Update to 1.5.1

codacy · Oct 9, 2018 · b3d5be5 · b3d5be5
1 parent 92b65ec
commit b3d5be5
Show file tree

Hide file tree

Showing 7 changed files with 30 additions and 5 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -37,11 +37,11 @@ jobs:
     - run:
         name: Test json
         working_directory: ~/codacy-plugins-test
-        command: sbt -Dcodacy.tests.ignore.descriptions=true "run-main codacy.plugins.DockerTest json $CIRCLE_PROJECT_REPONAME:latest"
+        command: sbt -Dcodacy.tests.ignore.descriptions=true "runMain codacy.plugins.DockerTest json $CIRCLE_PROJECT_REPONAME:latest"
     - run:
         name: Test patterns
         working_directory: ~/codacy-plugins-test
-        command: sbt -Dcodacy.tests.noremove=true -Dcodacy.tests.threads=8 "run-main codacy.plugins.DockerTest pattern $CIRCLE_PROJECT_REPONAME:latest"
+        command: sbt -Dcodacy.tests.noremove=true -Dcodacy.tests.threads=8 "runMain codacy.plugins.DockerTest pattern $CIRCLE_PROJECT_REPONAME:latest"
     - deploy:
         name: Push application Docker image
         command: |

diff --git a/build.sbt b/build.sbt
@@ -54,7 +54,7 @@ def installAll(toolVersion: String) =
      |python3 -m pip uninstall -y pip &&
      |apk del wget ca-certificates git &&
      |rm -rf /tmp/* &&
-     |rm /var/cache/apk/*""".stripMargin.replaceAll(System.lineSeparator(), " ")
+     |rm -rf /var/cache/apk/*""".stripMargin.replaceAll(System.lineSeparator(), " ")
 
 mappings.in(Universal) ++= resourceDirectory
   .in(Compile)

diff --git a/project/build.properties b/project/build.properties
@@ -1 +1 @@
-sbt.version=1.2.1
+sbt.version=1.2.3
diff --git a/src/main/resources/docs/description/B507.md b/src/main/resources/docs/description/B507.md
@@ -0,0 +1,7 @@
+## Avoid missing host key validation
+
+Encryption in general is typically critical to the security of many applications. Using SSH can greatly increase security by guaranteeing the identity of the party you are communicating with.
+This is accomplished by one or both parties presenting trusted host keys during the connection initialization phase of SSH.
+When paramiko methods are used, host keys are verified by default.
+
+[Reference](https://docs.openstack.org/bandit/latest/plugins/b507_ssh_no_host_key_verification.html)
diff --git a/src/main/resources/docs/description/description.json b/src/main/resources/docs/description/description.json
@@ -204,6 +204,10 @@
     "patternId":"B506",
     "title":"Yaml load"
   },
+  {
+    "patternId":"B507",
+    "title":"SSH no host key verification"
+  },
   {
     "patternId":"B601",
     "title":"Paramiko calls"

diff --git a/src/main/resources/docs/patterns.json b/src/main/resources/docs/patterns.json
@@ -1,6 +1,6 @@
 {
   "name": "Bandit",
-  "version": "1.5.0",
+  "version": "1.5.1",
   "patterns": [
     {
       "patternId": "B101",
@@ -257,6 +257,11 @@
       "level": "Warning",
       "category": "Security"
     },
+    {
+      "patternId": "B507",
+      "level": "Warning",
+      "category": "Security"
+    },
     {
       "patternId": "B601",
       "level": "Warning",

diff --git a/src/main/resources/docs/tests/B507.py b/src/main/resources/docs/tests/B507.py
@@ -0,0 +1,9 @@
+##Patterns: B507
+
+from paramiko import client
+
+ssh_client = client.SSHClient()
+##Warn: B507
+ssh_client.set_missing_host_key_policy(client.AutoAddPolicy)
+##Warn: B507
+ssh_client.set_missing_host_key_policy(client.WarningPolicy)