(Ready for review) Support for beautiful relative imports #29
Conversation
pyt/base_cfg.py
Outdated
| @@ -252,6 +252,7 @@ def connect_control_flow_node(self, control_flow_node, next_node): | |||
| def connect_nodes(self, nodes): | |||
| """Connect the nodes in a list linearly.""" | |||
| for n, next_node in zip(nodes, nodes[1:]): | |||
|
|
|||
There was a problem hiding this comment.
extra line, I'll remove it when I make other feedback changes
| @@ -286,7 +287,7 @@ def stmt_star_handler(self, stmts): | |||
| elif isinstance(node, BreakNode): | |||
| break_nodes.append(node) | |||
|
|
|||
| if self.node_to_connect(node): | |||
| if self.node_to_connect(node) and node: | |||
There was a problem hiding this comment.
connect_nodes messes up if node is None
| n = RestoreNode(temp_name + ' = ' + label_visitor.result, | ||
| temp_name, | ||
| [label_visitor.result], | ||
| rhs_visitor.result, |
There was a problem hiding this comment.
This was the bug that messed up inter-procedural analysis.
| for k in local_definitions.import_alias_mapping.keys(): | ||
| if _id.startswith(k): | ||
| real_id = _id.replace(k, local_definitions.import_alias_mapping[k]) | ||
| definition = local_definitions.get_definition(real_id) |
There was a problem hiding this comment.
This makes sure, where import bar as foo, if it sees foo it gets the definition of bar.
|
|
||
| # This fails due to a false positive in get_vulnerability | ||
| # def test_absolute_from_file_does_not_exist(self): | ||
| # vulnerability_log = self.run_analysis('example/vulnerable_code_across_files/absolute_from_file_does_not_exist.py') |
There was a problem hiding this comment.
So when a function has to be treated as a blackbox it shouldn't assume the return value is tainted, but it's somewhat low priority to fix, for me, personally.
| # class NestedTest(BaseTestCase): | ||
| # def test_nested_function_calls(self): | ||
|
|
||
| # path = os.path.normpath('example/nested_functions_code/nested_function_calls.py') |
There was a problem hiding this comment.
Not gonna fix it in this PR, I wanted to share the test though.
| for node, expected_label in zip(self.cfg.nodes, EXPECTED): | ||
| self.assertEqual(node.label, expected_label) | ||
|
|
||
| # def test_init(self): |
There was a problem hiding this comment.
As I started to try to get this to pass I thought the PR would be too big so I just pushed and wrote
raise Exception("TODO: Handle __init__ files")
KevinHock
changed the title
…nto relative_imports
|
Thanks a bunch 🙏 |
This PR started as adding support for relative imports, but naturally became an inter-procedural PR including tests for things I haven't done yet like init files,
__all__,from foo import *with style and random improvements e.g.project_handler_testalong the way.A few of the small things:
get_python_modules->get_modulesbecause I addedget_modules_and_packagesis_python_module -> is_python_fileadd all tuples to project handler testdouble-quotes all around, for consistent multi-line comments