TestClass(object):
                    def test_method(self):
                        pass
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c7117da2a42c6e6 Filesystem access.
pkgs/python/[email protected]/testing/test_terminal.py:1645
        pytester.mkdir("a").joinpath("conftest.py").write_text(
            """
def pytest_report_header(config, start_path):
    return ["line1", str(start_path)]
""",
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3eb8f94ee82d4162 Filesystem access.
pkgs/python/[email protected]/testing/test_terminal.py:3386
        test_path.write_text(
            textwrap.dedent(
                """
                import pytest

                @pytest.mark.parametrize("a", ["x/y", "C:/path", "\\\\", "C:\\\\path", "a::b/"])
                def test_x(a):
                    assert False
                """
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

python-dotenv

python dependency
expand_more 11 low-confidence finding(s)
low env_fs dependency Excluded from app score #ab7acd2a6d7bb42e Filesystem access.
pkgs/python/[email protected]/src/dotenv/cli.py:76
        with open(path) as stream:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8632cfa9d058e783 Environment-variable access.
pkgs/python/[email protected]/src/dotenv/cli.py:194
        if v is not None and (override or k not in os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #914bae07c4718ca4 Environment-variable access.
pkgs/python/[email protected]/src/dotenv/cli.py:225
    cmd_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2dbdf590b70de2df Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:26
    if "PYTHON_DOTENV_DISABLED" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9146f5b2f1d0c910 Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:28
    value = os.environ["PYTHON_DOTENV_DISABLED"].casefold()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74dd06daafc7f043 Filesystem access.
pkgs/python/[email protected]/src/dotenv/main.py:63
            with open(self.dotenv_path, encoding=self.encoding) as stream:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #080d9c078e319ede Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:105
            if k in os.environ and not self.override:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18cc2ac6addd585c Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:108
                os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a42a40159c2b2cc Filesystem access.
pkgs/python/[email protected]/src/dotenv/main.py:148
        source: IO[str] = open(path, encoding=encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59231430cf22b9cb Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:302
                env.update(os.environ)  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ecf0f0d4dbd5a5d9 Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:306
                env.update(os.environ)  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pyyaml

python dependency
expand_more 3 low-confidence finding(s)
low env_fs dependency Excluded from app score #78a9da58fe4bbd34 Environment-variable access.
pkgs/python/[email protected]/setup.py:72
os.environ['SETUPTOOLS_USE_DISTUTILS'] = 'local'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1962f692ce7871d Environment-variable access.
pkgs/python/[email protected]/setup.py:81
if 'sdist' in sys.argv or os.environ.get('PYYAML_FORCE_CYTHON') == '1':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f1676e76d4f3577 Environment-variable access.
pkgs/python/[email protected]/setup.py:160
            with_ext = getattr(self, ext.attr_name) or os.environ.get('PYYAML_FORCE_{0}'.format(ext.feature_name.upper()))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

requests

python dependency
expand_more 8 low-confidence finding(s)
low env_fs dependency Excluded from app score #0be856313622909a Environment-variable access.
pkgs/python/[email protected]/src/requests/sessions.py:857
                    os.environ.get("REQUESTS_CA_BUNDLE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28c63ea16ecc956a Environment-variable access.
pkgs/python/[email protected]/src/requests/sessions.py:858
                    or os.environ.get("CURL_CA_BUNDLE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4cbc8ef3c15420df Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:239
    netrc_file = os.environ.get("NETRC")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1366ac94283a964b Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:798
        old_value = os.environ.get(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f13b520ee5322d27 Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:799
        os.environ[env_name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80ee2d6272225b37 Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:805
                del os.environ[env_name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fc89839c685b275 Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:807
                os.environ[env_name] = old_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f1cea98709a57de Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:820
        return os.environ.get(key) or os.environ.get(key.upper())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

ruff

python dependency
expand_more 10 low-confidence finding(s)
low env_fs dependency Excluded from app score #3a5f598b3169ff0a Filesystem access.
pkgs/python/[email protected]/crates/ruff_python_ast/generate.py:1171
    out_path.write_text(rustfmt("\n".join(out)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da1d738287fb2ad4 Filesystem access.
pkgs/python/[email protected]/crates/ruff_python_formatter/generate.py:24
nodes_file = (
    root.joinpath("crates")
    .joinpath("ruff_python_ast")
    .joinpath("src")
    .joinpath("generated.rs")
    .read_text()
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b82c796b67aca09 Filesystem access.
pkgs/python/[email protected]/crates/ruff_python_formatter/generate.py:118
        node_path.write_text(rustfmt(code))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d8a702e627085a5 Filesystem access.
pkgs/python/[email protected]/crates/ruff_python_formatter/generate.py:176
out.write_text(rustfmt(generated))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37a63887a51018d5 Filesystem access.
pkgs/python/[email protected]/crates/ruff_python_parser/resources/inline/err/debug_shadow_with.py:1
with open("foo.txt") as __debug__: ...

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0fc588940ca97a87 Filesystem access.
pkgs/python/[email protected]/crates/ruff_python_parser/resources/inline/ok/single_parenthesized_item_context_manager_py38.py:2
with (
  open('foo.txt')) as foo: ...

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11ca7c04dd19050e Filesystem access.
pkgs/python/[email protected]/crates/ruff_python_parser/resources/inline/ok/single_parenthesized_item_context_manager_py38.py:4
with (
  open('foo.txt')): ...

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6646c84408988bd3 Filesystem access.
pkgs/python/[email protected]/crates/ruff_python_parser/resources/valid/statement/ambiguous_lpar_with_items.py:61
with (open('a.py')), (open('b.py')): ...

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b679f9471853c399 Filesystem access.
pkgs/python/[email protected]/crates/ruff_python_parser/resources/valid/statement/with.py:13
with open() as f: ...

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3c517eaddecc4c6 Filesystem access.
pkgs/python/[email protected]/crates/ruff_python_parser/resources/valid/statement/with.py:14
with open() as f.attr: ...

