From fec405a789034c77ee998796db36f37ab968dfcf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Mar 2026 23:59:13 +0000 Subject: [PATCH 01/35] Bump https://github.com/psf/black-pre-commit-mirror Bumps [https://github.com/psf/black-pre-commit-mirror](https://github.com/psf/black-pre-commit-mirror) from 25.12.0 to 26.3.0. - [Commits](https://github.com/psf/black-pre-commit-mirror/compare/25.12.0...26.3.0) --- updated-dependencies: - dependency-name: https://github.com/psf/black-pre-commit-mirror dependency-version: 26.3.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 66775f99..5a909167 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -18,7 +18,7 @@ repos: args: [--application-directories, '.:src', --py38-plus] - repo: https://github.com/psf/black-pre-commit-mirror - rev: 25.12.0 + rev: 26.3.0 hooks: - id: black args: [--line-length=79, --target-version=py311] From 73409e6151d8ce78186ad9cc341d9ce9ec1aa5ae Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:36:44 -0700 Subject: [PATCH 02/35] Remove blank line in requests_get_verify_false.py Removed unnecessary blank line before requests.get call. Signed-off-by: Eric Brown --- custom/python/requests_get_verify_false.py | 1 - 1 file changed, 1 deletion(-) diff --git a/custom/python/requests_get_verify_false.py b/custom/python/requests_get_verify_false.py index 4bb4e4c9..32aba4f2 100644 --- a/custom/python/requests_get_verify_false.py +++ b/custom/python/requests_get_verify_false.py @@ -1,4 +1,3 @@ import requests - requests.get("https://localhost", verify=False) From d90f119207e27d471a124c69b3c814aca2a07d9b Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:39:48 -0700 Subject: [PATCH 03/35] Remove unnecessary blank line in __init__.py Signed-off-by: Eric Brown --- precli/__init__.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/__init__.py b/precli/__init__.py index e6f4ebc8..1b3cfb21 100644 --- a/precli/__init__.py +++ b/precli/__init__.py @@ -3,7 +3,6 @@ from datetime import datetime from importlib import metadata - __author__ = metadata.metadata("precli")["Author"] __summary__ = metadata.metadata("precli")["Summary"] __copyright__ = f"Copyright {datetime.now():%Y} Secure Sauce LLC" From def317284862c3bdb1238c2b17bc11f141c0c2e3 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:41:37 -0700 Subject: [PATCH 04/35] Remove unnecessary blank line in __main__.py Signed-off-by: Eric Brown --- precli/__main__.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/__main__.py b/precli/__main__.py index 141ef3a3..4671a23d 100644 --- a/precli/__main__.py +++ b/precli/__main__.py @@ -3,5 +3,4 @@ # SPDX-License-Identifier: BUSL-1.1 from precli.cli import main - main.main() From 043839da0e5578e58395299bf86cdbfd40ab899a Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:53:49 -0700 Subject: [PATCH 05/35] Remove unnecessary blank line in main.py Signed-off-by: Eric Brown --- precli/cli/main.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/cli/main.py b/precli/cli/main.py index af7f8531..e7db3612 100644 --- a/precli/cli/main.py +++ b/precli/cli/main.py @@ -27,7 +27,6 @@ from precli.core.run import Run from precli.renderers import Renderer - BUSL_URL = "https://spdx.org/licenses/BUSL-1.1.html" GITHUB_URL = "https://github.com" PYPI_URL = "https://pypi.org" From 576aa836d0f7b32b061e4201a51935a1b1d7922a Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:54:17 -0700 Subject: [PATCH 06/35] Remove unnecessary blank line in run.py Signed-off-by: Eric Brown --- precli/core/run.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/core/run.py b/precli/core/run.py index 24f974f9..b58fc30d 100644 --- a/precli/core/run.py +++ b/precli/core/run.py @@ -29,7 +29,6 @@ from precli.parsers.basic import Basic from precli.rules import Rule - LOG = logging.getLogger(__name__) PROGRESS_THRESHOLD = 50 parsers = loader.load_extension(group="precli.parsers") From e3e24b78ddc539e8cf3e6e0abf89ca52dce9553f Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:55:01 -0700 Subject: [PATCH 07/35] Remove unnecessary blank line in i18n.py Signed-off-by: Eric Brown --- precli/i18n.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/i18n.py b/precli/i18n.py index 20427eff..1b111dd8 100644 --- a/precli/i18n.py +++ b/precli/i18n.py @@ -4,7 +4,6 @@ import locale import os - LOCALE_DIR = os.path.join("precli", "locale") From 42dd9de0ec36eac739ef1361145d0928aa4ee840 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:55:18 -0700 Subject: [PATCH 08/35] Remove blank line in Parser class Removed unnecessary blank line in Parser class. Signed-off-by: Eric Brown --- precli/parsers/__init__.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/parsers/__init__.py b/precli/parsers/__init__.py index f09acfde..682b0cd0 100644 --- a/precli/parsers/__init__.py +++ b/precli/parsers/__init__.py @@ -16,7 +16,6 @@ from precli.core.symtab import Symbol from precli.rules import Rule - class Parser(ABC): """ Base class of a language specific parser. From 7fccfbc79be1d28b74202ee34ff7ffe064c197a9 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:55:53 -0700 Subject: [PATCH 09/35] Add blank line for improved readability in __init__.py Signed-off-by: Eric Brown --- precli/parsers/__init__.