From 272fd7416ecdb708194f707c4da078209447a96e Mon Sep 17 00:00:00 2001 From: Tyler Wince Date: Mon, 13 May 2019 17:25:13 +0000 Subject: [PATCH 01/10] add namespaces for parent attributes --- bandit/core/node_visitor.py | 22 ++++++++++++-------- bandit/core/utils.py | 12 ++++++----- bandit/plugins/django_xss.py | 12 +++++------ bandit/plugins/general_hardcoded_password.py | 14 +++++++------ bandit/plugins/injection_sql.py | 18 +++++++++------- 5 files changed, 44 insertions(+), 34 deletions(-) diff --git a/bandit/core/node_visitor.py b/bandit/core/node_visitor.py index b9c51ebe5..653a28e96 100644 --- a/bandit/core/node_visitor.py +++ b/bandit/core/node_visitor.py @@ -161,8 +161,10 @@ def visit_Str(self, node): :return: - ''' self.context['str'] = node.s - if not isinstance(node.parent, ast.Expr): # docstring - self.context['linerange'] = b_utils.linerange_fix(node.parent) + if not isinstance(node.bandit_parent, ast.Expr): # docstring + self.context['linerange'] = b_utils.linerange_fix( + node.bandit_parent + ) self.update_scores(self.tester.run_tests(self.context, 'Str')) def visit_Bytes(self, node): @@ -174,8 +176,10 @@ def visit_Bytes(self, node): :return: - ''' self.context['bytes'] = node.s - if not isinstance(node.parent, ast.Expr): # docstring - self.context['linerange'] = b_utils.linerange_fix(node.parent) + if not isinstance(node.bandit_parent, ast.Expr): # docstring + self.context['linerange'] = b_utils.linerange_fix( + node.bandit_parent + ) self.update_scores(self.tester.run_tests(self.context, 'Bytes')) def pre_visit(self, node): @@ -234,10 +238,10 @@ def generic_visit(self, node): for idx, item in enumerate(value): if isinstance(item, ast.AST): if idx < max_idx: - setattr(item, 'sibling', value[idx + 1]) + setattr(item, 'bandit_sibling', value[idx + 1]) else: - setattr(item, 'sibling', None) - setattr(item, 'parent', node) + setattr(item, 'bandit_sibling', None) + setattr(item, 'bandit_parent', node) if self.pre_visit(item): self.visit(item) @@ -245,8 +249,8 @@ def generic_visit(self, node): self.post_visit(item) elif isinstance(value, ast.AST): - setattr(value, 'sibling', None) - setattr(value, 'parent', node) + setattr(value, 'bandit_sibling', None) + setattr(value, 'bandit_parent', node) if self.pre_visit(value): self.visit(value) diff --git a/bandit/core/utils.py b/bandit/core/utils.py index a16f56420..39a517eee 100644 --- a/bandit/core/utils.py +++ b/bandit/core/utils.py @@ -233,11 +233,13 @@ def linerange_fix(node): """Try and work around a known Python bug with multi-line strings.""" # deal with multiline strings lineno behavior (Python issue #16806) lines = linerange(node) - if hasattr(node, 'sibling') and hasattr(node.sibling, 'lineno'): + if hasattr(node, 'bandit_sibling') and hasattr( + node.bandit_sibling, 'lineno' + ): start = min(lines) - delta = node.sibling.lineno - start + delta = node.bandit_sibling.lineno - start if delta > 1: - return list(range(start, node.sibling.lineno)) + return list(range(start, node.bandit_sibling.lineno)) return lines @@ -264,8 +266,8 @@ def _get(node, bits, stop=None): else node.right) bits = [node] - while isinstance(node.parent, ast.BinOp): - node = node.parent + while isinstance(node.bandit_parent, ast.BinOp): + node = node.bandit_parent if isinstance(node, ast.BinOp): _get(node, bits, stop) return (node, " ".join([x.s for x in bits if isinstance(x, ast.Str)])) diff --git a/bandit/plugins/django_xss.py b/bandit/plugins/django_xss.py