Python
JavaScript
Java
Go
C#
Ansible
AWS CloudFormation Linter
C & C++
Dart Analyze
Docker
Kotlin
KubeLinter
PHP
Ruby
Rust
Scala
Secrets
Shell
Slither
Solhint
SQL
Swift
Terraform
Test coverageFlask app detected with DEBUG mode enabledPTC-W0029
Critical
Security a05, owasp-top-10
Running Flask applications in debug mode results in the Werkzeug debugger being enabled. This includes a feature that allows arbitrary code execution. Documentation for both Flask and Werkzeug strongly suggests that debug mode should never be enabled on production systems.
Bad practice
from flask import Flask
app = Flask(__name__)
@app.route('/')
def main():
return 'Hello!'
app.run(debug=True) # Don't do this
Recommended
from flask import Flask
app = Flask(__name__)
@app.route('/')
def main():
return 'Hello!'
app.run()