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/parsers/__init__.py b/precli/parsers/__init__.py index 682b0cd0..f09acfde 100644 --- a/precli/parsers/__init__.py +++ b/precli/parsers/__init__.py @@ -16,6 +16,7 @@ from precli.core.symtab import Symbol from precli.rules import Rule + class Parser(ABC): """ Base class of a language specific parser. From 7236116f65fbef55b0a91368e35413df78fcf4d5 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:56:39 -0700 Subject: [PATCH 10/35] Refactor rule splitting for clarity Signed-off-by: Eric Brown --- precli/parsers/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/precli/parsers/__init__.py b/precli/parsers/__init__.py index f09acfde..f65d36ad 100644 --- a/precli/parsers/__init__.py +++ b/precli/parsers/__init__.py @@ -84,7 +84,7 @@ def _expand_rule_list(rule_list: list[str]) -> list[str]: expanded_rules = [] for rule in rule_list: if "-" in rule: - (rule_start, rule_end) = rule.split("-", maxsplit=1) + rule_start, rule_end = rule.split("-", maxsplit=1) if rule_start[:-3] == rule_end[:-3]: try: start = int(rule_start[-3:]) From dce843a72bfab0a0edb93951d94855be03d5c7c4 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:56:59 -0700 Subject: [PATCH 11/35] Remove unnecessary blank line in basic.py Signed-off-by: Eric Brown --- precli/parsers/basic.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/parsers/basic.py b/precli/parsers/basic.py index 2ccfbeec..f1cf377e 100644 --- a/precli/parsers/basic.py +++ b/precli/parsers/basic.py @@ -4,7 +4,6 @@ from precli.parsers import Parser - # Language map to [file extensions, rule prefix] LANG_MAP = { "c_sharp": [[".cs"], "CS"], From e3b676b615d1746561b898138d95605e3669134c Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:57:31 -0700 Subject: [PATCH 12/35] Remove unnecessary blank line in python.py Signed-off-by: Eric Brown --- precli/parsers/python.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/parsers/python.py b/precli/parsers/python.py index 0c647300..fa2905f0 100644 --- a/precli/parsers/python.py +++ b/precli/parsers/python.py @@ -19,7 +19,6 @@ from precli.parsers import Parser from precli.parsers.node_types import NodeTypes - Import = namedtuple("Import", "module alias") From 65151494e762e4e354baa777bd4a10e014122b2d Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:58:21 -0700 Subject: [PATCH 13/35] Refactor argument unpacking for get_func_args calls Signed-off-by: Eric Brown --- precli/parsers/python.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/precli/parsers/python.py b/precli/parsers/python.py index fa2905f0..654d56d3 100644 --- a/precli/parsers/python.py +++ b/precli/parsers/python.py @@ -216,7 +216,7 @@ def visit_assignment(self, nodes: list[Node]): ) if nodes[2].type == NodeTypes.CALL: - (call_args, call_kwargs) = self.get_func_args( + call_args, call_kwargs = self.get_func_args( nodes[2].children[1] ) @@ -263,7 +263,7 @@ def _get_func_ident(self, node: Node) -> Optional[Node]: def visit_call(self, nodes: list[Node]): func_call_qual = self.resolve(nodes[0]) - (func_call_args, func_call_kwargs) = self.get_func_args(nodes[1]) + func_call_args, func_call_kwargs = self.get_func_args(nodes[1]) if self.context["node"].children: # (attribute | identifier) argument_list From 735bca7b14984b0e4024a48bd8ccb7c088427b9b Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:59:03 -0700 Subject: [PATCH 14/35] Remove unnecessary blank line in json.py Signed-off-by: Eric Brown --- precli/renderers/json.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/renderers/json.py b/precli/renderers/json.py index d9992a01..44f87d1e 100644 --- a/precli/renderers/json.py +++ b/precli/renderers/json.py @@ -13,7 +13,6 @@ from precli.renderers import Renderer from precli.rules import Rule - SCHEMA_URI = "https://json.schemastore.org/sarif-2.1.0.json" SCHEMA_VER = "2.1.0" TS_FORMAT = "%Y-%m-%dT%H:%M:%SZ" From 164aca2efd81d7abd6b86a2c5e101c036a514470 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 20:59:18 -0700 Subject: [PATCH 15/35] Remove unnecessary blank line in markdown.py Signed-off-by: Eric Brown --- precli/renderers/markdown.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/renderers/markdown.py b/precli/renderers/markdown.py index 3f596416..77e27e30 100644 --- a/precli/renderers/markdown.py +++ b/precli/renderers/markdown.py @@ -11,7 +11,6 @@ from precli.renderers import Renderer from precli.rules import Rule - logging.getLogger("markdown_it").setLevel(logging.INFO) From 2867e6851fb8c5cf408207d35de1420bb34e9dda Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:00:14 -0700 Subject: [PATCH 16/35] Clean up setup.py by removing extra newline Remove unnecessary newline at the beginning of the file. Signed-off-by: Eric Brown --- setup.py | 1 - 1 file changed, 1 deletion(-) diff --git a/setup.py b/setup.py index 72591d69..e0efab44 100644 --- a/setup.py +++ b/setup.py @@ -2,7 +2,6 @@ # SPDX-License-Identifier: BUSL-1.1 import setuptools - setuptools.setup( python_requires=">=3.10", setup_requires=["pbr>=2.0.0"], From 9af912d5a7d95241f2bc5d13b66cd734d68ab8be Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:00:42 -0700 Subject: [PATCH 17/35] Remove unnecessary blank line in pypi.py Signed-off-by: Eric Brown --- precli/targets/pypi.