diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 66775f99..c19ea287 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -11,14 +11,8 @@ repos: - id: end-of-file-fixer - id: trailing-whitespace -- repo: https://github.com/asottile/reorder_python_imports - rev: v3.16.0 - hooks: - - id: reorder-python-imports - args: [--application-directories, '.:src', --py38-plus] - - repo: https://github.com/psf/black-pre-commit-mirror - rev: 25.12.0 + rev: 26.3.0 hooks: - id: black args: [--line-length=79, --target-version=py311] diff --git a/custom/python/requests_get_verify_false.py b/custom/python/requests_get_verify_false.py index 4bb4e4c9..32aba4f2 100644 --- a/custom/python/requests_get_verify_false.py +++ b/custom/python/requests_get_verify_false.py @@ -1,4 +1,3 @@ import requests - requests.get("https://localhost", verify=False) diff --git a/precli/__init__.py b/precli/__init__.py index e6f4ebc8..1b3cfb21 100644 --- a/precli/__init__.py +++ b/precli/__init__.py @@ -3,7 +3,6 @@ from datetime import datetime from importlib import metadata - __author__ = metadata.metadata("precli")["Author"] __summary__ = metadata.metadata("precli")["Summary"] __copyright__ = f"Copyright {datetime.now():%Y} Secure Sauce LLC" diff --git a/precli/__main__.py b/precli/__main__.py index 141ef3a3..4671a23d 100644 --- a/precli/__main__.py +++ b/precli/__main__.py @@ -3,5 +3,4 @@ # SPDX-License-Identifier: BUSL-1.1 from precli.cli import main - main.main() diff --git a/precli/cli/main.py b/precli/cli/main.py index af7f8531..e7db3612 100644 --- a/precli/cli/main.py +++ b/precli/cli/main.py @@ -27,7 +27,6 @@ from precli.core.run import Run from precli.renderers import Renderer - BUSL_URL = "https://spdx.org/licenses/BUSL-1.1.html" GITHUB_URL = "https://github.com" PYPI_URL = "https://pypi.org" diff --git a/precli/core/run.py b/precli/core/run.py index 24f974f9..b58fc30d 100644 --- a/precli/core/run.py +++ b/precli/core/run.py @@ -29,7 +29,6 @@ from precli.parsers.basic import Basic from precli.rules import Rule - LOG = logging.getLogger(__name__) PROGRESS_THRESHOLD = 50 parsers = loader.load_extension(group="precli.parsers") diff --git a/precli/i18n.py b/precli/i18n.py index 20427eff..1b111dd8 100644 --- a/precli/i18n.py +++ b/precli/i18n.py @@ -4,7 +4,6 @@ import locale import os - LOCALE_DIR = os.path.join("precli", "locale") diff --git a/precli/parsers/__init__.py b/precli/parsers/__init__.py index f09acfde..f65d36ad 100644 --- a/precli/parsers/__init__.py +++ b/precli/parsers/__init__.py @@ -84,7 +84,7 @@ def _expand_rule_list(rule_list: list[str]) -> list[str]: expanded_rules = [] for rule in rule_list: if "-" in rule: - (rule_start, rule_end) = rule.split("-", maxsplit=1) + rule_start, rule_end = rule.split("-", maxsplit=1) if rule_start[:-3] == rule_end[:-3]: try: start = int(rule_start[-3:]) diff --git a/precli/parsers/basic.py b/precli/parsers/basic.py index 2ccfbeec..f1cf377e 100644 --- a/precli/parsers/basic.py +++ b/precli/parsers/basic.py @@ -4,7 +4,6 @@ from precli.parsers import Parser - # Language map to [file extensions, rule prefix] LANG_MAP = { "c_sharp": [[".cs"], "CS"], diff --git a/precli/parsers/python.py b/precli/parsers/python.py index 0c647300..654d56d3 100644 --- a/precli/parsers/python.py +++ b/precli/parsers/python.py @@ -19,7 +19,6 @@ from precli.parsers import Parser from precli.parsers.node_types