-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[flake8-bandit
] Add S504
SslWithNoVersion
rule
#9384
Conversation
@@ -13,7 +13,7 @@ use crate::registry::AsRule; | |||
/// Checks for imports of the`telnetlib` module. | |||
/// | |||
/// ## Why is this bad? | |||
/// Telnet is considered insecure. Instead, ise SSH or another encrypted | |||
/// Telnet is considered insecure. Instead, use SSH or another encrypted |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice work by me!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Thanks for quick review! Unsure what's up with linux and windows tests, is this a known CI issue? |
5424691
to
51fb748
Compare
@qdegraaf - I think we just had to bump the rule set size. |
|
Summary
Adds
S504
rule for the flake8-bandit plugin port.Checks for calls to
ssl.wrap_socket
which have nossl_version
argument set. See also https://bandit.readthedocs.io/en/latest/_modules/bandit/plugins/insecure_ssl_tls.html#ssl_with_no_versionTest Plan
Fixture added
Issue Link
Refers: #1646