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/targets/pypi.py b/precli/targets/pypi.py index 3a6d6f6f..c3da6203 100644 --- a/precli/targets/pypi.py +++ b/precli/targets/pypi.py @@ -16,7 +16,6 @@ from precli.core.artifact import Artifact from precli.targets import Target - PYPI_API = "https://pypi.org" From 8b7997fa228df3655beb5b398a67c8452375823c Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:00:56 -0700 Subject: [PATCH 18/35] Remove unnecessary blank line in github.py Signed-off-by: Eric Brown --- precli/targets/github.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/targets/github.py b/precli/targets/github.py index df729566..3b0eee6c 100644 --- a/precli/targets/github.py +++ b/precli/targets/github.py @@ -17,7 +17,6 @@ from precli.core.artifact import Artifact from precli.targets import Target - GITHUB_API = "https://api.github.com" GITHUB_URL = "https://github.com" From 9d77bbbd74397e0f7b530bebc77cb32a19f70c9e Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:12:22 -0700 Subject: [PATCH 19/35] Fix formatting and remove unnecessary blank lines Signed-off-by: Eric Brown --- precli/rules/go/stdlib/crypto_unrestricted_bind.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/precli/rules/go/stdlib/crypto_unrestricted_bind.py b/precli/rules/go/stdlib/crypto_unrestricted_bind.py index 96324587..1b4f660c 100644 --- a/precli/rules/go/stdlib/crypto_unrestricted_bind.py +++ b/precli/rules/go/stdlib/crypto_unrestricted_bind.py @@ -103,6 +103,7 @@ _New in version 0.8.1_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -112,7 +113,6 @@ from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "[::]" From 59f82d59150ea2ef29c0dc9a41772259dfa1d9dd Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:12:48 -0700 Subject: [PATCH 20/35] Add blank line for code style consistency Signed-off-by: Eric Brown --- precli/rules/go/stdlib/crypto_weak_cipher.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/go/stdlib/crypto_weak_cipher.py b/precli/rules/go/stdlib/crypto_weak_cipher.py index 41d86643..03a53732 100644 --- a/precli/rules/go/stdlib/crypto_weak_cipher.py +++ b/precli/rules/go/stdlib/crypto_weak_cipher.py @@ -129,6 +129,7 @@ _New in version 0.2.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From 3968ee73c077c973e124a3832b9df7fdfd7237b9 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:13:11 -0700 Subject: [PATCH 21/35] Add missing newline in crypto_weak_hash.py Signed-off-by: Eric Brown --- precli/rules/go/stdlib/crypto_weak_hash.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/go/stdlib/crypto_weak_hash.py b/precli/rules/go/stdlib/crypto_weak_hash.py index c50aa3b6..bd300013 100644 --- a/precli/rules/go/stdlib/crypto_weak_hash.py +++ b/precli/rules/go/stdlib/crypto_weak_hash.py @@ -80,6 +80,7 @@ _New in version 0.2.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From 9ccb6b4fda6c7770230ff72f1047251b2530d8a2 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:13:25 -0700 Subject: [PATCH 22/35] Add blank line for code style consistency Signed-off-by: Eric Brown --- precli/rules/go/stdlib/crypto_weak_key.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/go/stdlib/crypto_weak_key.py b/precli/rules/go/stdlib/crypto_weak_key.py index de7764b9..3e8737de 100644 --- a/precli/rules/go/stdlib/crypto_weak_key.py +++ b/precli/rules/go/stdlib/crypto_weak_key.py @@ -139,6 +139,7 @@ _New in version 0.2.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From 3c2eb1fa09633d703f0fa9b3d828c531ec46d509 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:13:46 -0700 Subject: [PATCH 23/35] Add missing newline in net_http_no_timeout.py Signed-off-by: Eric Brown --- precli/rules/go/stdlib/net_http_no_timeout.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/go/stdlib/net_http_no_timeout.py b/precli/rules/go/stdlib/net_http_no_timeout.py index 442f7f47..492374e0 100644 --- a/precli/rules/go/stdlib/net_http_no_timeout.py +++ b/precli/rules/go/stdlib/net_http_no_timeout.py @@ -111,6 +111,7 @@ _New in version 0.8.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From 1d5b6dbfd7472b4932f456eda486c9ca9b854d2f Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:14:03 -0700 Subject: [PATCH 24/35] Add newline to net_unrestricted_bind.py Signed-off-by: Eric Brown --- precli/rules/go/stdlib/net_unrestricted_bind.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/go/stdlib/net_unrestricted_bind.py b/precli/rules/go/stdlib/net_unrestricted_bind.py index 7b228f78..a6eaf777 100644 --- a/precli/rules/go/stdlib/net_unrestricted_bind.py +++ b/precli/rules/go/stdlib/net_unrestricted_bind.py @@ -85,6 +85,7 @@ _New in version 0.8.1_ """ # noqa: E501 + from typing import Optional from precli.core import utils From 22f815832e317789b92b72477b0d40fb084581c6 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:14:21 -0700 Subject: [PATCH 25/35] Update net_unrestricted_bind.py Signed-off-by: Eric Brown --- precli/rules/go/stdlib/net_unrestricted_bind.py | 1 - 1 file changed, 1 deletion(-) diff --git a/precli/rules/go/stdlib/net_unrestricted_bind.py b/precli/rules/go/stdlib/net_unrestricted_bind.py index a6eaf777..4990818b 100644 --- a/precli/rules/go/stdlib/net_unrestricted_bind.py +++ b/precli/rules/go/stdlib/net_unrestricted_bind.py @@ -95,7 +95,6 @@ from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "[::]" From ddcbf4d4303eb321475e377a8891986ff5170715 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:14:44 -0700 Subject: [PATCH 26/35] Add missing import statement for Optional Signed-off-by: Eric Brown --- precli/rules/go/stdlib/syscall_setuid_root.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/go/stdlib/syscall_setuid_root.py b/precli/rules/go/stdlib/syscall_setuid_root.py index 62259b31..b8ac5168 100644 --- a/precli/rules/go/stdlib/syscall_setuid_root.py +++ b/precli/rules/go/stdlib/syscall_setuid_root.py @@ -95,6 +95,7 @@ _New in version 0.6.6_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From 028e7795a6a7869fa0f130804d7eb653da3c0fb0 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:15:15 -0700 Subject: [PATCH 27/35] Update java_net_insecure_cookie.py Signed-off-by: Eric Brown --- precli/rules/java/stdlib/java_net_insecure_cookie.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/java/stdlib/java_net_insecure_cookie.py b/precli/rules/java/stdlib/java_net_insecure_cookie.py index fd7db29c..20cfcc9b 100644 --- a/precli/rules/java/stdlib/java_net_insecure_cookie.py +++ b/precli/rules/java/stdlib/java_net_insecure_cookie.py @@ -76,6 +76,7 @@ _New in version 0.5.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From 357d7477395e54f847f3585e1fede75933f101ed Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:15:41 -0700 Subject: [PATCH 28/35] Add import statement for Optional type Signed-off-by: Eric Brown --- precli/rules/java/stdlib/java_security_weak_hash.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/java/stdlib/java_security_weak_hash.py b/precli/rules/java/stdlib/java_security_weak_hash.py index 9eaa083d..b2fdf363 100644 --- a/precli/rules/java/stdlib/java_security_weak_hash.py +++ b/precli/rules/java/stdlib/java_security_weak_hash.py @@ -82,6 +82,7 @@ _New in version 0.5.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From e06f2b41f16acfdfaada4f972df9890fe4ed0e26 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:16:03 -0700 Subject: [PATCH 29/35] Add import for Optional type in java_security_weak_key.py Signed-off-by: Eric Brown --- precli/rules/java/stdlib/java_security_weak_key.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/java/stdlib/java_security_weak_key.py b/precli/rules/java/stdlib/java_security_weak_key.py index be24e1d2..cafbc065 100644 --- a/precli/rules/java/stdlib/java_security_weak_key.py +++ b/precli/rules/java/stdlib/java_security_weak_key.py @@ -95,6 +95,7 @@ _New in version 0.5.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From 0cf5062a51fc7109ec7919e321737b53efc24659 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:16:18 -0700 Subject: [PATCH 30/35] Add import statement for Optional type Signed-off-by: Eric Brown --- precli/rules/java/stdlib/java_security_weak_random.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/java/stdlib/java_security_weak_random.py b/precli/rules/java/stdlib/java_security_weak_random.py index 9f2603ca..341473ff 100644 --- a/precli/rules/java/stdlib/java_security_weak_random.py +++ b/precli/rules/java/stdlib/java_security_weak_random.py @@ -78,6 +78,7 @@ _New in version 0.5.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From 60cd313fcb7a66e4588d5983780229ef20aad27a Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:16:41 -0700 Subject: [PATCH 31/35] Add import for Optional type in javax_crypto_weak_cipher.py Signed-off-by: Eric Brown --- precli/rules/java/stdlib/javax_crypto_weak_cipher.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/java/stdlib/javax_crypto_weak_cipher.py b/precli/rules/java/stdlib/javax_crypto_weak_cipher.py index 3810cb01..9d558123 100644 --- a/precli/rules/java/stdlib/javax_crypto_weak_cipher.py +++ b/precli/rules/java/stdlib/javax_crypto_weak_cipher.py @@ -138,6 +138,7 @@ _New in version 0.5.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From f28c87d129e7a4673a7b47505bacb337f1ab3d2b Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:17:01 -0700 Subject: [PATCH 32/35] Add import for Optional type in insecure_cookie.py Signed-off-by: Eric Brown --- precli/rules/java/stdlib/javax_servlet_http_insecure_cookie.