import NodeTypes - Import = namedtuple("Import", "module alias") @@ -217,7 +216,7 @@ def visit_assignment(self, nodes: list[Node]): ) if nodes[2].type == NodeTypes.CALL: - (call_args, call_kwargs) = self.get_func_args( + call_args, call_kwargs = self.get_func_args( nodes[2].children[1] ) @@ -264,7 +263,7 @@ def _get_func_ident(self, node: Node) -> Optional[Node]: def visit_call(self, nodes: list[Node]): func_call_qual = self.resolve(nodes[0]) - (func_call_args, func_call_kwargs) = self.get_func_args(nodes[1]) + func_call_args, func_call_kwargs = self.get_func_args(nodes[1]) if self.context["node"].children: # (attribute | identifier) argument_list diff --git a/precli/renderers/json.py b/precli/renderers/json.py index d9992a01..44f87d1e 100644 --- a/precli/renderers/json.py +++ b/precli/renderers/json.py @@ -13,7 +13,6 @@ from precli.renderers import Renderer from precli.rules import Rule - SCHEMA_URI = "https://json.schemastore.org/sarif-2.1.0.json" SCHEMA_VER = "2.1.0" TS_FORMAT = "%Y-%m-%dT%H:%M:%SZ" diff --git a/precli/renderers/markdown.py b/precli/renderers/markdown.py index 3f596416..77e27e30 100644 --- a/precli/renderers/markdown.py +++ b/precli/renderers/markdown.py @@ -11,7 +11,6 @@ from precli.renderers import Renderer from precli.rules import Rule - logging.getLogger("markdown_it").setLevel(logging.INFO) diff --git a/precli/rules/go/stdlib/crypto_unrestricted_bind.py b/precli/rules/go/stdlib/crypto_unrestricted_bind.py index 96324587..1b4f660c 100644 --- a/precli/rules/go/stdlib/crypto_unrestricted_bind.py +++ b/precli/rules/go/stdlib/crypto_unrestricted_bind.py @@ -103,6 +103,7 @@ _New in version 0.8.1_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -112,7 +113,6 @@ from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "[::]" diff --git a/precli/rules/go/stdlib/crypto_weak_cipher.py b/precli/rules/go/stdlib/crypto_weak_cipher.py index 41d86643..03a53732 100644 --- a/precli/rules/go/stdlib/crypto_weak_cipher.py +++ b/precli/rules/go/stdlib/crypto_weak_cipher.py @@ -129,6 +129,7 @@ _New in version 0.2.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/go/stdlib/crypto_weak_hash.py b/precli/rules/go/stdlib/crypto_weak_hash.py index c50aa3b6..bd300013 100644 --- a/precli/rules/go/stdlib/crypto_weak_hash.py +++ b/precli/rules/go/stdlib/crypto_weak_hash.py @@ -80,6 +80,7 @@ _New in version 0.2.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/go/stdlib/crypto_weak_key.py b/precli/rules/go/stdlib/crypto_weak_key.py index de7764b9..3e8737de 100644 --- a/precli/rules/go/stdlib/crypto_weak_key.py +++ b/precli/rules/go/stdlib/crypto_weak_key.py @@ -139,6 +139,7 @@ _New in version 0.2.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/go/stdlib/net_http_no_timeout.py b/precli/rules/go/stdlib/net_http_no_timeout.py index 442f7f47..492374e0 100644 --- a/precli/rules/go/stdlib/net_http_no_timeout.py +++ b/precli/rules/go/stdlib/net_http_no_timeout.py @@ -111,6 +111,7 @@ _New in version 0.8.