ref(argv): Update integration #6155
1 issue
code-review: Found 1 issue (1 high)
High
should_send_default_pii used as bare reference, never invoked - `sentry_sdk/integrations/argv.py:26`
should_send_default_pii is imported from sentry_sdk.scope where it is defined as a function (returns Scope.get_client().should_send_default_pii()). On line 26 it is used as a bare name in a boolean expression rather than being called as should_send_default_pii(). A function reference is always truthy in Python, so the PII guard is a no-op and sys.argv will be attached to every event regardless of the client's send_default_pii setting, leaking potentially sensitive command-line arguments (tokens, paths, credentials).
Duration: 27.7s · Tokens: 36.2k in / 1.3k out · Cost: $0.19 (+fix_gate: $0.00)
Annotations
Check failure on line 26 in sentry_sdk/integrations/argv.py
sentry-warden / warden: code-review
should_send_default_pii used as bare reference, never invoked
`should_send_default_pii` is imported from `sentry_sdk.scope` where it is defined as a function (returns `Scope.get_client().should_send_default_pii()`). On line 26 it is used as a bare name in a boolean expression rather than being called as `should_send_default_pii()`. A function reference is always truthy in Python, so the PII guard is a no-op and `sys.argv` will be attached to every event regardless of the client's `send_default_pii` setting, leaking potentially sensitive command-line arguments (tokens, paths, credentials).