index 1a86a376e..c95469fff 100644 --- a/bandit/plugins/django_xss.py +++ b/bandit/plugins/django_xss.py @@ -227,9 +227,9 @@ def check_risk(node): if isinstance(xss_var, ast.Name): # Check if the var are secure - parent = node.parent + parent = node.bandit_parent while not isinstance(parent, (ast.Module, ast.FunctionDef)): - parent = parent.parent + parent = parent.bandit_parent is_param = False if isinstance(parent, ast.FunctionDef): @@ -242,17 +242,17 @@ def check_risk(node): if not is_param: secure = evaluate_var(xss_var, parent, node.lineno) elif isinstance(xss_var, ast.Call): - parent = node.parent + parent = node.bandit_parent while not isinstance(parent, (ast.Module, ast.FunctionDef)): - parent = parent.parent + parent = parent.bandit_parent secure = evaluate_call(xss_var, parent) elif isinstance(xss_var, ast.BinOp): is_mod = isinstance(xss_var.op, ast.Mod) is_left_str = isinstance(xss_var.left, ast.Str) if is_mod and is_left_str: - parent = node.parent + parent = node.bandit_parent while not isinstance(parent, (ast.Module, ast.FunctionDef)): - parent = parent.parent + parent = parent.bandit_parent new_call = transform2call(xss_var) secure = evaluate_call(new_call, parent) diff --git a/bandit/plugins/general_hardcoded_password.py b/bandit/plugins/general_hardcoded_password.py index 56f821405..dc0c91a79 100644 --- a/bandit/plugins/general_hardcoded_password.py +++ b/bandit/plugins/general_hardcoded_password.py @@ -85,23 +85,25 @@ def hardcoded_password_string(context): """ node = context.node - if isinstance(node.parent, ast.Assign): + if isinstance(node.bandit_parent, ast.Assign): # looks for "candidate='some_string'" - for targ in node.parent.targets: + for targ in node.bandit_parent.targets: if isinstance(targ, ast.Name) and RE_CANDIDATES.search(targ.id): return _report(node.s) - elif isinstance(node.parent, ast.Index) and RE_CANDIDATES.search(node.s): + elif isinstance(node.bandit_parent, ast.Index) and RE_CANDIDATES.search( + node.s + ): # looks for "dict[candidate]='some_string'" # assign -> subscript -> index -> string - assign = node.parent.parent.parent + assign = node.bandit_parent.bandit_parent.bandit_parent if isinstance(assign, ast.Assign) and isinstance(assign.value, ast.Str): return _report(assign.value.s) - elif isinstance(node.parent, ast.Compare): + elif isinstance(node.bandit_parent, ast.Compare): # looks for "candidate == 'some_string'" - comp = node.parent + comp = node.bandit_parent if isinstance(comp.left, ast.Name): if RE_CANDIDATES.search(comp.left.id): if isinstance(comp.comparators[0], ast.Str): diff --git a/bandit/plugins/injection_sql.py b/bandit/plugins/injection_sql.py index c8dbf0624..75cc3ee7f 100644 --- a/bandit/plugins/injection_sql.py +++ b/bandit/plugins/injection_sql.py @@ -85,18 +85,20 @@ def _evaluate_ast(node): wrapper = None statement = '' - if isinstance(node.parent, ast.BinOp): - out = utils.concat_string(node, node.parent) - wrapper = out[0].parent + if isinstance(node.bandit_parent, ast.BinOp): + out = utils.concat_string(node, node.bandit_parent) + wrapper = out[0].bandit_parent statement = out[1] - elif (isinstance(node.parent, ast.Attribute) - and node.parent.attr == 'format'): + elif (isinstance(node.bandit_parent, ast.Attribute) + and node.bandit_parent.attr == 'format'): statement = node.s # Hierarchy for "".format() is Wrapper -> Call -> Attribute -> Str - wrapper = node.parent.parent.parent - elif hasattr(ast, 'JoinedStr') and isinstance(node.parent, ast.JoinedStr): + wrapper = node.bandit_parent.bandit_parent.bandit_parent + elif hasattr(ast, 'JoinedStr') and isinstance( + node.bandit_parent, ast.JoinedStr + ): statement = node.s - wrapper = node.parent.parent + wrapper = node.bandit_parent.bandit_parent if isinstance(wrapper, ast.Call): # wrapped in "execute" call? names = ['execute', 'executemany'] From 7a5e8279619a46418b345711f034ffde4fa0e731 Mon Sep 17 00:00:00 2001 From: Tyler Wince Date: Mon, 13 May 2019 17:32:31 +0000 Subject: [PATCH 02/10] pylint formatting changes --- bandit/plugins/general_hardcoded_password.py | 5 ++--- bandit/plugins/injection_sql.py | 5 ++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/bandit/plugins/general_hardcoded_password.py b/bandit/plugins/general_hardcoded_password.py index dc0c91a79..da564b46a 100644 --- a/bandit/plugins/general_hardcoded_password.py +++ b/bandit/plugins/general_hardcoded_password.py @@ -91,9 +91,8 @@ def hardcoded_password_string(context): if isinstance(targ, ast.Name) and RE_CANDIDATES.search(targ.id): return _report(node.s) - elif isinstance(node.bandit_parent, ast.Index) and RE_CANDIDATES.search( - node.s - ): + elif (isinstance(node.bandit_parent, ast.Index) + and RE_CANDIDATES.search(node.s)): # looks for "dict[candidate]='some_string'" # assign -> subscript -> index -> string assign = node.bandit_parent.bandit_parent.bandit_parent diff --git a/bandit/plugins/injection_sql.py b/bandit/plugins/injection_sql.py index 75cc3ee7f..6cf0cc9b5 100644 --- a/bandit/plugins/injection_sql.py +++ b/bandit/plugins/injection_sql.py @@ -94,9 +94,8 @@ def _evaluate_ast(node): statement = node.s # Hierarchy for "".format() is Wrapper -> Call -> Attribute -> Str wrapper = node.bandit_parent.bandit_parent.bandit_parent - elif hasattr(ast, 'JoinedStr') and isinstance( - node.bandit_parent, ast.JoinedStr - ): + elif (hasattr(ast, 'JoinedStr') + and isinstance(node.bandit_parent, ast.JoinedStr)): statement = node.s wrapper = node.bandit_parent.bandit_parent From 4de7f8d9cb6ada54f07ae0e3fb7c26ad993e4ad3 Mon Sep 17 00:00:00 2001 From: Tyler Wince Date: Mon, 13 May 2019 18:56:31 +0000 Subject: [PATCH 03/10] made bandit_parent a private attr --- bandit/core/node_visitor.py | 18 +++++++++--------- bandit/core/utils.py | 12 ++++++------ bandit/plugins/django_xss.py | 12 ++++++------ bandit/plugins/general_hardcoded_password.py | 12 ++++++------ bandit/plugins/injection_sql.py | 16 ++++++++-------- 5 files changed, 35 insertions(+), 35 deletions(-) diff --git a/bandit/core/node_visitor.py b/bandit/core/node_visitor.py index 653a28e96..1f7608e7a 100644 --- a/bandit/core/node_visitor.py +++ b/bandit/core/node_visitor.py @@ -161,9 +161,9 @@ def visit_Str(self, node): :return: - ''' self.context['str'] = node.s - if not isinstance(node.bandit_parent, ast.Expr): # docstring + if not isinstance(node._bandit_parent, ast.Expr): # docstring self.context['linerange'] = b_utils.linerange_fix( - node.bandit_parent + node._bandit_parent ) self.update_scores(self.tester.run_tests(self.context, 'Str')) @@ -176,9 +176,9 @@ def visit_Bytes(self, node): :return: - ''' self.context['bytes'] = node.s - if not isinstance(node.bandit_parent, ast.Expr): # docstring + if not isinstance(node._bandit_parent, ast.Expr): # docstring self.context['linerange'] = b_utils.linerange_fix( - node.bandit_parent + node._bandit_parent ) self.update_scores(self.tester.run_tests(self.context, 