The glob module. glob.glob() resolves shell-style patterns against the filesystem — finding when the pattern is user-controlled (can enumerate directories outside intended scope).
.glob().iglob().glob()Sinkglob.glob(pathname, *, root_dir=None, dir_fd=None, recursive=False, ...) -> list[str]
Returns matching paths. Finding when pathname is user-controlled.
0.iglob()Sinkglob.iglob(pathname, *, root_dir=None, ...) -> Iterator[str]
Like glob() but returns an iterator. Same risk.
0| FQN | Field | |
|---|---|---|
| glob | fqns[0] |
Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.
from codepathfinder.go_rule import PyGlob