Mercurial Repositories > eric / file diff

--- a/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py	Sun May 18 17:23:00 2025 +0200
+++ b/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py	Mon May 19 14:33:49 2025 +0200
@@ -379,7 +379,7 @@
     ),
     # PyTorch unsafe load or save
     "S-614": QCoreApplication.translate(
-        "Security", "Use of unsafe PyTorch load or save."
+        "Security", "Use of unsafe PyTorch load."
     ),
     # Jinja2 templates
     "S-701.1": QCoreApplication.translate(
@@ -406,6 +406,11 @@
     "S-703": QCoreApplication.translate(
         "Security", "Potential XSS on 'mark_safe()' function."
     ),
+    # Markupsafe XSS vulnerability
+    "S-704": QCoreApplication.translate(
+        "Security",
+        "Potential XSS with '{0}' detected. Do not use '{1}' on untrusted data.",
+    ),
     # hardcoded AWS passwords
     "S-801": QCoreApplication.translate(
         "Security", "Possible hardcoded AWS access key ID: {0}"
@@ -447,6 +452,7 @@
     "S-505": ["RSA", 2048],
     "S-609": ["os.system"],
     "S-613": [repr("\u202e")],
+    "S-704": ["markupsafe.Markup", "Markup"],
     "S-801": ["A1B2C3D4E5F6G7H8I9J0"],  # secok
     "S-802": ["aA1bB2cC3dD4/eE5fF6gG7+hH8iI9jJ0=kKlLM+="],  # secok
 }