'Bytes')) @@ -238,10 +238,10 @@ def generic_visit(self, node): for idx, item in enumerate(value): if isinstance(item, ast.AST): if idx < max_idx: - setattr(item, 'bandit_sibling', value[idx + 1]) + setattr(item, '_bandit_sibling', value[idx + 1]) else: - setattr(item, 'bandit_sibling', None) - setattr(item, 'bandit_parent', node) + setattr(item, '_bandit_sibling', None) + setattr(item, '_bandit_parent', node) if self.pre_visit(item): self.visit(item) @@ -249,8 +249,8 @@ def generic_visit(self, node): self.post_visit(item) elif isinstance(value, ast.AST): - setattr(value, 'bandit_sibling', None) - setattr(value, 'bandit_parent', node) + setattr(value, '_bandit_sibling', None) + setattr(value, '_bandit_parent', node) if self.pre_visit(value): self.visit(value) diff --git a/bandit/core/utils.py b/bandit/core/utils.py index 39a517eee..694d322a8 100644 --- a/bandit/core/utils.py +++ b/bandit/core/utils.py @@ -233,13 +233,13 @@ def linerange_fix(node): """Try and work around a known Python bug with multi-line strings.""" # deal with multiline strings lineno behavior (Python issue #16806) lines = linerange(node) - if hasattr(node, 'bandit_sibling') and hasattr( - node.bandit_sibling, 'lineno' + if hasattr(node, '_bandit_sibling') and hasattr( + node._bandit_sibling, 'lineno' ): start = min(lines) - delta = node.bandit_sibling.lineno - start + delta = node._bandit_sibling.lineno - start if delta > 1: - return list(range(start, node.bandit_sibling.lineno)) + return list(range(start, node._bandit_sibling.lineno)) return lines @@ -266,8 +266,8 @@ def _get(node, bits, stop=None): else node.right) bits = [node] - while isinstance(node.bandit_parent, ast.BinOp): - node = node.bandit_parent + while isinstance(node._bandit_parent, ast.BinOp): + node = node._bandit_parent if isinstance(node, ast.BinOp): _get(node, bits, stop) return (node, " ".join([x.s for x in bits if isinstance(x, ast.Str)])) diff --git a/bandit/plugins/django_xss.py b/bandit/plugins/django_xss.py index c95469fff..bf655490b 100644 --- a/bandit/plugins/django_xss.py +++ b/bandit/plugins/django_xss.py @@ -227,9 +227,9 @@ def check_risk(node): if isinstance(xss_var, ast.Name): # Check if the var are secure - parent = node.bandit_parent + parent = node._bandit_parent while not isinstance(parent, (ast.Module, ast.FunctionDef)): - parent = parent.bandit_parent + parent = parent._bandit_parent is_param = False if isinstance(parent, ast.FunctionDef): @@ -242,17 +242,17 @@ def check_risk(node): if not is_param: secure = evaluate_var(xss_var, parent, node.lineno) elif isinstance(xss_var, ast.Call): - parent = node.bandit_parent + parent = node._bandit_parent while not isinstance(parent, (ast.Module, ast.FunctionDef)): - parent = parent.bandit_parent + parent = parent._bandit_parent secure = evaluate_call(xss_var, parent) elif isinstance(xss_var, ast.BinOp): is_mod = isinstance(xss_var.op, ast.Mod) is_left_str = isinstance(xss_var.left, ast.Str) if is_mod and is_left_str: - parent = node.bandit_parent + parent = node._bandit_parent while not isinstance(parent, (ast.Module, ast.FunctionDef)): - parent = parent.bandit_parent + parent = parent._bandit_parent new_call = transform2call(xss_var) secure = evaluate_call(new_call, parent) diff --git a/bandit/plugins/general_hardcoded_password.py b/bandit/plugins/general_hardcoded_password.py index da564b46a..1d4d407a1 100644 --- a/bandit/plugins/general_hardcoded_password.py +++ b/bandit/plugins/general_hardcoded_password.py @@ -85,24 +85,24 @@ def hardcoded_password_string(context): """ node = context.node - if isinstance(node.bandit_parent, ast.Assign): + if isinstance(node._bandit_parent, ast.Assign): # looks for "candidate='some_string'" - for targ in node.bandit_parent.targets: + for targ in node._bandit_parent.targets: if isinstance(targ, ast.Name) and RE_CANDIDATES.search(targ.id): return _report(node.s) - elif (isinstance(node.bandit_parent, ast.Index) + elif (isinstance(node._bandit_parent, ast.Index) and RE_CANDIDATES.search(node.s)): # looks for "dict[candidate]='some_string'" # assign -> subscript -> index -> string - assign = node.bandit_parent.bandit_parent.bandit_parent + assign = node._bandit_parent._bandit_parent._bandit_parent if isinstance(assign, ast.Assign) and isinstance(assign.value, ast.Str): return _report(assign.value.s) - elif isinstance(node.bandit_parent, ast.Compare): + elif isinstance(node._bandit_parent, ast.Compare): # looks for "candidate == 'some_string'" - comp = node.bandit_parent + comp = node._bandit_parent if isinstance(comp.left, ast.Name): if RE_CANDIDATES.search(comp.left.id): if isinstance(comp.comparators[0], ast.Str): diff --git a/bandit/plugins/injection_sql.py b/bandit/plugins/injection_sql.py index 6cf0cc9b5..236e50abe 100644 --- a/bandit/plugins/injection_sql.py +++ b/bandit/plugins/injection_sql.py @@ -85,19 +85,19 @@ def _evaluate_ast(node): wrapper = None statement = '' - if isinstance(node.bandit_parent, ast.BinOp): - out = utils.concat_string(node, node.bandit_parent) - wrapper = out[0].bandit_parent + if isinstance(node._bandit_parent, ast.BinOp): + out = utils.concat_string(node, node._bandit_parent) + wrapper = out[0]._bandit_parent statement = out[1] - elif (isinstance(node.bandit_parent, ast.Attribute) - and node.bandit_parent.attr == 'format'): + elif (isinstance(node._bandit_parent, ast.Attribute) + and node._bandit_parent.attr == 'format'): statement = node.s # Hierarchy for "".format() is Wrapper -> Call -> Attribute -> Str - wrapper = node.bandit_parent.bandit_parent.bandit_parent + wrapper = node._bandit_parent._bandit_parent._bandit_parent elif (hasattr(ast, 'JoinedStr') - and isinstance(node.bandit_parent, ast.JoinedStr)): + and isinstance(node._bandit_parent, ast.JoinedStr)): statement = node.s - wrapper = node.bandit_parent.bandit_parent + wrapper = node._bandit_parent._bandit_parent if isinstance(wrapper, ast.Call): # wrapped in "execute" call? names = ['execute', 'executemany'] From 84ca49963012677a2213ad3185b515c568559b4d Mon Sep 17 00:00:00 2001 From: Tyler Wince Date: Tue, 25 Jun 2019 13:56:12 -0600 Subject: [PATCH 04/10] remove _ast --- .gitignore | 1 + bandit/core/context.py | 4 ++-- bandit/core/utils.py | 11 +++++------ 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 96ba49288..691dc0923 100644 --- a/.gitignore +++ b/.gitignore @@ -19,3 +19,4 @@ doc/source/api .*.sw? AUTHORS releasenotes/build +.mypy_cache diff --git a/bandit/core/context.py b/bandit/core/context.py index 2874f66ea..3d90ecdd6 100644 --- a/bandit/core/context.py +++ b/bandit/core/context.py @@ -40,10 +40,10 @@ def __repr__(self): the string version of _context. Example string returned: - , 'function': None, + , 'function': None, 'name': 'socket', 'imports': set(['socket']), 'module': None, 'filename': 'examples/binding.py', - 'call': <_ast.Call object at 0x110252510>, 'lineno': 3, + 'call': , 'lineno': 3, 'import_aliases': {}, 