We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The end line number of an issue in a multi-line call is off by 1. It's reporting one less than actual end line number.
1 from paramiko import client 2 3 def test(): 4 if True: 5 ssh_client = client.SSHClient() 6 ssh_client.set_missing_host_key_policy( 7 client.AutoAddPolicy 8 ) 9 ssh_client.set_missing_host_key_policy(client.WarningPolicy)
Create a file no_host_key_verification.py using code above
Run bandit no_host_key_verification.py
bandit no_host_key_verification.py
Notice in the output of the first issue: Location: examples/no_host_key_verification.py:6:8
Location: examples/no_host_key_verification.py:6:8
The 6 is the starting line number and 8 is the end line number of the call that is an issue.
The output should be indicating Location: examples/no_host_key_verification.py:6:9
Location: examples/no_host_key_verification.py:6:9
that's because the ")" on line 9 is the true end of the call statement.
1.7.2 (Default)
3.7 only, fixed in 3.8+
No response
The text was updated successfully, but these errors were encountered:
Note: Python 3.8 ast module added a end_lineno of a node in addition to the existing lineno. https://docs.python.org/3.8/library/ast.html#ast.AST.end_lineno
ast
end_lineno
lineno
Sorry, something went wrong.
Fix line range using Python 3.8 end_lineno (#821)
1c0fc80
Python 3.8 and above have new ast node attributes to identify the end line number and end column offset [1]. Python 3.8 also fixes line numbers for multiline strings [2]. This fixes the issue mentioned in #820, but only for Python 3.8+. [1] https://docs.python.org/3.8/library/ast.html#ast.AST.end_lineno [2] https://bugs.python.org/issue31241 Signed-off-by: Eric Brown <browne@vmware.com>
Python 3.7 no longer supported, so this issue is not applicable.
No branches or pull requests
Describe the bug
The end line number of an issue in a multi-line call is off by 1. It's reporting one less than actual end line number.
Reproduction steps
Create a file no_host_key_verification.py using code above
Run
bandit no_host_key_verification.py
Notice in the output of the first issue:
Location: examples/no_host_key_verification.py:6:8
The 6 is the starting line number and 8 is the end line number of the call that is an issue.
Expected behavior
The output should be indicating
Location: examples/no_host_key_verification.py:6:9
that's because the ")" on line 9 is the true end of the call statement.
Bandit version
1.7.2 (Default)
Python version
3.7 only, fixed in 3.8+
Additional context
No response
The text was updated successfully, but these errors were encountered: