Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(plugins/B507): also detect class instances #1064

Merged
merged 1 commit into from
Sep 28, 2023
Merged

fix(plugins/B507): also detect class instances #1064

merged 1 commit into from
Sep 28, 2023

Conversation

mkniewallner
Copy link
Contributor

paramiko supports passing both a class and a class instance for the policy in set_missing_host_key_policy
(https://github.com/paramiko/paramiko/blob/8e389c77660c5cdae3069b478665427d23012853/paramiko/client.py#L171-L191). This updates B507 to account for both styles.

@mkniewallner
fix(plugins/B507): also detect class instances
f8161eb 
`paramiko` supports passing both a class and a class instance for the
policy in `set_missing_host_key_policy`
(https://github.com/paramiko/paramiko/blob/8e389c77660c5cdae3069b478665427d23012853/paramiko/client.py#L171-L191).
This updates B507 to account for both styles.
@mkniewallner mkniewallner marked this pull request as ready for review September 25, 2023 18:32
@mkniewallner mkniewallner mentioned this pull request Sep 25, 2023
Merged
ericwb
ericwb approved these changes Sep 25, 2023
View reviewed changes
Copy link
Member

@ericwb ericwb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I also manually tested using the class instance and paramiko does
handle as described in this PR.

@ericwb ericwb merged commit 6969489 into PyCQA:main Sep 28, 2023
11 checks passed
@mkniewallner mkniewallner deleted the fix/detect-instances-B507 branch September 28, 2023 06:22
charliermarsh pushed a commit to astral-sh/ruff that referenced this pull request Sep 28, 2023
@mkniewallner
fix(rules): improve S507 detection (#7661)
cfbebcf 
## Summary

Follow-up on #7528 that improves
detections of mis-usages of policy in `paramiko`.

First commit applies the same fix as in `bandit`
(PyCQA/bandit#1064), as `paramiko` supports
passing both a class and a class instance for the policy in
`set_missing_host_key_policy`
(https://github.com/paramiko/paramiko/blob/8e389c77660c5cdae3069b478665427d23012853/paramiko/client.py#L171-L191).

Second commit improve the detection of `paramiko` import paths that
trigger a violation, as `AutoAddPolicy`, `WarningPolicy` and `SSHClient`
are not only exposed in `paramiko.client`, but also in `paramiko`
(https://github.com/paramiko/paramiko/blob/66117732de6de03914308f9a21b05b50a781d13c/paramiko/__init__.py#L121-L164).

## Test Plan

Snapshot tests.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ericwb ericwb ericwb approved these changes

@lukehinds lukehinds Awaiting requested review from lukehinds lukehinds is a code owner

@sigmavirus24 sigmavirus24 Awaiting requested review from sigmavirus24 sigmavirus24 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mkniewallner @ericwb