fix: improve schema validation for bandit

In the course of some other refactoring in cvedb.py, we've got another way to handle schema valiation such that bandit won't complain. * fixes intel#3933 * closes intel#3965 Signed-off-by: Terri Oda <terri.oda@intel.com>
terriko · Aug 8, 2024 · 0961041 · 0961041
1 parent 7abee04
commit 0961041
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/cve_bin_tool/cvedb.py b/cve_bin_tool/cvedb.py
@@ -344,7 +344,7 @@ def latest_schema(
 
         self.LOGGER.debug("Check database is using latest schema")
         cursor = self.db_open_and_get_cursor()
-        schema_check = f"SELECT * FROM {table_name} WHERE 1=0"  # nosec
+        schema_check = self.EMPTY_SELECT_QUERIES[table_name]
         result = cursor.execute(schema_check)
         schema_latest = False