Lower the severity of sast-rule python/exec/*.yml
Problem
Those rules currently flag all cases where an external command is executed, even when no user-input is involved. While waiting for a longer-term fix (eg. SAST rules should rely on shared lists of user-... (&12756 - closed)), we should lower the severity of those rules as they are overly alarming in their current state.
Affected rules:
- B602
python/exec/rule-subprocess-popen-shell-true
Solution
Follow the enhance rule checklist.
Edited by Dinesh Bolkensteyn