From f00394ba13d166271427dd8526db1ecca2c66f3d Mon Sep 17 00:00:00 2001
From: Rushabh Mehta <rmehta@gmail.com>
Date: Wed, 13 Feb 2019 18:49:22 +0530
Subject: [PATCH] fix: linting (nosec)

---
 frappe/core/doctype/comment/comment.py | 4 ++--
 frappe/model/delete_doc.py             | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/frappe/core/doctype/comment/comment.py b/frappe/core/doctype/comment/comment.py
index 3280d017f0..a9bf171c72 100644
--- a/frappe/core/doctype/comment/comment.py
+++ b/frappe/core/doctype/comment/comment.py
@@ -149,8 +149,8 @@ def update_comments_in_parent(reference_doctype, reference_name, _comments):
 
 	try:
 		# use sql, so that we do not mess with the timestamp
-		frappe.db.sql("""update `tab{0}` set `_comments`=%s where name=%s""".format(reference_doctype),
-			(json.dumps(_comments[-50:]), reference_name)) # nosec
+		frappe.db.sql("""update `tab{0}` set `_comments`=%s where name=%s""".format(reference_doctype), # nosec
+			(json.dumps(_comments[-50:]), reference_name))
 
 	except Exception as e:
 		if frappe.db.is_column_missing(e) and getattr(frappe.local, 'request', None):
diff --git a/frappe/model/delete_doc.py b/frappe/model/delete_doc.py
index 0a1ffcdb3c..153065c5ce 100644
--- a/frappe/model/delete_doc.py
+++ b/frappe/model/delete_doc.py
@@ -284,8 +284,8 @@ def delete_dynamic_links(doctype, name):
 def delete_references(doctype, reference_doctype, reference_name,
 		reference_doctype_field = 'reference_doctype', reference_name_field = 'reference_name'):
 	frappe.db.sql('''delete from `tab{0}`
-		where {1}=%s and {2}=%s'''.format(doctype, reference_doctype_field, reference_name_field),
-		(reference_doctype, reference_name)) # nosec
+		where {1}=%s and {2}=%s'''.format(doctype, reference_doctype_field, reference_name_field), # nosec
+		(reference_doctype, reference_name))
 
 def clear_references(doctype, reference_doctype, reference_name,
 		reference_doctype_field = 'reference_doctype', reference_name_field = 'reference_name'):
@@ -294,8 +294,8 @@ def clear_references(doctype, reference_doctype, reference_name,
 		set
 			{1}=NULL, {2}=NULL
 		where
-			{1}=%s and {2}=%s'''.format(doctype, reference_doctype_field, reference_name_field),
-		(reference_doctype, reference_name)) # nosec
+			{1}=%s and {2}=%s'''.format(doctype, reference_doctype_field, reference_name_field), # nosec
+		(reference_doctype, reference_name))
 
 
 def insert_feed(doc):