'qualname': 'socket.socket'}> :return: A string representation of the object diff --git a/bandit/core/utils.py b/bandit/core/utils.py index 694d322a8..544e013d0 100644 --- a/bandit/core/utils.py +++ b/bandit/core/utils.py @@ -14,7 +14,6 @@ # License for the specific language governing permissions and limitations # under the License. -import _ast import ast import logging import os.path @@ -46,11 +45,11 @@ def _get_attr_qual_name(node, aliases): :param aliases: Import aliases dictionary :returns: Qualified name referred to by the attribute or name. ''' - if isinstance(node, _ast.Name): + if isinstance(node, ast.Name): if node.id in aliases: return aliases[node.id] return node.id - elif isinstance(node, _ast.Attribute): + elif isinstance(node, ast.Attribute): name = '%s.%s' % (_get_attr_qual_name(node.value, aliases), node.attr) if name in aliases: return aliases[name] @@ -60,11 +59,11 @@ def _get_attr_qual_name(node, aliases): def get_call_name(node, aliases): - if isinstance(node.func, _ast.Name): + if isinstance(node.func, ast.Name): if deepgetattr(node, 'func.id') in aliases: return aliases[deepgetattr(node, 'func.id')] return deepgetattr(node, 'func.id') - elif isinstance(node.func, _ast.Attribute): + elif isinstance(node.func, ast.Attribute): return _get_attr_qual_name(node.func, aliases) else: return "" @@ -76,7 +75,7 @@ def get_func_name(node): def get_qual_attr(node, aliases): prefix = "" - if isinstance(node, _ast.Attribute): + if isinstance(node, ast.Attribute): try: val = deepgetattr(node, 'value.id') if val in aliases: From ef4782e1bb98946ac9b612152129df9db1bf5476 Mon Sep 17 00:00:00 2001 From: Tyler Wince Date: Tue, 25 Jun 2019 14:06:03 -0600 Subject: [PATCH 05/10] take 38 out of the pipeline failures --- .travis.yml | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/.travis.yml b/.travis.yml index b8bc58dd1..a39643760 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,17 +31,4 @@ matrix: sudo: true - python: pypy env: TOXENV=pypy - allow_failures: - - python: 3.8-dev - env: TOXENV=py38 - dist: xenial - sudo: true -notifications: - email: - - lhinds@protonmail.com - irc: - channels: - - "irc.freenode.org##python-code-quality" - use_notice: true - skip_join: true From 539d95f59e3761880520a154433c6d9410e52f06 Mon Sep 17 00:00:00 2001 From: Tyler Wince Date: Tue, 25 Jun 2019 22:29:28 +0000 Subject: [PATCH 06/10] add visit_Constant --- bandit/core/node_visitor.py | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/bandit/core/node_visitor.py b/bandit/core/node_visitor.py index 1f7608e7a..665c2e115 100644 --- a/bandit/core/node_visitor.py +++ b/bandit/core/node_visitor.py @@ -152,6 +152,29 @@ def visit_ImportFrom(self, node): self.context['name'] = nodename.name self.update_scores(self.tester.run_tests(self.context, 'ImportFrom')) + def visit_Constant(self, node): + '''Visitor for AST Constant nodes + + call the appropriate method for the node type. + this maintains compatibility with <3.6 and 3.8+ + + This code is heavily influenced by Anthony Sottile (@asottile) from here: + https://bugs.python.org/msg342486 + + :param node: The node that is being inspected + :return: - + ''' + if isinstance(node.value, str): + self.visit_Str(node) + elif isinstance(node.value, bytes): + self.visit_Bytes(node) + elif node.value in {True, False}: + self.visit_NameConstant(node) + elif node.value is Ellipsis: + self.visit_Ellipsis(node) + elif isinstance(node.value, (int, float)): + self.visit_Num(node) + def visit_Str(self, node): '''Visitor for AST String nodes From 3dbcfc6bfdf2e04d1ee265cb873f5f7608d9f532 Mon Sep 17 00:00:00 2001 From: Tyler Wince Date: Tue, 25 Jun 2019 22:42:17 +0000 Subject: [PATCH 07/10] remove the nonexistant functions --- bandit/core/node_visitor.py | 6 ------ 1 file changed, 6 deletions(-) diff --git a/bandit/core/node_visitor.py b/bandit/core/node_visitor.py index 665c2e115..9fb434bed 100644 --- a/bandit/core/node_visitor.py +++ b/bandit/core/node_visitor.py @@ -168,12 +168,6 @@ def visit_Constant(self, node): self.visit_Str(node) elif isinstance(node.value, bytes): self.visit_Bytes(node) - elif node.value in {True, False}: - self.visit_NameConstant(node) - elif node.value is Ellipsis: - self.visit_Ellipsis(node) - elif isinstance(node.value, (int, float)): - self.visit_Num(node) def visit_Str(self, node): '''Visitor for AST String nodes From 67552cbe5a170e8cdf197141a6dbe9473789ef35 Mon Sep 17 00:00:00 2001 From: Tyler Wince Date: Tue, 25 Jun 2019 22:45:49 +0000 Subject: [PATCH 08/10] add pytest_cache to the ignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 691dc0923..f9c5f73bf 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,4 @@ doc/source/api AUTHORS releasenotes/build .mypy_cache +.pytest_cache From 61eb70d3098a1ed4bd35826d316fe155aae0f353 Mon Sep 17 00:00:00 2001 From: Tyler Wince Date: Tue, 25 Jun 2019 22:55:11 +0000 Subject: [PATCH 09/10] flake8 errors --- bandit/core/node_visitor.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bandit/core/node_visitor.py b/bandit/core/node_visitor.py index 9fb434bed..42a5adeda 100644 --- a/bandit/core/node_visitor.py +++ b/bandit/core/node_visitor.py @@ -158,7 +158,7 @@ def visit_Constant(self, node): call the appropriate method for the node type. this maintains compatibility with <3.6 and 3.8+ - This code is heavily influenced by Anthony Sottile (@asottile) from here: + This code is heavily influenced by Anthony Sottile (@asottile) here: https://bugs.python.org/msg342486 :param node: The node that is being inspected From 46cbea44278d50ad02ee43e7a3a55cbb8f80ff8d Mon Sep 17 00:00:00 2001 From: Tyler Wince Date: Tue, 25 Jun 2019 23:08:52 +0000 Subject: [PATCH 10/10] add data back to travis --- .gitignore | 2 -- .travis.yml | 9 ++++++++- bandit/core/context.py | 4 ++-- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index f9c5f73bf..96ba49288 100644 --- a/.gitignore +++ b/.gitignore @@ -19,5 +19,3 @@ doc/source/api .*.sw? AUTHORS releasenotes/build -.mypy_cache -.pytest_cache diff --git a/.travis.yml b/.travis.yml index a39643760..064ad1096 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,4 +31,11 @@ matrix: sudo: true - python: pypy env: TOXENV=pypy - +notifications: + email: + - lhinds@protonmail.com + irc: + channels: + - "irc.freenode.org##python-code-quality" + use_notice: true + skip_join: true diff --git a/bandit/core/context.py b/bandit/core/context.py index 3d90ecdd6..2874f66ea 100644 --- a/bandit/core/context.py +++ b/bandit/core/context.py @@ -40,10 +40,10 @@ def __repr__(self): the string version of _context. Example string returned: - , 'function': None, + , 'function': None, 'name': 'socket', 'imports': set(['socket']), 'module': None, 'filename': 'examples/binding.py', - 'call': , 'lineno': 3, + 'call': <_ast.Call object at 0x110252510>, 'lineno': 3, 'import_aliases': {}, 'qualname': 'socket.socket'}> :return: A string representation of the object