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/java/stdlib/javax_servlet_http_insecure_cookie.py b/precli/rules/java/stdlib/javax_servlet_http_insecure_cookie.py index 154b19cb..38cd5d4d 100644 --- a/precli/rules/java/stdlib/javax_servlet_http_insecure_cookie.py +++ b/precli/rules/java/stdlib/javax_servlet_http_insecure_cookie.py @@ -74,6 +74,7 @@ _New in version 0.5.1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From 79d947f723a6e934bc0601cffed246fd78761cf2 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:17:26 -0700 Subject: [PATCH 33/35] Add a blank line for code style consistency Signed-off-by: Eric Brown --- precli/rules/python/stdlib/argparse_sensitive_info.py | 1 + 1 file changed, 1 insertion(+) diff --git a/precli/rules/python/stdlib/argparse_sensitive_info.py b/precli/rules/python/stdlib/argparse_sensitive_info.py index 96a32cd6..86cd97a4 100644 --- a/precli/rules/python/stdlib/argparse_sensitive_info.py +++ b/precli/rules/python/stdlib/argparse_sensitive_info.py @@ -88,6 +88,7 @@ _Changed in version 0.4.1: --api-key also checked_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call From f77a0a79bf8e5209e999d8b4e69b28d36e527340 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:20:40 -0700 Subject: [PATCH 34/35] Fix format Signed-off-by: Eric Brown --- precli/rules/python/stdlib/assert.py | 1 + precli/rules/python/stdlib/crypt_weak_hash.py | 2 +- precli/rules/python/stdlib/ftplib_cleartext.py | 1 + precli/rules/python/stdlib/ftplib_no_timeout.py | 1 + precli/rules/python/stdlib/ftplib_unverified_context.py | 2 +- precli/rules/python/stdlib/hashlib_improper_prng.py | 1 + precli/rules/python/stdlib/hashlib_weak_hash.py | 1 + precli/rules/python/stdlib/hmac_timing_attack.py | 2 +- precli/rules/python/stdlib/hmac_weak_hash.py | 1 + precli/rules/python/stdlib/hmac_weak_key.py | 2 +- precli/rules/python/stdlib/http_server_unrestricted_bind.py | 2 +- precli/rules/python/stdlib/http_url_secret.py | 1 + precli/rules/python/stdlib/imaplib_cleartext.py | 1 + precli/rules/python/stdlib/imaplib_no_timeout.py | 1 + precli/rules/python/stdlib/imaplib_unverified_context.py | 2 +- precli/rules/python/stdlib/json_load.py | 1 + precli/rules/python/stdlib/logging_insecure_listen_config.py | 1 + precli/rules/python/stdlib/marshal_load.py | 1 + precli/rules/python/stdlib/nntplib_cleartext.py | 1 + precli/rules/python/stdlib/nntplib_no_timeout.py | 1 + precli/rules/python/stdlib/nntplib_unverified_context.py | 2 +- precli/rules/python/stdlib/os_loose_file_perm.py | 2 +- precli/rules/python/stdlib/os_setuid_root.py | 1 + precli/rules/python/stdlib/pathlib_loose_file_perm.py | 2 +- precli/rules/python/stdlib/pickle_load.py | 1 + precli/rules/python/stdlib/poplib_cleartext.py | 1 + precli/rules/python/stdlib/poplib_no_timeout.py | 1 + precli/rules/python/stdlib/poplib_unverified_context.py | 2 +- precli/rules/python/stdlib/re_denial_of_service.py | 1 + precli/rules/python/stdlib/secrets_weak_token.py | 1 + precli/rules/python/stdlib/shelve_open.py | 1 + precli/rules/python/stdlib/smtplib_cleartext.py | 1 + precli/rules/python/stdlib/smtplib_no_timeout.py | 1 + precli/rules/python/stdlib/smtplib_unverified_context.py | 2 +- precli/rules/python/stdlib/socket_no_timeout.py | 1 + precli/rules/python/stdlib/socket_unrestricted_bind.py | 2 +- precli/rules/python/stdlib/socketserver_unrestricted_bind.py | 2 +- precli/rules/python/stdlib/ssl_context_weak_key.py | 1 + precli/rules/python/stdlib/ssl_create_unverified_context.py | 1 + precli/rules/python/stdlib/ssl_insecure_tls_version.py | 2 +- precli/rules/python/stdlib/ssl_no_timeout.py | 1 + precli/rules/python/stdlib/telnetlib_cleartext.py | 1 + precli/rules/python/stdlib/telnetlib_no_timeout.py | 1 + precli/rules/python/stdlib/tempfile_mktemp_race_condition.py | 1 + precli/rules/python/stdlib/xmlrpc_server_unrestricted_bind.py | 2 +- 45 files changed, 45 insertions(+), 15 deletions(-) diff --git a/precli/rules/python/stdlib/assert.py b/precli/rules/python/stdlib/assert.py index 2f7b9e7b..2422d7d4 100644 --- a/precli/rules/python/stdlib/assert.py +++ b/precli/rules/python/stdlib/assert.py @@ -68,6 +68,7 @@ def foobar(a: str = None): _New in version 0.3.8_ """ # noqa: E501 + from typing import Optional from precli.core.location import Location diff --git a/precli/rules/python/stdlib/crypt_weak_hash.py b/precli/rules/python/stdlib/crypt_weak_hash.py index f8cdffb8..dcd3ade3 100644 --- a/precli/rules/python/stdlib/crypt_weak_hash.py +++ b/precli/rules/python/stdlib/crypt_weak_hash.py @@ -113,6 +113,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -121,7 +122,6 @@ from precli.i18n import _ from precli.rules import Rule - WEAK_CRYPT_HASHES = ( "crypt.METHOD_CRYPT", "crypt.METHOD_MD5", diff --git a/precli/rules/python/stdlib/ftplib_cleartext.py b/precli/rules/python/stdlib/ftplib_cleartext.py index b60271fc..c682c3a1 100644 --- a/precli/rules/python/stdlib/ftplib_cleartext.py +++ b/precli/rules/python/stdlib/ftplib_cleartext.py @@ -92,6 +92,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/ftplib_no_timeout.py b/precli/rules/python/stdlib/ftplib_no_timeout.py index 49372bd0..7e1d9b07 100644 --- a/precli/rules/python/stdlib/ftplib_no_timeout.py +++ b/precli/rules/python/stdlib/ftplib_no_timeout.py @@ -75,6 +75,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/ftplib_unverified_context.py b/precli/rules/python/stdlib/ftplib_unverified_context.py index 4257bafb..a5a6dacb 100644 --- a/precli/rules/python/stdlib/ftplib_unverified_context.py +++ b/precli/rules/python/stdlib/ftplib_unverified_context.py @@ -73,6 +73,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -81,7 +82,6 @@ from precli.i18n import _ from precli.rules import Rule - CONTEXT_FIX = "ssl.create_default_context()" diff --git a/precli/rules/python/stdlib/hashlib_improper_prng.py b/precli/rules/python/stdlib/hashlib_improper_prng.py index 4d6fc95c..3872b111 100644 --- a/precli/rules/python/stdlib/hashlib_improper_prng.py +++ b/precli/rules/python/stdlib/hashlib_improper_prng.py @@ -74,6 +74,7 @@ _New in version 0.4.3_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/hashlib_weak_hash.py b/precli/rules/python/stdlib/hashlib_weak_hash.py index 529c1143..eb402fb0 100644 --- a/precli/rules/python/stdlib/hashlib_weak_hash.py +++ b/precli/rules/python/stdlib/hashlib_weak_hash.py @@ -96,6 +96,7 @@ _Changed in version 0.4.1: Added md5-sha1_ """ # noqa: E501 + from typing import Optional from precli.core.argument import Argument diff --git a/precli/rules/python/stdlib/hmac_timing_attack.py b/precli/rules/python/stdlib/hmac_timing_attack.py index 47b641a1..2af92ed7 100644 --- a/precli/rules/python/stdlib/hmac_timing_attack.py +++ b/precli/rules/python/stdlib/hmac_timing_attack.py @@ -85,6 +85,7 @@ _New in version 0.1.4_ """ # noqa: E501 + from typing import Optional from precli.core.comparison import Comparison @@ -93,7 +94,6 @@ from precli.i18n import _ from precli.rules import Rule - TIMING_VULNERABLE = ( "hmac.digest", "hmac.new.digest", diff --git a/precli/rules/python/stdlib/hmac_weak_hash.py b/precli/rules/python/stdlib/hmac_weak_hash.py index a7158aed..1272203f 100644 --- a/precli/rules/python/stdlib/hmac_weak_hash.py +++ b/precli/rules/python/stdlib/hmac_weak_hash.py @@ -87,6 +87,7 @@ _Changed in version 0.4.1: Added md5-sha1_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/hmac_weak_key.py b/precli/rules/python/stdlib/hmac_weak_key.py index 3f753877..9ef8a0c5 100644 --- a/precli/rules/python/stdlib/hmac_weak_key.py +++ b/precli/rules/python/stdlib/hmac_weak_key.py @@ -74,6 +74,7 @@ _New in version 0.4.3_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -82,7 +83,6 @@ from precli.i18n import _ from precli.rules import Rule - HASH_NAME_SIZES = { "blake2s": 32, "blake2b": 64, diff --git a/precli/rules/python/stdlib/http_server_unrestricted_bind.py b/precli/rules/python/stdlib/http_server_unrestricted_bind.py index e67ccc20..bab0911d 100644 --- a/precli/rules/python/stdlib/http_server_unrestricted_bind.py +++ b/precli/rules/python/stdlib/http_server_unrestricted_bind.py @@ -80,6 +80,7 @@ def run(server_class: HTTPServer): _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -89,7 +90,6 @@ def run(server_class: HTTPServer): from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "::" diff --git a/precli/rules/python/stdlib/http_url_secret.py b/precli/rules/python/stdlib/http_url_secret.py index b9a68d93..95179134 100644 --- a/precli/rules/python/stdlib/http_url_secret.py +++ b/precli/rules/python/stdlib/http_url_secret.py @@ -74,6 +74,7 @@ _New in version 0.3.4_ """ # noqa: E501 + from typing import Optional from urllib.parse import parse_qs from urllib.parse import urlsplit diff --git a/precli/rules/python/stdlib/imaplib_cleartext.py b/precli/rules/python/stdlib/imaplib_cleartext.py index 56443e80..f95b6690 100644 --- a/precli/rules/python/stdlib/imaplib_cleartext.py +++ b/precli/rules/python/stdlib/imaplib_cleartext.py @@ -76,6 +76,7 @@ _New in version 0.1.9_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/imaplib_no_timeout.py b/precli/rules/python/stdlib/imaplib_no_timeout.py index 47782e3a..3211ebd7 100644 --- a/precli/rules/python/stdlib/imaplib_no_timeout.py +++ b/precli/rules/python/stdlib/imaplib_no_timeout.py @@ -77,6 +77,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/imaplib_unverified_context.py b/precli/rules/python/stdlib/imaplib_unverified_context.py index aac3c9f4..ccf71440 100644 --- a/precli/rules/python/stdlib/imaplib_unverified_context.py +++ b/precli/rules/python/stdlib/imaplib_unverified_context.py @@ -84,6 +84,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -92,7 +93,6 @@ from precli.i18n import _ from precli.rules import Rule - CONTEXT_FIX = "ssl.create_default_context()" diff --git a/precli/rules/python/stdlib/json_load.py b/precli/rules/python/stdlib/json_load.py index f0cf6d2a..c7c88161 100644 --- a/precli/rules/python/stdlib/json_load.py +++ b/precli/rules/python/stdlib/json_load.py @@ -48,6 +48,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/logging_insecure_listen_config.py b/precli/rules/python/stdlib/logging_insecure_listen_config.py index 3cf575e5..5da01858 100644 --- a/precli/rules/python/stdlib/logging_insecure_listen_config.py +++ b/precli/rules/python/stdlib/logging_insecure_listen_config.py @@ -60,6 +60,7 @@ def validate(recv: bytes): _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/marshal_load.py b/precli/rules/python/stdlib/marshal_load.py index d47d0407..59c0b528 100644 --- a/precli/rules/python/stdlib/marshal_load.py +++ b/precli/rules/python/stdlib/marshal_load.py @@ -53,6 +53,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/nntplib_cleartext.py b/precli/rules/python/stdlib/nntplib_cleartext.py index 71a87a30..236b1eda 100644 --- a/precli/rules/python/stdlib/nntplib_cleartext.py +++ b/precli/rules/python/stdlib/nntplib_cleartext.py @@ -62,6 +62,7 @@ _New in version 0.1.9_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/nntplib_no_timeout.py b/precli/rules/python/stdlib/nntplib_no_timeout.py index e1376290..d6234854 100644 --- a/precli/rules/python/stdlib/nntplib_no_timeout.py +++ b/precli/rules/python/stdlib/nntplib_no_timeout.py @@ -77,6 +77,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/nntplib_unverified_context.py b/precli/rules/python/stdlib/nntplib_unverified_context.py index d45788f2..df47c821 100644 --- a/precli/rules/python/stdlib/nntplib_unverified_context.py +++ b/precli/rules/python/stdlib/nntplib_unverified_context.py @@ -74,6 +74,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -82,7 +83,6 @@ from precli.i18n import _ from precli.rules import Rule - CONTEXT_FIX = "ssl.create_default_context()" diff --git a/precli/rules/python/stdlib/os_loose_file_perm.py b/precli/rules/python/stdlib/os_loose_file_perm.py index f9a769da..af41f109 100644 --- a/precli/rules/python/stdlib/os_loose_file_perm.py +++ b/precli/rules/python/stdlib/os_loose_file_perm.py @@ -90,6 +90,7 @@ _New in version 0.6.2_ """ # noqa: E501 + import stat from typing import Optional @@ -101,7 +102,6 @@ from precli.parsers.node_types import NodeTypes from precli.rules import Rule - DEFAULT_MODE = { "os.mkdir": 0o777, "os.open": 0o777, diff --git a/precli/rules/python/stdlib/os_setuid_root.py b/precli/rules/python/stdlib/os_setuid_root.py index 25d7af16..2f04d23b 100644 --- a/precli/rules/python/stdlib/os_setuid_root.py +++ b/precli/rules/python/stdlib/os_setuid_root.py @@ -71,6 +71,7 @@ _New in version 0.6.6_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/pathlib_loose_file_perm.py b/precli/rules/python/stdlib/pathlib_loose_file_perm.py index 9480c54b..6c94d5cb 100644 --- a/precli/rules/python/stdlib/pathlib_loose_file_perm.py +++ b/precli/rules/python/stdlib/pathlib_loose_file_perm.py @@ -90,6 +90,7 @@ _New in version 0.6.2_ """ # noqa: E501 + import stat from typing import Optional @@ -101,7 +102,6 @@ from precli.parsers.node_types import NodeTypes from precli.rules import Rule - DEFAULT_MODE = { "pathlib.Path.mkdir": 0o777, "pathlib.Path.touch": 0o666, diff --git a/precli/rules/python/stdlib/pickle_load.py b/precli/rules/python/stdlib/pickle_load.py index 74c49891..294aaa1f 100644 --- a/precli/rules/python/stdlib/pickle_load.py +++ b/precli/rules/python/stdlib/pickle_load.py @@ -65,6 +65,7 @@ def load_pickle_file(file_path): _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/poplib_cleartext.py b/precli/rules/python/stdlib/poplib_cleartext.py index 8d92fa8a..bdfc6a0b 100644 --- a/precli/rules/python/stdlib/poplib_cleartext.py +++ b/precli/rules/python/stdlib/poplib_cleartext.py @@ -71,6 +71,7 @@ _New in version 0.1.9_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/poplib_no_timeout.py b/precli/rules/python/stdlib/poplib_no_timeout.py index 81685e9a..9ad9dda7 100644 --- a/precli/rules/python/stdlib/poplib_no_timeout.py +++ b/precli/rules/python/stdlib/poplib_no_timeout.py @@ -77,6 +77,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/poplib_unverified_context.py b/precli/rules/python/stdlib/poplib_unverified_context.py index 0587eeff..72663e79 100644 --- a/precli/rules/python/stdlib/poplib_unverified_context.py +++ b/precli/rules/python/stdlib/poplib_unverified_context.py @@ -80,6 +80,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -88,7 +89,6 @@ from precli.i18n import _ from precli.rules import Rule - CONTEXT_FIX = "ssl.create_default_context()" diff --git a/precli/rules/python/stdlib/re_denial_of_service.py b/precli/rules/python/stdlib/re_denial_of_service.py index 2d91f0e9..707fd1da 100644 --- a/precli/rules/python/stdlib/re_denial_of_service.py +++ b/precli/rules/python/stdlib/re_denial_of_service.py @@ -67,6 +67,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core import redos diff --git a/precli/rules/python/stdlib/secrets_weak_token.py b/precli/rules/python/stdlib/secrets_weak_token.py index 2604a3bf..909a5190 100644 --- a/precli/rules/python/stdlib/secrets_weak_token.py +++ b/precli/rules/python/stdlib/secrets_weak_token.py @@ -63,6 +63,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/shelve_open.py b/precli/rules/python/stdlib/shelve_open.py index 1733bf78..16d54d7d 100644 --- a/precli/rules/python/stdlib/shelve_open.py +++ b/precli/rules/python/stdlib/shelve_open.py @@ -52,6 +52,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/smtplib_cleartext.py b/precli/rules/python/stdlib/smtplib_cleartext.py index 6714507c..b4df5164 100644 --- a/precli/rules/python/stdlib/smtplib_cleartext.py +++ b/precli/rules/python/stdlib/smtplib_cleartext.py @@ -107,6 +107,7 @@ def prompt(prompt): _New in version 0.1.9_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/smtplib_no_timeout.py b/precli/rules/python/stdlib/smtplib_no_timeout.py index 458ef3bc..a9a2035e 100644 --- a/precli/rules/python/stdlib/smtplib_no_timeout.py +++ b/precli/rules/python/stdlib/smtplib_no_timeout.py @@ -79,6 +79,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/smtplib_unverified_context.py b/precli/rules/python/stdlib/smtplib_unverified_context.py index 75cf24d6..5d2acb25 100644 --- a/precli/rules/python/stdlib/smtplib_unverified_context.py +++ b/precli/rules/python/stdlib/smtplib_unverified_context.py @@ -116,6 +116,7 @@ def prompt(prompt): _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call @@ -124,7 +125,6 @@ def prompt(prompt): from precli.i18n import _ from precli.rules import Rule - CONTEXT_FIX = "ssl.create_default_context()" diff --git a/precli/rules/python/stdlib/socket_no_timeout.py b/precli/rules/python/stdlib/socket_no_timeout.py index 829c24fd..6a5d62f5 100644 --- a/precli/rules/python/stdlib/socket_no_timeout.py +++ b/precli/rules/python/stdlib/socket_no_timeout.py @@ -74,6 +74,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/socket_unrestricted_bind.py b/precli/rules/python/stdlib/socket_unrestricted_bind.py index 4ccd9dc5..3730f1a6 100644 --- a/precli/rules/python/stdlib/socket_unrestricted_bind.py +++ b/precli/rules/python/stdlib/socket_unrestricted_bind.py @@ -70,6 +70,7 @@ _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -79,7 +80,6 @@ from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "::" diff --git a/precli/rules/python/stdlib/socketserver_unrestricted_bind.py b/precli/rules/python/stdlib/socketserver_unrestricted_bind.py index 2f49e1a5..3d19392e 100644 --- a/precli/rules/python/stdlib/socketserver_unrestricted_bind.py +++ b/precli/rules/python/stdlib/socketserver_unrestricted_bind.py @@ -88,6 +88,7 @@ def handle(self): _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -97,7 +98,6 @@ def handle(self): from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "::" diff --git a/precli/rules/python/stdlib/ssl_context_weak_key.py b/precli/rules/python/stdlib/ssl_context_weak_key.py index 99b28ece..438f22ec 100644 --- a/precli/rules/python/stdlib/ssl_context_weak_key.py +++ b/precli/rules/python/stdlib/ssl_context_weak_key.py @@ -68,6 +68,7 @@ _New in version 0.2.3_ """ # noqa: E501 + import re from typing import Optional diff --git a/precli/rules/python/stdlib/ssl_create_unverified_context.py b/precli/rules/python/stdlib/ssl_create_unverified_context.py index b23b31d7..82c902a6 100644 --- a/precli/rules/python/stdlib/ssl_create_unverified_context.py +++ b/precli/rules/python/stdlib/ssl_create_unverified_context.py @@ -62,6 +62,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/ssl_insecure_tls_version.py b/precli/rules/python/stdlib/ssl_insecure_tls_version.py index 9f5c3919..7f7c73de 100644 --- a/precli/rules/python/stdlib/ssl_insecure_tls_version.py +++ b/precli/rules/python/stdlib/ssl_insecure_tls_version.py @@ -75,6 +75,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.argument import Argument @@ -84,7 +85,6 @@ from precli.i18n import _ from precli.rules import Rule - INSECURE_VERSIONS = ( "ssl.PROTOCOL_SSLv2", "ssl.PROTOCOL_SSLv3", diff --git a/precli/rules/python/stdlib/ssl_no_timeout.py b/precli/rules/python/stdlib/ssl_no_timeout.py index aec7662d..5c0305aa 100644 --- a/precli/rules/python/stdlib/ssl_no_timeout.py +++ b/precli/rules/python/stdlib/ssl_no_timeout.py @@ -69,6 +69,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/telnetlib_cleartext.py b/precli/rules/python/stdlib/telnetlib_cleartext.py index 077c3e2e..9ab85c40 100644 --- a/precli/rules/python/stdlib/telnetlib_cleartext.py +++ b/precli/rules/python/stdlib/telnetlib_cleartext.py @@ -114,6 +114,7 @@ _New in version 0.1.0_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/telnetlib_no_timeout.py b/precli/rules/python/stdlib/telnetlib_no_timeout.py index 82287c8f..d2fd5c50 100644 --- a/precli/rules/python/stdlib/telnetlib_no_timeout.py +++ b/precli/rules/python/stdlib/telnetlib_no_timeout.py @@ -72,6 +72,7 @@ _New in version 0.6.7_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/tempfile_mktemp_race_condition.py b/precli/rules/python/stdlib/tempfile_mktemp_race_condition.py index d5494b9c..42ab444e 100644 --- a/precli/rules/python/stdlib/tempfile_mktemp_race_condition.py +++ b/precli/rules/python/stdlib/tempfile_mktemp_race_condition.py @@ -65,6 +65,7 @@ _New in version 0.1.9_ """ # noqa: E501 + from typing import Optional from precli.core.call import Call diff --git a/precli/rules/python/stdlib/xmlrpc_server_unrestricted_bind.py b/precli/rules/python/stdlib/xmlrpc_server_unrestricted_bind.py index 07344b8e..dd683a96 100644 --- a/precli/rules/python/stdlib/xmlrpc_server_unrestricted_bind.py +++ b/precli/rules/python/stdlib/xmlrpc_server_unrestricted_bind.py @@ -80,6 +80,7 @@ def run(server_class: DocXMLRPCServer): _New in version 0.3.14_ """ # noqa: E501 + from typing import Optional from precli.core import utils @@ -89,7 +90,6 @@ def run(server_class: DocXMLRPCServer): from precli.i18n import _ from precli.rules import Rule - INADDR_ANY = "0.0.0.0" IN6ADDR_ANY = "::" From 4b51f961670650dc2d570fbc6b02853456ded8e5 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 10 Mar 2026 21:35:40 -0700 Subject: [PATCH 35/35] remove shitty reorder imports Signed-off-by: Eric Brown --- .pre-commit-config.yaml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5a909167..c19ea287 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -11,12 +11,6 @@ repos: - id: end-of-file-fixer - id: trailing-whitespace -- repo: https://github.com/asottile/reorder_python_imports - rev: v3.16.0 - hooks: - - id: reorder-python-imports - args: [--application-directories, '.:src', --py38-plus] - - repo: https://github.com/psf/black-pre-commit-mirror rev: 26.3.0 hooks: