From 686f0edb81c27c389efd60403a3996df8bc46ba0 Mon Sep 17 00:00:00 2001
From: "Jaroslaw, Szczepanski" <jaroslaw.szczepanski@intel.com>
Date: Tue, 9 Dec 2025 08:08:35 +0100
Subject: [PATCH] Fix Bandit B404: Consider possible security implications
 associated with the subprocess module

---
 src/custom_version.py                     | 6 +++---
 src/nncf/torch/quantization/extensions.py | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/custom_version.py b/src/custom_version.py
index 34823e5f71c..39340bfd2f6 100644
--- a/src/custom_version.py
+++ b/src/custom_version.py
@@ -48,7 +48,7 @@
 import contextlib
 import os
 import re
-import subprocess
+import subprocess  # nosec
 from pathlib import Path
 
 NNCF_VERSION_FILE = "src/nncf/version.py"
@@ -81,12 +81,12 @@ def get_custom_version() -> str:
     # Get commit hash
     with contextlib.suppress(subprocess.CalledProcessError):
         dev_version_id = (
-            subprocess.check_output(["git", "rev-parse", "--short", "HEAD"], cwd=repo_root).strip().decode()  # nosec
+            subprocess.check_output(["git", "rev-parse", "--short", "HEAD"], cwd=repo_root).strip().decode()
         )
 
     # Detect modified files
     with contextlib.suppress(subprocess.CalledProcessError):
-        run = subprocess.run(["git", "diff-index", "--quiet", "HEAD"], cwd=repo_root)  # nosec
+        run = subprocess.run(["git", "diff-index", "--quiet", "HEAD"], cwd=repo_root)
         if run.returncode == 1:
             dev_version_id += "dirty"
 
diff --git a/src/nncf/torch/quantization/extensions.py b/src/nncf/torch/quantization/extensions.py
index b3463171c61..cb813da14ad 100644
--- a/src/nncf/torch/quantization/extensions.py
+++ b/src/nncf/torch/quantization/extensions.py
@@ -10,7 +10,7 @@
 # limitations under the License.
 
 import os.path
-import subprocess
+from subprocess import CalledProcessError  # nosec
 
 import torch
 
@@ -93,7 +93,7 @@ def load(cls):
             )
         except ExtensionLoaderTimeoutException as e:
             raise e
-        except (subprocess.CalledProcessError, OSError, RuntimeError) as e:
+        except (CalledProcessError, OSError, RuntimeError) as e:
             assert torch.cuda.is_available()
             msg = (
                 "CUDA is available for PyTorch, but NNCF could not compile "