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/go/stdlib/net_unrestricted_bind.py b/precli/rules/go/stdlib/net_unrestricted_bind.py index 7b228f78..4990818b 100644 --- a/precli/rules/go/stdlib/net_unrestricted_bind.py +++ b/precli/rules/go/stdlib/net_unrestricted_bind.py @@ -85,6 +85,7 @@ _New in version 0.8.1_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -94,7 +95,6 @@ from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "[::]" diff --git a/precli/rules/go/stdlib/syscall_setuid_root.py b/precli/rules/go/stdlib/syscall_setuid_root.py index 62259b31..b8ac5168 100644 --- a/precli/rules/go/stdlib/syscall_setuid_root.py +++ b/precli/rules/go/stdlib/syscall_setuid_root.py @@ -95,6 +95,7 @@ _New in version 0.6.6_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/java/stdlib/java_net_insecure_cookie.py b/precli/rules/java/stdlib/java_net_insecure_cookie.py index fd7db29c..20cfcc9b 100644 --- a/precli/rules/java/stdlib/java_net_insecure_cookie.py +++ b/precli/rules/java/stdlib/java_net_insecure_cookie.py @@ -76,6 +76,7 @@ _New in version 0.5.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/java/stdlib/java_security_weak_hash.py b/precli/rules/java/stdlib/java_security_weak_hash.py index 9eaa083d..b2fdf363 100644 --- a/precli/rules/java/stdlib/java_security_weak_hash.py +++ b/precli/rules/java/stdlib/java_security_weak_hash.py @@ -82,6 +82,7 @@ _New in version 0.5.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/java/stdlib/java_security_weak_key.py b/precli/rules/java/stdlib/java_security_weak_key.py index be24e1d2..cafbc065 100644 --- a/precli/rules/java/stdlib/java_security_weak_key.py +++ b/precli/rules/java/stdlib/java_security_weak_key.py @@ -95,6 +95,7 @@ _New in version 0.5.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/java/stdlib/java_security_weak_random.py b/precli/rules/java/stdlib/java_security_weak_random.py index 9f2603ca..341473ff 100644 --- a/precli/rules/java/stdlib/java_security_weak_random.py +++ b/precli/rules/java/stdlib/java_security_weak_random.py @@ -78,6 +78,7 @@ _New in version 0.5.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/java/stdlib/javax_crypto_weak_cipher.py b/precli/rules/java/stdlib/javax_crypto_weak_cipher.py index 3810cb01..9d558123 100644 --- a/precli/rules/java/stdlib/javax_crypto_weak_cipher.py +++ b/precli/rules/java/stdlib/javax_crypto_weak_cipher.py @@ -138,6 +138,7 @@ _New in version 0.5.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/java/stdlib/javax_servlet_http_insecure_cookie.py b/precli/rules/java/stdlib/javax_servlet_http_insecure_cookie.py index 154b19cb..38cd5d4d 100644 --- a/precli/rules/java/stdlib/javax_servlet_http_insecure_cookie.py +++ b/precli/rules/java/stdlib/javax_servlet_http_insecure_cookie.py @@ -74,6 +74,7 @@ _New in version 0.5.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/argparse_sensitive_info.py b/precli/rules/python/stdlib/argparse_sensitive_info.py index 96a32cd6..86cd97a4 100644 --- a/precli/rules/python/stdlib/argparse_sensitive_info.py +++ b/precli/rules/python/stdlib/argparse_sensitive_info.py @@ -88,6 +88,7 @@ _Changed in version 0.4.1: --api-key also checked_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/assert.py b/precli/rules/python/stdlib/assert.py index 2f7b9e7b..2422d7d4 100644 --- a/precli/rules/python/stdlib/assert.py +++ b/precli/rules/python/stdlib/assert.py @@ -68,6 +68,7 @@ def foobar(a: str = None): _New in version 0.3.8_ """ # noqa: E501 + from typing import Optional from precli.core.location import Location diff --git a/precli/rules/python/stdlib/crypt_weak_hash.py b/precli/rules/python/stdlib/crypt_weak_hash.py index f8cdffb8..dcd3ade3 100644 --- a/precli/rules/python/stdlib/crypt_weak_hash.py +++ b/precli/rules/python/stdlib/crypt_weak_hash.py @@ -113,6 +113,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -121,7 +122,6 @@ from precli.i18n import _ from precli.rules import Rule - WEAK_CRYPT_HASHES = ( "crypt.METHOD_CRYPT", "crypt.METHOD_MD5", diff --git a/precli/rules/python/stdlib/ftplib_cleartext.py b/precli/rules/python/stdlib/ftplib_cleartext.py index b60271fc..c682c3a1 100644 --- a/precli/rules/python/stdlib/ftplib_cleartext.py +++ b/precli/rules/python/stdlib/ftplib_cleartext.py @@ -92,6 +92,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/ftplib_no_timeout.py b/precli/rules/python/stdlib/ftplib_no_timeout.py index 49372bd0..7e1d9b07 100644 --- a/precli/rules/python/stdlib/ftplib_no_timeout.py +++ b/precli/rules/python/stdlib/ftplib_no_timeout.py @@ -75,6 +75,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/ftplib_unverified_context.py b/precli/rules/python/stdlib/ftplib_unverified_context.py index 4257bafb..a5a6dacb 100644 --- a/precli/rules/python/stdlib/ftplib_unverified_context.py +++ b/precli/rules/python/stdlib/ftplib_unverified_context.py @@ -73,6 +73,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -81,7 +82,6 @@ from precli.i18n import _ from precli.rules import Rule - CONTEXT_FIX = "ssl.create_default_context()" diff --git a/precli/rules/python/stdlib/hashlib_improper_prng.py b/precli/rules/python/stdlib/hashlib_improper_prng.py index 4d6fc95c..3872b111 100644 --- a/precli/rules/python/stdlib/hashlib_improper_prng.py +++ b/precli/rules/python/stdlib/hashlib_improper_prng.py @@ -74,6 +74,7 @@ _New in version 0.4.3_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/hashlib_weak_hash.py b/precli/rules/python/stdlib/hashlib_weak_hash.py index 529c1143..eb402fb0 100644 --- a/precli/rules/python/stdlib/hashlib_weak_hash.py +++ b/precli/rules/python/stdlib/hashlib_weak_hash.py @@ -96,6 +96,7 @@ _Changed in version 0.4.1: Added md5-sha1_ """ # noqa: E501 + from typing import Optional from precli.core.argument import Argument diff --git a/precli/rules/python/stdlib/hmac_timing_attack.py b/precli/rules/python/stdlib/hmac_timing_attack.py index 47b641a1..2af92ed7 100644 --- a/precli/rules/python/stdlib/hmac_timing_attack.py +++ b/precli/rules/python/stdlib/hmac_timing_attack.py @@ -85,6 +85,7 @@ _New in version 0.1.4_ """ # noqa: E501 + from typing import Optional from precli.core.comparison import Comparison @@ -93,7 +94,6 @@ from precli.i18n import _ from precli.rules import Rule - TIMING_VULNERABLE = ( "hmac.digest", "hmac.new.digest", diff --git a/precli/rules/python/stdlib/hmac_weak_hash.py b/precli/rules/python/stdlib/hmac_weak_hash.py index a7158aed..1272203f 100644 --- a/precli/rules/python/stdlib/hmac_weak_hash.py +++ b/precli/rules/python/stdlib/hmac_weak_hash.py @@ -87,6 +87,7 @@ _Changed in version 0.4.1: Added md5-sha1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/hmac_weak_key.py b/precli/rules/python/stdlib/hmac_weak_key.py index 3f753877..9ef8a0c5 100644 --- a/precli/rules/python/stdlib/hmac_weak_key.py +++ b/precli/rules/python/stdlib/hmac_weak_key.py @@ -74,6 +74,7 @@ _New in version 0.4.3_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -82,7 +83,6 @@ from precli.i18n import _ from precli.rules import Rule - HASH_NAME_SIZES = { "blake2s": 32, "blake2b": 64, diff --git a/precli/rules/python/stdlib/http_server_unrestricted_bind.py b/precli/rules/python/stdlib/http_server_unrestricted_bind.py index e67ccc20..bab0911d 100644 --- a/precli/rules/python/stdlib/http_server_unrestricted_bind.py +++ b/precli/rules/python/stdlib/http_server_unrestricted_bind.py @@ -80,6 +80,7 @@ def run(server_class: HTTPServer): _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -89,7 +90,6 @@ def run(server_class: HTTPServer): from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "::" diff --git a/precli/rules/python/stdlib/http_url_secret.py b/precli/rules/python/stdlib/http_url_secret.py index b9a68d93..95179134 100644 --- a/precli/rules/python/stdlib/http_url_secret.py +++ b/precli/rules/python/stdlib/http_url_secret.py @@ -74,6 +74,7 @@ _New in version 0.3.4_ """ # noqa: E501 + from typing import Optional from urllib.parse import parse_qs from urllib.parse import urlsplit diff --git a/precli/rules/python/stdlib/imaplib_cleartext.py b/precli/rules/python/stdlib/imaplib_cleartext.py index 56443e80..f95b6690 100644 --- a/precli/rules/python/stdlib/imaplib_cleartext.py +++ b/precli/rules/python/stdlib/imaplib_cleartext.py @@ -76,6 +76,7 @@ _New in version 0.1.9_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/imaplib_no_timeout.py b/precli/rules/python/stdlib/imaplib_no_timeout.py index 47782e3a..3211ebd7 100644 --- a/precli/rules/python/stdlib/imaplib_no_timeout.py +++ b/precli/rules/python/stdlib/imaplib_no_timeout.py @@ -77,6 +77,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/imaplib_unverified_context.py b/precli/rules/python/stdlib/imaplib_unverified_context.py index aac3c9f4..ccf71440 100644 --- a/precli/rules/python/stdlib/imaplib_unverified_context.py +++ b/precli/rules/python/stdlib/imaplib_unverified_context.py @@ -84,6 +84,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -92,7 +93,6 @@ from precli.i18n import _ from precli.rules import Rule - CONTEXT_FIX = "ssl.create_default_context()" diff --git a/precli/rules/python/stdlib/json_load.py b/precli/rules/python/stdlib/json_load.py index f0cf6d2a..c7c88161 100644 --- a/precli/rules/python/stdlib/json_load.py +++ b/precli/rules/python/stdlib/json_load.py @@ -48,6 +48,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/logging_insecure_listen_config.py b/precli/rules/python/stdlib/logging_insecure_listen_config.py index 3cf575e5..5da01858 100644 --- a/precli/rules/python/stdlib/logging_insecure_listen_config.py +++ b/precli/rules/python/stdlib/logging_insecure_listen_config.py @@ -60,6 +60,7 @@ def validate(recv: bytes): _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/marshal_load.py b/precli/rules/python/stdlib/marshal_load.py index d47d0407..59c0b528 100644 --- a/precli/rules/python/stdlib/marshal_load.py +++ b/precli/rules/python/stdlib/marshal_load.py @@ -53,6 +53,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/nntplib_cleartext.py b/precli/rules/python/stdlib/nntplib_cleartext.py index 71a87a30..236b1eda 100644 --- a/precli/rules/python/stdlib/nntplib_cleartext.py +++ b/precli/rules/python/stdlib/nntplib_cleartext.py @@ -62,6 +62,7 @@ _New in version 0.1.9_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/nntplib_no_timeout.py b/precli/rules/python/stdlib/nntplib_no_timeout.py index e1376290..d6234854 100644 --- a/precli/rules/python/stdlib/nntplib_no_timeout.py +++ b/precli/rules/python/stdlib/nntplib_no_timeout.py @@ -77,6 +77,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/nntplib_unverified_context.py b/precli/rules/python/stdlib/nntplib_unverified_context.py index d45788f2..df47c821 100644 --- a/precli/rules/python/stdlib/nntplib_unverified_context.py +++ b/precli/rules/python/stdlib/nntplib_unverified_context.py @@ -74,6 +74,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -82,7 +83,6 @@ from precli.i18n import _ from precli.rules import Rule - CONTEXT_FIX = "ssl.create_default_context()" diff --git a/precli/rules/python/stdlib/os_loose_file_perm.py b/precli/rules/python/stdlib/os_loose_file_perm.py index f9a769da..af41f109 100644 --- a/precli/rules/python/stdlib/os_loose_file_perm.py +++ b/precli/rules/python/stdlib/os_loose_file_perm.py @@ -90,6 +90,7 @@ _New in version 0.6.2_ """ # noqa: E501 + import stat from typing import Optional @@ -101,7 +102,6 @@ from precli.parsers.node_types import NodeTypes from precli.rules import Rule - DEFAULT_MODE = { "os.mkdir": 0o777, "os.open": 0o777, diff --git a/precli/rules/python/stdlib/os_setuid_root.py b/precli/rules/python/stdlib/os_setuid_root.py index 25d7af16..2f04d23b 100644 --- a/precli/rules/python/stdlib/os_setuid_root.py +++ b/precli/rules/python/stdlib/os_setuid_root.py @@ -71,6 +71,7 @@ _New in version 0.6.6_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/pathlib_loose_file_perm.py b/precli/rules/python/stdlib/pathlib_loose_file_perm.py index 9480c54b..6c94d5cb 100644 --- a/precli/rules/python/stdlib/pathlib_loose_file_perm.py +++ b/precli/rules/python/stdlib/pathlib_loose_file_perm.py @@ -90,6 +90,7 @@ _New in version 0.6.2_ """ # noqa: E501 + import stat from typing import Optional @@ -101,7 +102,6 @@ from precli.parsers.node_types import NodeTypes from precli.rules import Rule - DEFAULT_MODE = { "pathlib.Path.mkdir": 0o777, "pathlib.Path.touch": 0o666, diff --git a/precli/rules/python/stdlib/pickle_load.py b/precli/rules/python/stdlib/pickle_load.py index 74c49891..294aaa1f 100644 --- a/precli/rules/python/stdlib/pickle_load.py +++ b/precli/rules/python/stdlib/pickle_load.py @@ -65,6 +65,7 @@ def load_pickle_file(file_path): _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/poplib_cleartext.py b/precli/rules/python/stdlib/poplib_cleartext.py index 8d92fa8a..bdfc6a0b 100644 --- a/precli/rules/python/stdlib/poplib_cleartext.py +++ b/precli/rules/python/stdlib/poplib_cleartext.py @@ -71,6 +71,7 @@ _New in version 0.1.9_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/poplib_no_timeout.py b/precli/rules/python/stdlib/poplib_no_timeout.py index 81685e9a..9ad9dda7 100644 --- a/precli/rules/python/stdlib/poplib_no_timeout.py +++ b/precli/rules/python/stdlib/poplib_no_timeout.py @@ -77,6 +77,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/poplib_unverified_context.py b/precli/rules/python/stdlib/poplib_unverified_context.py index 0587eeff..72663e79 100644 --- a/precli/rules/python/stdlib/poplib_unverified_context.py +++ b/precli/rules/python/stdlib/poplib_unverified_context.py @@ -80,6 +80,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -88,7 +89,6 @@ from precli.i18n import _ from precli.rules import Rule - CONTEXT_FIX = "ssl.create_default_context()" diff --git a/precli/rules/python/stdlib/re_denial_of_service.py b/precli/rules/python/stdlib/re_denial_of_service.py index 2d91f0e9..707fd1da 100644 --- a/precli/rules/python/stdlib/re_denial_of_service.py +++ b/precli/rules/python/stdlib/re_denial_of_service.py @@ -67,6 +67,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core import redos diff --git a/precli/rules/python/stdlib/secrets_weak_token.py b/precli/rules/python/stdlib/secrets_weak_token.py index 2604a3bf..909a5190 100644 --- a/precli/rules/python/stdlib/secrets_weak_token.py +++ b/precli/rules/python/stdlib/secrets_weak_token.py @@ -63,6 +63,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/shelve_open.py b/precli/rules/python/stdlib/shelve_open.py index 1733bf78..16d54d7d 100644 --- a/precli/rules/python/stdlib/shelve_open.py +++ b/precli/rules/python/stdlib/shelve_open.py @@ -52,6 +52,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/smtplib_cleartext.py b/precli/rules/python/stdlib/smtplib_cleartext.py index 6714507c..b4df5164 100644 --- a/precli/rules/python/stdlib/smtplib_cleartext.py +++ b/precli/rules/python/stdlib/smtplib_cleartext.py @@ -107,6 +107,7 @@ def prompt(prompt): _New in version 0.1.9_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/smtplib_no_timeout.py b/precli/rules/python/stdlib/smtplib_no_timeout.py index 458ef3bc..a9a2035e 100644 --- a/precli/rules/python/stdlib/smtplib_no_timeout.py +++ b/precli/rules/python/stdlib/smtplib_no_timeout.py @@ -79,6 +79,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/smtplib_unverified_context.py b/precli/rules/python/stdlib/smtplib_unverified_context.py index 75cf24d6..5d2acb25 100644 --- a/precli/rules/python/stdlib/smtplib_unverified_context.py +++ b/precli/rules/python/stdlib/smtplib_unverified_context.py @@ -116,6 +116,7 @@ def prompt(prompt): _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -124,7 +125,6 @@ def prompt(prompt): from precli.i18n import _ from precli.rules import Rule - CONTEXT_FIX = "ssl.create_default_context()" diff --git a/precli/rules/python/stdlib/socket_no_timeout.py b/precli/rules/python/stdlib/socket_no_timeout.py index 829c24fd..6a5d62f5 100644 --- a/precli/rules/python/stdlib/socket_no_timeout.py +++ b/precli/rules/python/stdlib/socket_no_timeout.py @@ -74,6 +74,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/socket_unrestricted_bind.py b/precli/rules/python/stdlib/socket_unrestricted_bind.py index 4ccd9dc5..3730f1a6 100644 --- a/precli/rules/python/stdlib/socket_unrestricted_bind.py +++ b/precli/rules/python/stdlib/socket_unrestricted_bind.py @@ -70,6 +70,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -79,7 +80,6 @@ from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "::" diff --git a/precli/rules/python/stdlib/socketserver_unrestricted_bind.py b/precli/rules/python/stdlib/socketserver_unrestricted_bind.py index 2f49e1a5..3d19392e 100644 --- a/precli/rules/python/stdlib/socketserver_unrestricted_bind.py +++ b/precli/rules/python/stdlib/socketserver_unrestricted_bind.py @@ -88,6 +88,7 @@ def handle(self): _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -97,7 +98,6 @@ def handle(self): from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "::" diff --git a/precli/rules/python/stdlib/ssl_context_weak_key.py b/precli/rules/python/stdlib/ssl_context_weak_key.py index 99b28ece..438f22ec 100644 --- a/precli/rules/python/stdlib/ssl_context_weak_key.py +++ b/precli/rules/python/stdlib/ssl_context_weak_key.py @@ -68,6 +68,7 @@ _New in version 0.2.3_ """ # noqa: E501 + import re from typing import Optional diff --git a/precli/rules/python/stdlib/ssl_create_unverified_context.py