Codiga Blog

Write better code, faster.

Julien Delange • Wednesday, October 19, 2022

Python Jinja2: always autoescape to avoid XSS attacks

Not using autoescape in jinja2 makes your vulnerable to XSS attacks. Always use autoescape=True in your Jinja2 environment

Read more • 4 min. read

Julien Delange • Tuesday, October 18, 2022

Unsafe Deserialization in Python (CWE-502)

Unsafe deserialization can cause an attack and compromise your system. You need to check your Python code to make sure you avoid them.

SSL module in Python: stay secure!

The Python SSL module gives a false sense of security and must be used carefully.

Read more • 4 min. read

Julien Delange • Sunday, October 16, 2022

Secure Python Code: safe usage of the subprocess module

The subprocess Python module may introduce OS injection vulnerabilities, which is a serious security concern. Do not use shell=True or mitidate the issue by checking the function input.

Safe and Secure Python Code: don’t use eval()

Using eval() in Python introduces security issues in your Python code. We present how to avoid and fix unsafe and insecure uses of eval()

Read more • 4 min. read

Alex Martinez • Thursday, October 13, 2022

Creating a Design System in Figma

How are we creating our design system

Python Best Practices: always use a timeout with the requests library

Not using a timeout with the requests library may have performance consequences for your program. Lean how to avoid them.

Read more • 4 min. read

Oscar Salazar • Tuesday, October 11, 2022

Revisiting our CodeMirror 6 implementation in React after the official release

Revisiting how to implement CodeMirror 6 in React with extensions and controlled state through React props

Schedule a demo

Code analyzed in seconds with Codiga Automated Code Reviews.

Write code faster with the Codiga Coding Assistant.

Let's talk!