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

yt-dlp

python dependency
expand_more 107 low-confidence finding(s)
low env_fs dependency Excluded from app score #54268961246f11e7 Filesystem access.
pkgs/python/[email protected]/devscripts/bash-completion.py:22
    with open(BASH_COMPLETION_TEMPLATE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15ea62be3e338aec Filesystem access.
pkgs/python/[email protected]/devscripts/bash-completion.py:24
    with open(BASH_COMPLETION_FILE, 'w') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #64fec17a86474ff4 Filesystem access.
pkgs/python/[email protected]/devscripts/check-porn.py:24
    LIST = open(sys.argv[1]).read().decode('utf8').strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc0440d230e29930 Filesystem access.
pkgs/python/[email protected]/devscripts/fish-completion.py:44
    with open(FISH_COMPLETION_TEMPLATE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51f76f5fd429a69c Filesystem access.
pkgs/python/[email protected]/devscripts/fish-completion.py:47
    with open(FISH_COMPLETION_FILE, 'w') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #762c68cc1434ab6d Filesystem access.
pkgs/python/[email protected]/devscripts/generate_third_party_licenses.py:297
        return cache_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bd5cf5d27bf33ca Filesystem access.
pkgs/python/[email protected]/devscripts/generate_third_party_licenses.py:303
    cache_file.write_text(text)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9b8b4944e5054d0 Filesystem access.
pkgs/python/[email protected]/devscripts/generate_third_party_licenses.py:329
    Path(DEFAULT_OUTPUT).write_text(content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb90d5c1b5ecc63b Environment-variable access.
pkgs/python/[email protected]/devscripts/make_lazy_extractors.py:39
    os.environ['YTDLP_NO_PLUGINS'] = 'true'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea305d0d7c97131c Environment-variable access.
pkgs/python/[email protected]/devscripts/make_lazy_extractors.py:40
    os.environ['YTDLP_NO_LAZY_EXTRACTORS'] = 'true'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2777082425577fb Environment-variable access.
pkgs/python/[email protected]/devscripts/run_tests.py:45
    pytest_args = args.pytest_args or os.getenv('HATCH_TEST_ARGS', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fad0a88048c01626 Environment-variable access.
pkgs/python/[email protected]/devscripts/run_tests.py:93
            ci=bool(os.getenv('CI')),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7437fdfd676f3f16 Environment-variable access.
pkgs/python/[email protected]/devscripts/setup_variables.py:116
    if not os.getenv('GITHUB_OUTPUT'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #739ef350ed12055c Environment-variable access.
pkgs/python/[email protected]/devscripts/setup_variables.py:121
        inputs = json.loads(os.environ['INPUTS'])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8284faaf8ae8150b Filesystem access.
pkgs/python/[email protected]/devscripts/setup_variables.py:129
        with open(os.environ['GITHUB_OUTPUT'], 'a') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #266347e22177494a Environment-variable access.
pkgs/python/[email protected]/devscripts/setup_variables.py:129
        with open(os.environ['GITHUB_OUTPUT'], 'a') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d159656d0002b2ef Environment-variable access.
pkgs/python/[email protected]/devscripts/setup_variables.py:133
    outputs = setup_variables(dict(os.environ))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #98b60d8a2b04968e Filesystem access.
pkgs/python/[email protected]/devscripts/setup_variables.py:142
    with open(os.environ['GITHUB_OUTPUT'], 'a') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f75950ac7e4e06ee Environment-variable access.
pkgs/python/[email protected]/devscripts/setup_variables.py:142
    with open(os.environ['GITHUB_OUTPUT'], 'a') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #24f047704dd4067c Filesystem access.
pkgs/python/[email protected]/devscripts/update_requirements.py:447
    (PACKAGE_PATH / '_info.py').write_text(EJS_TEMPLATE.format(
        version=version,
        hash_mapping=hash_mapping,
    ))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c35936baedc5282 Filesystem access.
pkgs/python/[email protected]/devscripts/update_requirements.py:452
    content = PYPROJECT_PATH.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef33a7e826e01bb7 Filesystem access.
pkgs/python/[email protected]/devscripts/update_requirements.py:454
    PYPROJECT_PATH.write_text(updated)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec64330d86919a7b Filesystem access.
pkgs/python/[email protected]/devscripts/update_requirements.py:456
    makefile = MAKEFILE_PATH.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2946e8d85af5a7dc Filesystem access.
pkgs/python/[email protected]/devscripts/update_requirements.py:459
    MAKEFILE_PATH.write_text(makefile)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dc13049fcc7d3738 Filesystem access.
pkgs/python/[email protected]/devscripts/update_requirements.py:579
    pyproject_text = PYPROJECT_PATH.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4486c657192241dc Filesystem access.
pkgs/python/[email protected]/devscripts/update_requirements.py:593
        old_lock = parse_toml(LOCKFILE_PATH.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38b65671556e21e7 Environment-variable access.
pkgs/python/[email protected]/devscripts/update_requirements.py:598
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a31207253f66792 Filesystem access.
pkgs/python/[email protected]/devscripts/update_requirements.py:608
    new_packages = get_lock_packages(parse_toml(LOCKFILE_PATH.read_text()), [package_name])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #533cf5e7992d0d09 Filesystem access.
pkgs/python/[email protected]/devscripts/update_requirements.py:619
                old_requirements_txt = requirements_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fff073474ebcc5ef Filesystem access.
pkgs/python/[email protected]/devscripts/update_requirements.py:629
            new_requirements_txt = requirements_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80d60a760b74e610 Filesystem access.
pkgs/python/[email protected]/devscripts/utils.py:18
    with open(fname, encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b9984af2203ad7e Filesystem access.
pkgs/python/[email protected]/devscripts/utils.py:23
    with open(fname, mode, encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65c83f8324cfceb8 Environment-variable access.
pkgs/python/[email protected]/devscripts/utils.py:98
    if gh_token := os.getenv('GH_TOKEN'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f01244fc1c46831 Filesystem access.
pkgs/python/[email protected]/devscripts/zsh-completion.py:45
    with open(ZSH_COMPLETION_TEMPLATE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4000471cd5c5586e Filesystem access.
pkgs/python/[email protected]/devscripts/zsh-completion.py:52
    with open(ZSH_COMPLETION_FILE, 'w') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b08e0ba10d8166d7 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/YoutubeDL.py:685
        term_allow_color = os.getenv('TERM', '').lower() != 'dumb'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fdccb1940d94e36 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/YoutubeDL.py:686
        base_no_color = bool(os.getenv('NO_COLOR'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7733cb23135ef89 Filesystem access.
pkgs/python/[email protected]/yt_dlp/YoutubeDL.py:3255
                with open(filename, 'a', encoding='utf-8', newline='') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df86354eb1875db5 Filesystem access.
pkgs/python/[email protected]/yt_dlp/YoutubeDL.py:3432
                with open(to_high_limit_path(linkfn), 'w', encoding='utf-8',
                          newline='\r\n' if link_type == 'url' else '\n') as linkfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #444111d4c2b43621 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/YoutubeDL.py:4099
            if os.environ.get('TERM', '').lower() == 'dumb':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd88cfa51ab2b735 Filesystem access.
pkgs/python/[email protected]/yt_dlp/YoutubeDL.py:4443
                with open(descfn, 'w', encoding='utf-8') as descfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c4f74ab84e638d5 Filesystem access.
pkgs/python/[email protected]/yt_dlp/YoutubeDL.py:4482
                    with open(sub_filename, 'w', encoding='utf-8', newline='') as subfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71390bbbb10d1066 Filesystem access.
pkgs/python/[email protected]/yt_dlp/YoutubeDL.py:4545
                    with open(thumb_filename, 'wb') as thumbf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b00067c1e311f77 Filesystem access.
pkgs/python/[email protected]/yt_dlp/__init__.py:92
                else open(expand_path(batchfile), encoding='utf-8', errors='ignore'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d1979bf407c02072 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/cache.py:20
            cache_root = os.getenv('XDG_CACHE_HOME', '~/.cache')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef0afb9ef5884aa4 Filesystem access.
pkgs/python/[email protected]/yt_dlp/cache.py:65
                with open(cache_fn, encoding='utf-8') as cachef:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4d1d8c531a06b43 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/compat/__init__.py:43
        HOME = os.environ.get('HOME')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e8384fdf7d97106a Environment-variable access.
pkgs/python/[email protected]/yt_dlp/compat/_legacy.py:49
def compat_setenv(key, value, env=os.environ):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b87dd08566ac75e Filesystem access.
pkgs/python/[email protected]/yt_dlp/compat/imghdr.py:7
        with open(file, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bdd1700bfd73958b Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:154
        with open(containers_path, encoding='utf8') as containers:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1b0ae523814fd2bb Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:586
    with open(cookies_path, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8445a99d8b3662c4 Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:615
        value = self.read_bytes(len(expected_value))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e9482868a6eb21a Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:621
        return struct.unpack(data_format, self.read_bytes(4))[0]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ffbd7b23831be0f2 Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:625
        return struct.unpack(data_format, self.read_bytes(8))[0]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ef804be69ab904e Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:630
            c = self.read_bytes(1)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3ab9e2da7b08d87 Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:638
            self._logger.debug(f'skipping {num_bytes} bytes ({description}): {self.read_bytes(num_bytes)!r}')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e45fb83a212c072 Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:677
            p.read_bytes(record_length)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6351536e592041f9 Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:735
        _parse_safari_cookies_page(p.read_bytes(page_size), jar, logger)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #68a982bf874484ad Environment-variable access.
pkgs/python/[email protected]/yt_dlp/cookies.py:857
    desktop_environment = _get_linux_desktop_environment(os.environ, logger)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17895d87da891b94 Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:1023
    with open(path, encoding='utf8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba5cb726d03abb5c Environment-variable access.
pkgs/python/[email protected]/yt_dlp/cookies.py:1109
    return os.environ.get('XDG_CONFIG_HOME', os.path.expanduser('~/.config'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #083ca37ced42f6ac Filesystem access.
pkgs/python/[email protected]/yt_dlp/cookies.py:1305
            with open(file, 'w' if write else 'r', encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e41b44884998f35d Environment-variable access.
pkgs/python/[email protected]/yt_dlp/downloader/external.py:431
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de2d783afab7e4b6 Filesystem access.
pkgs/python/[email protected]/yt_dlp/downloader/f4m.py:34
        return struct.unpack('!Q', self.read_bytes(8))[0]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #686b86cf7809620d Filesystem access.
pkgs/python/[email protected]/yt_dlp/downloader/f4m.py:37
        return struct.unpack('!I', self.read_bytes(4))[0]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb7666cefc6fe3ec Filesystem access.
pkgs/python/[email protected]/yt_dlp/downloader/f4m.py:40
        return struct.unpack('!B', self.read_bytes(1))[0]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f4059b70e24785b7 Filesystem access.
pkgs/python/[email protected]/yt_dlp/downloader/f4m.py:45
            char = self.read_bytes(1)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d50968c8d7492a1c Filesystem access.
pkgs/python/[email protected]/yt_dlp/downloader/f4m.py:56
        box_type = self.read_bytes(4)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de709a4891175325 Filesystem access.
pkgs/python/[email protected]/yt_dlp/downloader/f4m.py:61
        return real_size, box_type, self.read_bytes(real_size - header_end)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6714169a61b5fbce Filesystem access.
pkgs/python/[email protected]/yt_dlp/downloader/f4m.py:67
        self.read_bytes(3)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ded4c85d10fb4b8 Filesystem access.
pkgs/python/[email protected]/yt_dlp/downloader/f4m.py:88
        self.read_bytes(3)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a83bfb731345cdf2 Filesystem access.
pkgs/python/[email protected]/yt_dlp/downloader/f4m.py:122
        self.read_bytes(3)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c08facc97d75898 Filesystem access.
pkgs/python/[email protected]/yt_dlp/downloader/hls.py:90
                with open(dump_filename, 'wb') as outf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f7daa578c1c84bf Filesystem access.
pkgs/python/[email protected]/yt_dlp/extractor/common.py:1061
            with open(filename, 'wb') as outf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d741ee6a3c3144d3 Filesystem access.
pkgs/python/[email protected]/yt_dlp/extractor/common.py:1125
                    with open(filename, 'rb') as dumpf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #010a6b445054bae9 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/extractor/extractors.py:8
if os.environ.get('YTDLP_NO_LAZY_EXTRACTORS'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d0f130ff327d726 Filesystem access.
pkgs/python/[email protected]/yt_dlp/extractor/openload.py:150
        with open(self._TMP_FILES['cookies'].name, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db132ffe360ef337 Filesystem access.
pkgs/python/[email protected]/yt_dlp/extractor/openload.py:154
        with open(self._TMP_FILES['cookies'].name, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2543496b5c16e4ea Filesystem access.
pkgs/python/[email protected]/yt_dlp/extractor/openload.py:203
        with open(self._TMP_FILES['html'].name, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #39bafd36d200a613 Filesystem access.
pkgs/python/[email protected]/yt_dlp/extractor/openload.py:217
        with open(self._TMP_FILES['html'].name, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4be7ab03b86ee389 Filesystem access.
pkgs/python/[email protected]/yt_dlp/extractor/openload.py:229
        with open(self._TMP_FILES['script'].name, 'w', encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c7c0459495b6b0df Environment-variable access.
pkgs/python/[email protected]/yt_dlp/extractor/youtube/jsc/_builtin/bun.py:92
        options = os.environ.copy()  # pass through existing bun env vars

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5b62b0ce600317e Environment-variable access.
pkgs/python/[email protected]/yt_dlp/extractor/youtube/jsc/_builtin/deno.py:90
        options = os.environ.copy()  # pass through existing deno env vars

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c02390ea1f275ed2 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/networking/_helper.py:113
        context.keylog_filename = os.environ.get('SSLKEYLOGFILE') or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fdc2df751fafd91 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/plugins.py:197
    if os.environ.get('YTDLP_NO_PLUGINS') or not plugin_dirs.value:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb4010642eafaaa9 Filesystem access.
pkgs/python/[email protected]/yt_dlp/postprocessor/embedthumbnail.py:124
                    with open(thumbnail_filename, 'rb') as thumbfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e89c2da5686410f Filesystem access.
pkgs/python/[email protected]/yt_dlp/postprocessor/embedthumbnail.py:206
            with open(thumbnail_filename, 'rb') as thumbfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0cfa18daabe0afd7 Filesystem access.
pkgs/python/[email protected]/yt_dlp/postprocessor/ffmpeg.py:409
        with open(concat_file, 'w', encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bea65aaab00c283d Filesystem access.
pkgs/python/[email protected]/yt_dlp/postprocessor/ffmpeg.py:713
        with open(metadata_filename, 'w', encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #269cb5ad8a8f6893 Filesystem access.
pkgs/python/[email protected]/yt_dlp/postprocessor/ffmpeg.py:982
                with open(dfxp_file, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3341b69232344bae Filesystem access.
pkgs/python/[email protected]/yt_dlp/postprocessor/ffmpeg.py:985
                with open(srt_file, 'w', encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4f94e9e3a53fb60c Filesystem access.
pkgs/python/[email protected]/yt_dlp/postprocessor/ffmpeg.py:1002
            with open(new_file, encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62b79a192fe27bf5 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/update.py:69
        if static_exe_path := os.getenv('STATICX_PROG_PATH'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c2dda1f2c8559713 Filesystem access.
pkgs/python/[email protected]/yt_dlp/update.py:213
    with open(os.path.realpath(path), 'rb', buffering=0) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf7294934afea119 Filesystem access.
pkgs/python/[email protected]/yt_dlp/update.py:540
            with open(new_filename, 'wb') as outf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6dff828c9bebd3f9 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/update.py:590
        if argv and os.getenv('STATICX_PROG_PATH'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da679d2d35a84485 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/utils/_jsruntime.py:35
    if path := os.environ.get('PATH'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd6bf29f184fb03f Environment-variable access.
pkgs/python/[email protected]/yt_dlp/utils/_jsruntime.py:38
    pathext = os.environ.get('PATHEXT')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7171b7ba5a5f877f Filesystem access.
pkgs/python/[email protected]/yt_dlp/utils/_utils.py:613
                stream = open(filename, open_mode)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4f76ff08c46912d8 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/utils/_utils.py:874
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f110470574a5515b Environment-variable access.
pkgs/python/[email protected]/yt_dlp/utils/_utils.py:900
        comspec = os.environ.get('ComSpec') or os.path.join(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1e9b7fbfe2e6050 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/utils/_utils.py:901
            os.environ.get('SystemRoot', ''), 'System32', 'cmd.exe')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e174f5ede1f362d9 Filesystem access.
pkgs/python/[email protected]/yt_dlp/utils/_utils.py:4536
            with open(f'{path}:{key}', 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f60e130bea692471 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/utils/_utils.py:4753
    xdg_config_home = os.getenv('XDG_CONFIG_HOME') or compat_expanduser('~/.config')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1427be16bc59a9c3 Environment-variable access.
pkgs/python/[email protected]/yt_dlp/utils/_utils.py:4757
    appdata_dir = os.getenv('appdata')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ce6fba8738767bd Environment-variable access.
pkgs/python/[email protected]/yt_dlp/utils/_utils.py:4821
    elif not os.getenv('TERM'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #07372ff1fd9176d1 Filesystem access.
pkgs/python/[email protected]/yt_dlp/utils/_utils.py:4988
            optionf = open(filename, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

Skipped dependencies

Production

  • playwright prod — no sdist (wheels only)
  • types-requests prod — no python source in sdist
  • types-PyYAML prod — no python source in sdist