Fix for Python code scanning alerts

lucasssvaz · lucasssvaz · commit 8627d6caa39b · 2025-07-29T10:52:17.000-03:00
diff --git a/.github/scripts/merge_packages.py b/.github/scripts/merge_packages.py
@@ -17,7 +17,8 @@
 
 
 def load_package(filename):
-    pkg = json.load(open(filename))["packages"][0]
+    with open(filename) as f:
+        pkg = json.load(f)["packages"][0]
     print("Loaded package {0} from {1}".format(pkg["name"], filename), file=sys.stderr)
     print("{0} platform(s), {1} tools".format(len(pkg["platforms"]), len(pkg["tools"])), file=sys.stderr)
     return pkg
diff --git a/tools/espota.py b/tools/espota.py
@@ -94,7 +94,8 @@ def serve(remote_addr, local_addr, remote_port, local_port, password, filename,
         return 1
 
     content_size = os.path.getsize(filename)
-    file_md5 = hashlib.md5(open(filename, "rb").read()).hexdigest()
+    with open(filename, "rb") as f:
+        file_md5 = hashlib.md5(f.read()).hexdigest()
     logging.info("Upload size: %d", content_size)
     message = "%d %d %d %s\n" % (command, local_port, content_size, file_md5)
 
@@ -163,6 +164,7 @@ def serve(remote_addr, local_addr, remote_port, local_port, password, filename,
     sock2.close()
 
     logging.info("Waiting for device...")
+
     try:
         sock.settimeout(10)
         connection, client_address = sock.accept()
@@ -172,6 +174,7 @@ def serve(remote_addr, local_addr, remote_port, local_port, password, filename,
         logging.error("No response from device")
         sock.close()
         return 1
+
     try:
         with open(filename, "rb") as f:
             if PROGRESS:
@@ -225,7 +228,8 @@ def serve(remote_addr, local_addr, remote_port, local_port, password, filename,
             logging.error("Error response from device")
             connection.close()
             return 1
-
+    except Exception as e:  # noqa: E722
+        logging.error("Error: %s", str(e))
     finally:
         connection.close()
 
diff --git a/tools/get.py b/tools/get.py
@@ -348,9 +348,8 @@ def get_tool(tool, force_download, force_extract):
             urlretrieve(url, local_path, report_progress, context=ctx)
         elif "Windows" in sys_name:
             r = requests.get(url)
-            f = open(local_path, "wb")
-            f.write(r.content)
-            f.close()
+            with open(local_path, "wb") as f:
+                f.write(r.content)
         else:
             is_ci = os.environ.get("GITHUB_WORKSPACE")
             if is_ci:
@@ -374,7 +373,8 @@ def get_tool(tool, force_download, force_extract):
 
 
 def load_tools_list(filename, platform):
-    tools_info = json.load(open(filename))["packages"][0]["tools"]
+    with open(filename, "r") as f:
+        tools_info = json.load(f)["packages"][0]["tools"]
     tools_to_download = []
     for t in tools_info:
         if platform == "x86_64-mingw32":