b/precli/rules/python/stdlib/ssl_create_unverified_context.py index b23b31d7..82c902a6 100644 --- a/precli/rules/python/stdlib/ssl_create_unverified_context.py +++ b/precli/rules/python/stdlib/ssl_create_unverified_context.py @@ -62,6 +62,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/ssl_insecure_tls_version.py b/precli/rules/python/stdlib/ssl_insecure_tls_version.py index 9f5c3919..7f7c73de 100644 --- a/precli/rules/python/stdlib/ssl_insecure_tls_version.py +++ b/precli/rules/python/stdlib/ssl_insecure_tls_version.py @@ -75,6 +75,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.argument import Argument @@ -84,7 +85,6 @@ from precli.i18n import _ from precli.rules import Rule - INSECURE_VERSIONS = ( "ssl.PROTOCOL_SSLv2", "ssl.PROTOCOL_SSLv3", diff --git a/precli/rules/python/stdlib/ssl_no_timeout.py b/precli/rules/python/stdlib/ssl_no_timeout.py index aec7662d..5c0305aa 100644 --- a/precli/rules/python/stdlib/ssl_no_timeout.py +++ b/precli/rules/python/stdlib/ssl_no_timeout.py @@ -69,6 +69,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/telnetlib_cleartext.py b/precli/rules/python/stdlib/telnetlib_cleartext.py index 077c3e2e..9ab85c40 100644 --- a/precli/rules/python/stdlib/telnetlib_cleartext.py +++ b/precli/rules/python/stdlib/telnetlib_cleartext.py @@ -114,6 +114,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/telnetlib_no_timeout.py b/precli/rules/python/stdlib/telnetlib_no_timeout.py index 82287c8f..d2fd5c50 100644 --- a/precli/rules/python/stdlib/telnetlib_no_timeout.py +++ b/precli/rules/python/stdlib/telnetlib_no_timeout.py @@ -72,6 +72,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/tempfile_mktemp_race_condition.py b/precli/rules/python/stdlib/tempfile_mktemp_race_condition.py index d5494b9c..42ab444e 100644 --- a/precli/rules/python/stdlib/tempfile_mktemp_race_condition.py +++ b/precli/rules/python/stdlib/tempfile_mktemp_race_condition.py @@ -65,6 +65,7 @@ _New in version 0.1.9_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/xmlrpc_server_unrestricted_bind.py b/precli/rules/python/stdlib/xmlrpc_server_unrestricted_bind.py index 07344b8e..dd683a96 100644 --- a/precli/rules/python/stdlib/xmlrpc_server_unrestricted_bind.py +++ b/precli/rules/python/stdlib/xmlrpc_server_unrestricted_bind.py @@ -80,6 +80,7 @@ def run(server_class: DocXMLRPCServer): _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -89,7 +90,6 @@ def run(server_class: DocXMLRPCServer): from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "::" diff --git a/precli/targets/github.py b/precli/targets/github.py index df729566..3b0eee6c 100644 --- a/precli/targets/github.py +++ b/precli/targets/github.py @@ -17,7 +17,6 @@ from precli.core.artifact import Artifact from precli.targets import Target - GITHUB_API = "https://api.github.com" GITHUB_URL = "https://github.com" diff --git a/precli/targets/pypi.py b/precli/targets/pypi.py index 3a6d6f6f..c3da6203 100644 --- a/precli/targets/pypi.py +++ b/precli/targets/pypi.py @@ -16,7 +16,6 @@ from precli.core.artifact import Artifact from precli.targets import Target - PYPI_API = "https://pypi.org" diff --git a/setup.py b/setup.py index 72591d69..e0efab44 100644 --- a/setup.py +++ b/setup.py @@ -2,7 +2,6 @@ # SPDX-License-Identifier: BUSL-1.1 import setuptools - setuptools.setup( python_requires=">=3.10", setup_requires=["pbr>=2.0.0"],