صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
sintez
/
py_task
2
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
درخت: 609422c2ac
شاخه‌ها تگ‌ها
py_task
/
venv
/
lib
/
python3.9
/
site-packages
/
bandit
/
plugins
/
asserts.py

asserts.py 2.2 KB
تاريخچه خام

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 
  1. #
    2. 

  2. # Copyright 2014 Hewlett-Packard Development Company, L.P.
    3. 

  3. #
    4. 

  4. # SPDX-License-Identifier: Apache-2.0
    5. 

  5. r"""
    6. 

  6. ============================
    7. 

  7. B101: Test for use of assert
    8. 

  8. ============================
    9. 

  9. 

  10. This plugin test checks for the use of the Python ``assert`` keyword. It was
    11. 

  11. discovered that some projects used assert to enforce interface constraints.
    12. 

  12. However, assert is removed with compiling to optimised byte code (python -o
    13. 

  13. producing \*.pyo files). This caused various protections to be removed.
    14. 

  14. Consider raising a semantically meaningful error or ``AssertionError`` instead.
    15. 

  15. 

  16. Please see
    17. 

  17. https://docs.python.org/3/reference/simple_stmts.html#the-assert-statement for
    18. 

  18. more info on ``assert``.
    19. 

  19. 

  20. **Config Options:**
    21. 

  21. 

  22. You can configure files that skip this check. This is often useful when you
    23. 

  23. use assert statements in test cases.
    24. 

  24. 

  25. .. code-block:: yaml
    26. 

  26. 

  27.     assert_used:
    28. 

  28.       skips: ['*_test.py', '*test_*.py']
    29. 

  29. 

  30. :Example:
    31. 

  31. 

  32. .. code-block:: none
    33. 

  33. 

  34.     >> Issue: Use of assert detected. The enclosed code will be removed when
    35. 

  35.        compiling to optimised byte code.
    36. 

  36.        Severity: Low   Confidence: High
    37. 

  37.        CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
    38. 

  38.        Location: ./examples/assert.py:1
    39. 

  39.     1 assert logged_in
    40. 

  40.     2 display_assets()
    41. 

  41. 

  42. .. seealso::
    43. 

  43. 

  44.  - https://bugs.launchpad.net/juniperopenstack/+bug/1456193
    45. 

  45.  - https://bugs.launchpad.net/heat/+bug/1397883
    46. 

  46.  - https://docs.python.org/3/reference/simple_stmts.html#the-assert-statement
    47. 

  47.  - https://cwe.mitre.org/data/definitions/703.html
    48. 

  48. 

  49. .. versionadded:: 0.11.0
    50. 

  50. 

  51. .. versionchanged:: 1.7.3
    52. 

  52.     CWE information added
    53. 

  53. 

  54. """
    55. 

  55. import fnmatch
    56. 

  56. 

  57. import bandit
    58. 

  58. from bandit.core import issue
    59. 

  59. from bandit.core import test_properties as test
    60. 

  60. 

  61. 

  62. def gen_config(name):
    63. 

  63.     if name == "assert_used":
    64. 

  64.         return {"skips": []}
    65. 

  65. 

  66. 

  67. @test.takes_config
    68. 

  68. @test.test_id("B101")
    69. 

  69. @test.checks("Assert")
    70. 

  70. def assert_used(context, config):
    71. 

  71.     for skip in config.get("skips", []):
    72. 

  72.         if fnmatch.fnmatch(context.filename, skip):
    73. 

  73.             return None
    74. 

  74. 

  75.     return bandit.Issue(
    76. 

  76.         severity=bandit.LOW,
    77. 

  77.         confidence=bandit.HIGH,
    78. 

  78.         cwe=issue.Cwe.IMPROPER_CHECK_OF_EXCEPT_COND,
    79. 

  79.         text=(
    80. 

  80.             "Use of assert detected. The enclosed code "
    81. 

  81.             "will be removed when compiling to optimised byte code."
    82. 

  82.         ),
    83. 

  83.     )
    84.