sonar-cryptography icon indicating copy to clipboard operation
sonar-cryptography copied to clipboard
Published 1 month ago verified publisher icon cbomkit

Python Scanner generates False Positives

Open san-zrl opened this issue 6 months ago • 0 comments

When analysing https://github.com/docling-project/docling the python scanner creates FPs on code related to model generation such as

generated_ids = self.vlm_model.generate(
    **inputs,
    max_new_tokens=self.max_new_tokens,
    use_cache=self.use_cache,
    temperature=self.temperature,

This finding comes across as

Asset Type: Algorithm Curve: Edwards448 Crypto Functions: Key Pair Generation OID: 1.3.101.113

san-zrl avatar Jun 24 '25 18:06 san-zrl