zhixuanwang/cf-speed-dns

No test files found

[MINED108] `self._get_signature_key` used but never assigned in __init__: Method `sign` of class `TencentCloudSigner` reads `self._get_signature_key`, but no assignment to it exists in __init__ (and …

[MINED108] `self._call_api` used but never assigned in __init__: Method `get_record` of class `DnsPodClient` reads `self._call_api`, but no assignment to it exists in __init__ (and no class-level fal…

[MINED108] `self._call_api` used but never assigned in __init__: Method `get_record` of class `DnsPodClient` reads `self._call_api`, but no assignment to it exists in __init__ (and no class-level fal…

[MINED108] `self._call_api` used but never assigned in __init__: Method `change_record` of class `DnsPodClient` reads `self._call_api`, but no assignment to it exists in __init__ (and no class-level …

[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…

[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made …

[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…

[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made …

[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…

[MINED115] Action `aormsby/Fork-Sync-With-Upstream-action` pinned to mutable ref `@v3.4`: `uses: aormsby/[email protected]` resolves at workflow-run time. Tags and branches can be r…

[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-…

[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-…

[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.

[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.

[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.

[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.

[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.

[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.

[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.

[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.

[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.

Public web service has no security.txt

Public web app has no Content Security Policy

Duplicated implementation block across source files

[COMP001] High cognitive complexity: Function `get_cf_speed_test_ip` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand —…

[COMP001] High cognitive complexity: Function `get_dns_records` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nest…

[COMP001] High cognitive complexity: Function `get_cf_speed_test_ip` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand —…

No LICENSE file

Public web app has no robots.txt

Public web app has no sitemap

Public docs site has no llms.txt

Public web app has no humans.txt

[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.

[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.

[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.

[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.

[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever.

[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever.

[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…

[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…