Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

language and linting updates #1015

Merged
merged 3 commits into from
Apr 6, 2023
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions bandit/cli/config_generator.py
Original file line number Diff line number Diff line change
Expand Up @@ -158,11 +158,11 @@ def main():

for skip in skips:
if not extension_loader.MANAGER.check_id(skip):
raise RuntimeError("unknown ID in skips: %s" % skip)
raise RuntimeError(f"unknown ID in skips: {skip}")

for test in tests:
if not extension_loader.MANAGER.check_id(test):
raise RuntimeError("unknown ID in tests: %s" % test)
raise RuntimeError(f"unknown ID in tests: {test}")

tpl = "# {0} : {1}"
test_list = [
Expand Down
7 changes: 3 additions & 4 deletions bandit/cli/main.py
Original file line number Diff line number Diff line change
Expand Up @@ -371,9 +371,8 @@ def main():
parser.add_argument(
"--version",
action="version",
version="%(prog)s {version}\n python version = {python}".format(
version=bandit.__version__, python=python_ver
),
version=f"%(prog)s {bandit.__version__}\n"
f" python version = {python_ver}",
)

parser.set_defaults(debug=False)
Expand All @@ -387,7 +386,7 @@ def main():
blacklist_info = []
for a in extension_mgr.blacklist.items():
for b in a[1]:
blacklist_info.append("{}\t{}".format(b["id"], b["name"]))
blacklist_info.append(f"{b['id']}\t{b['name']}")

plugin_list = "\n\t".join(sorted(set(plugin_info + blacklist_info)))
dedent_text = textwrap.dedent(
Expand Down
1 change: 0 additions & 1 deletion bandit/core/config.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@
from bandit.core import extension_loader
from bandit.core import utils


LOG = logging.getLogger(__name__)


Expand Down
2 changes: 1 addition & 1 deletion bandit/core/context.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ def __repr__(self):

:return: A string representation of the object
"""
return "<Context %s>" % self._context
return f"<Context {self._context}>"

@property
def call_args(self):
Expand Down
6 changes: 1 addition & 5 deletions bandit/core/docs_utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,7 @@ def get_url(bid):

info = extension_loader.MANAGER.plugins_by_id.get(bid)
if info is not None:
return "{}plugins/{}_{}.html".format(
base_url,
bid.lower(),
info.plugin.__name__,
)
return f"{base_url}plugins/{bid.lower()}_{info.plugin.__name__}.html"

info = extension_loader.MANAGER.blacklist_by_id.get(bid)
if info is not None:
Expand Down
8 changes: 4 additions & 4 deletions bandit/core/extension_loader.py
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ def test_has_id(plugin):
if not hasattr(plugin.plugin, "_test_id"):
# logger not setup yet, so using print
print(
"WARNING: Test '%s' has no ID, skipping." % plugin.name,
f"WARNING: Test '{plugin.name}' has no ID, skipping.",
file=sys.stderr,
)
return False
Expand Down Expand Up @@ -82,16 +82,16 @@ def validate_profile(self, profile):
"""Validate that everything in the configured profiles looks good."""
for inc in profile["include"]:
if not self.check_id(inc):
raise ValueError("Unknown test found in profile: %s" % inc)
raise ValueError(f"Unknown test found in profile: {inc}")

for exc in profile["exclude"]:
if not self.check_id(exc):
raise ValueError("Unknown test found in profile: %s" % exc)
raise ValueError(f"Unknown test found in profile: {exc}")

union = set(profile["include"]) & set(profile["exclude"])
if len(union) > 0:
raise ValueError(
"Non-exclusive include/exclude test sets: %s" % union
f"Non-exclusive include/exclude test sets: {union}"
)

def check_id(self, test):
Expand Down
5 changes: 2 additions & 3 deletions bandit/core/manager.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@
from bandit.core import node_visitor as b_node_visitor
from bandit.core import test_set as b_test_set


LOG = logging.getLogger(__name__)
NOSEC_COMMENT = re.compile(r"#\s*nosec:?\s*(?P<tests>[^#]+)?#?")
NOSEC_COMMENT_TESTS = re.compile(r"(?:(B\d+|[a-z_]+),?)+", re.IGNORECASE)
Expand Down Expand Up @@ -195,8 +194,8 @@ def output_results(

except Exception as e:
raise RuntimeError(
"Unable to output report using '%s' formatter: "
"%s" % (output_format, str(e))
f"Unable to output report using "
f"'{output_format}' formatter: {str(e)}"
)

def discover_files(self, targets, recursive=False, excluded_paths=""):
Expand Down
7 changes: 3 additions & 4 deletions bandit/core/meta_ast.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
import collections
import logging


LOG = logging.getLogger(__name__)


Expand Down Expand Up @@ -40,7 +39,7 @@ def __str__(self):
"""
tmpstr = ""
for k, v in self.nodes.items():
tmpstr += "Node: %s\n" % k
tmpstr += "\t%s\n" % str(v)
tmpstr += "Length: %s\n" % len(self.nodes)
tmpstr += f"Node: {k}\n"
tmpstr += f"\t{str(v)}\n"
tmpstr += f"Length: {len(self.nodes)}\n"
return tmpstr
1 change: 0 additions & 1 deletion bandit/core/node_visitor.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@
from bandit.core import tester as b_tester
from bandit.core import utils as b_utils


LOG = logging.getLogger(__name__)


Expand Down
1 change: 0 additions & 1 deletion bandit/core/test_set.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@
from bandit.core import blacklisting
from bandit.core import extension_loader


LOG = logging.getLogger(__name__)


Expand Down
6 changes: 3 additions & 3 deletions bandit/core/tester.py
Original file line number Diff line number Diff line change
Expand Up @@ -84,9 +84,9 @@ def run_tests(self, raw_context, checktype):
LOG.debug("skipped, nosec without test number")
self.metrics.note_nosec()
continue
elif result.test_id in nosec_tests_to_skip:
if result.test_id in nosec_tests_to_skip:
LOG.debug(
"skipped, nosec for test %s" % result.test_id
f"skipped, nosec for test {result.test_id}"
)
self.metrics.note_skipped_test()
continue
Expand Down Expand Up @@ -152,7 +152,7 @@ def _get_nosecs_from_contexts(self, context, test_result=None):
@staticmethod
def report_error(test, context, error):
what = "Bandit internal error running: "
what += "%s " % test
what += f"{test} "
what += "on file %s at line %i: " % (
context._context["filename"],
context._context["lineno"],
Expand Down
5 changes: 2 additions & 3 deletions bandit/core/utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -140,8 +140,7 @@ def get_module_qualname_from_path(path):
(head, tail) = os.path.split(path)
if head == "" or tail == "":
raise InvalidModulePath(
'Invalid python file path: "%s"'
" Missing path or file name" % (path)
f'Invalid python file path: "{path}" Missing path or file name'
)

qname = [os.path.splitext(tail)[0]]
Expand Down Expand Up @@ -369,7 +368,7 @@ def check_ast_node(name):
except AttributeError: # nosec(tkelsey): catching expected exception
pass

raise TypeError("Error: %s is not a valid node type in AST" % name)
raise TypeError(f"Error: {name} is not a valid node type in AST")


def get_nosec(nosec_lines, context):
Expand Down
6 changes: 1 addition & 5 deletions bandit/formatters/custom.py
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@

from bandit.core import test_properties


LOG = logging.getLogger(__name__)


Expand Down Expand Up @@ -141,10 +140,7 @@ def get_similar_tag(tag):
markers = ["", ":", "!"]
msg_parsed_template_list.append(
["{"]
+ [
"%s" % (m + p) if p else ""
for m, p in zip(markers, params)
]
+ [f"{m + p}" if p else "" for m, p in zip(markers, params)]
+ ["}"]
)

Expand Down
1 change: 0 additions & 1 deletion bandit/formatters/html.py
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,6 @@
from bandit.core import test_properties
from bandit.formatters import utils


LOG = logging.getLogger(__name__)


Expand Down
6 changes: 3 additions & 3 deletions bandit/formatters/screen.py
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@


def header(text, *args):
return "{}{}{}".format(COLOR["HEADER"], (text % args), COLOR["DEFAULT"])
return f"{COLOR['HEADER']}{text % args}{COLOR['DEFAULT']}"


def get_verbose_details(manager):
Expand All @@ -81,15 +81,15 @@ def get_verbose_details(manager):
]
)
bits.append(header("Files excluded (%i):", len(manager.excluded_files)))
bits.extend(["\t%s" % fname for fname in manager.excluded_files])
bits.extend([f"\t{fname}" for fname in manager.excluded_files])
return "\n".join([str(bit) for bit in bits])


def get_metrics(manager):
bits = []
bits.append(header("\nRun metrics:"))
for (criteria, _) in constants.CRITERIA:
bits.append("\tTotal issues (by %s):" % (criteria.lower()))
bits.append(f"\tTotal issues (by {criteria.lower()}):")
for rank in constants.RANKING:
bits.append(
"\t\t%s: %s"
Expand Down
15 changes: 7 additions & 8 deletions bandit/formatters/text.py
Original file line number Diff line number Diff line change
Expand Up @@ -46,24 +46,24 @@

def get_verbose_details(manager):
bits = []
bits.append("Files in scope (%i):" % len(manager.files_list))
bits.append(f"Files in scope ({len(manager.files_list)}):")
tpl = "\t%s (score: {SEVERITY: %i, CONFIDENCE: %i})"
bits.extend(
[
tpl % (item, sum(score["SEVERITY"]), sum(score["CONFIDENCE"]))
for (item, score) in zip(manager.files_list, manager.scores)
]
)
bits.append("Files excluded (%i):" % len(manager.excluded_files))
bits.extend(["\t%s" % fname for fname in manager.excluded_files])
bits.append(f"Files excluded ({len(manager.excluded_files)}):")
bits.extend([f"\t{fname}" for fname in manager.excluded_files])
return "\n".join([bit for bit in bits])


def get_metrics(manager):
bits = []
bits.append("\nRun metrics:")
for (criteria, _) in constants.CRITERIA:
bits.append("\tTotal issues (by %s):" % (criteria.lower()))
bits.append(f"\tTotal issues (by {criteria.lower()}):")
for rank in constants.RANKING:
bits.append(
"\t\t%s: %s"
Expand All @@ -81,8 +81,7 @@ def _output_issue_str(
# returns a list of lines that should be added to the existing lines list
bits = []
bits.append(
"%s>> Issue: [%s:%s] %s"
% (indent, issue.test_id, issue.test, issue.text)
f"{indent}>> Issue: [{issue.test_id}:{issue.test}] {issue.text}"
)

bits.append(
Expand Down Expand Up @@ -162,7 +161,7 @@ def report(manager, fileobj, sev_level, conf_level, lines=-1):
bits = []

if not manager.quiet or manager.results_count(sev_level, conf_level):
bits.append("Run started:%s" % datetime.datetime.utcnow())
bits.append(f"Run started:{datetime.datetime.utcnow()}")

if manager.verbose:
bits.append(get_verbose_details(manager))
Expand All @@ -187,7 +186,7 @@ def report(manager, fileobj, sev_level, conf_level, lines=-1):

skipped = manager.get_skipped()
bits.append(get_metrics(manager))
bits.append("Files skipped (%i):" % len(skipped))
bits.append(f"Files skipped ({len(skipped)}):")
bits.extend(["\t%s (%s)" % skip for skip in skipped])
result = "\n".join([bit for bit in bits]) + "\n"

Expand Down
3 changes: 1 addition & 2 deletions bandit/plugins/general_hardcoded_password.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@
from bandit.core import issue
from bandit.core import test_properties as test


RE_WORDS = "(pas+wo?r?d|pass(phrase)?|pwd|token|secrete?)"
RE_CANDIDATES = re.compile(
"(^{0}$|_{0}_|^{0}_|_{0}$)".format(RE_WORDS), re.IGNORECASE
Expand All @@ -21,7 +20,7 @@ def _report(value):
severity=bandit.LOW,
confidence=bandit.MEDIUM,
cwe=issue.Cwe.HARD_CODED_PASSWORD,
text=("Possible hardcoded password: '%s'" % value),
text=f"Possible hardcoded password: '{value}'",
)


Expand Down
1 change: 0 additions & 1 deletion bandit/plugins/hashlib_insecure_functions.py
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,6 @@
from bandit.core import issue
from bandit.core import test_properties as test


WEAK_HASHES = ("md4", "md5", "sha", "sha1")


Expand Down
1 change: 0 additions & 1 deletion bandit/plugins/injection_shell.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@
from bandit.core import issue
from bandit.core import test_properties as test


# yuck, regex: starts with a windows drive letter (eg C:)
# or one of our path delimeter characters (/, \, .)
full_path_match = re.compile(r"^(?:[A-Za-z](?=\:)|[\\\/\.])")
Expand Down
2 changes: 1 addition & 1 deletion bandit/plugins/injection_wildcard.py
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,7 @@ def linux_commands_wildcard_injection(context, config):
argument_string = ""
if isinstance(call_argument, list):
for li in call_argument:
argument_string = argument_string + " %s" % li
argument_string = argument_string + f" {li}"
elif isinstance(call_argument, str):
argument_string = call_argument

Expand Down
6 changes: 3 additions & 3 deletions doc/source/conf.py
Original file line number Diff line number Diff line change
Expand Up @@ -65,16 +65,16 @@
html_theme_options = {}

# Output file base name for HTML help builder.
htmlhelp_basename = "%sdoc" % project
htmlhelp_basename = f"{project}doc"

# Grouping the document tree into LaTeX files. List of tuples
# (source start file, target name, title, author, documentclass
# [howto/manual]).
latex_documents = [
(
"index",
"%s.tex" % project,
"%s Documentation" % project,
f"{project}.tex",
f"{project} Documentation",
"PyCQA",
"manual",
),
Expand Down
Loading