Fixed bandit Medium severities

Signed-off-by: arpannookala-12 <ganesh.arpan.nookala@cloud2labs.com>

Author: arpannookala-12

sample_solutions/DocSummarization/backend/api/routes.py

@@ -9,6 +9,7 @@
 import os
 import logging
 import json
+import tempfile
 
 from services import pdf_service, llm_service
 import config
@@ -84,14 +85,18 @@ async def summarize_document(
 
         # ========== File Upload (Documents) ==========
         if files:
-            # Save file temporarily
-            temp_path = f"/tmp/{files.filename}"
+            # Save file temporarily using secure temp file
             filename_lower = files.filename.lower()
             logger.info(f"Saving uploaded file: {files.filename}, type={type}")
 
-            with open(temp_path, "wb") as buffer:
+            # Get file extension for temp file
+            _, file_ext = os.path.splitext(files.filename)
+
+            # Create temporary file with proper cleanup
+            with tempfile.NamedTemporaryFile(delete=False, suffix=file_ext) as temp_file:
                 content = await files.read()
-                buffer.write(content)
+                temp_file.write(content)
+                temp_path = temp_file.name
 
             try:
                 # ===== Document Processing (PDF/DOC/DOCX/TXT) =====

sample_solutions/DocSummarization/backend/server.py

@@ -81,7 +81,7 @@ async def startup_event():
 if __name__ == "__main__":
     uvicorn.run(
         app,
-        host="0.0.0.0",
+        host="0.0.0.0",  # nosec B104 - Binding to all interfaces is intentional for Docker container
         port=config.SERVICE_PORT,
         timeout_keep_alive=300
     )