CM-40907 set secured shell command

naftalicy · naftalicy · commit a347a62c8c3b · 2024-10-14T17:46:38.000+03:00
diff --git a/cycode/cli/files_collector/sca/base_restore_dependencies.py b/cycode/cli/files_collector/sca/base_restore_dependencies.py
@@ -16,8 +16,7 @@ def build_dep_tree_path(path: str, generated_file_name: str) -> str:
 def execute_command(command: List[str], file_name: str, command_timeout: int, dependencies_file_name: str = None) -> \
 Optional[str]:
     try:
-        dependencies = shell(command=command, timeout=command_timeout, execute_in_shell=False,
-                             output_file_path=dependencies_file_name)
+        dependencies = shell(command=command, timeout=command_timeout, output_file_path=dependencies_file_name)
     except Exception as e:
         logger.debug('Failed to restore dependencies via shell command, %s', {'filename': file_name}, exc_info=e)
         return None
diff --git a/cycode/cli/utils/shell_executor.py b/cycode/cli/utils/shell_executor.py
@@ -9,7 +9,7 @@
 
 
 def shell(
-        command: Union[str, List[str]], timeout: int = _SUBPROCESS_DEFAULT_TIMEOUT_SEC, execute_in_shell: bool = False,
+        command: Union[str, List[str]], timeout: int = _SUBPROCESS_DEFAULT_TIMEOUT_SEC,
         output_file_path: Optional[str] = None
 ) -> Optional[str]:
     logger.debug('Executing shell command: %s', command)
@@ -18,7 +18,7 @@ def shell(
         result = subprocess.run(  # noqa: S603
             command,
             timeout=timeout,
-            shell=execute_in_shell,
+            shell=False,
             check=True,
             capture_output=True,
             text=True,
