Skip to content

Commit 56a8c72

Browse files
fourjrfourjr
authored
Version 3.7.0!
v3.7.0 - More customisation options
2 parents aba9b71 + 9497f17 commit 56a8c72

24 files changed

+2119
-353
lines changed

.bandit_baseline.json

Lines changed: 104 additions & 66 deletions
Original file line numberDiff line numberDiff line change
@@ -1,32 +1,20 @@
11
{
22
"errors": [],
3-
"generated_at": "2019-10-07T08:19:22Z",
3+
"generated_at": "2020-11-12T15:17:38Z",
44
"metrics": {
55
"./bot.py": {
6-
"CONFIDENCE.HIGH": 0.0,
6+
"CONFIDENCE.HIGH": 1.0,
77
"CONFIDENCE.LOW": 0.0,
88
"CONFIDENCE.MEDIUM": 0.0,
99
"CONFIDENCE.UNDEFINED": 0.0,
1010
"SEVERITY.HIGH": 0.0,
11-
"SEVERITY.LOW": 0.0,
11+
"SEVERITY.LOW": 1.0,
1212
"SEVERITY.MEDIUM": 0.0,
1313
"SEVERITY.UNDEFINED": 0.0,
14-
"loc": 933,
15-
"nosec": 0
16-
},
17-
"_totals": {
18-
"CONFIDENCE.HIGH": 2.0,
19-
"CONFIDENCE.LOW": 0.0,
20-
"CONFIDENCE.MEDIUM": 1.0,
21-
"CONFIDENCE.UNDEFINED": 0.0,
22-
"SEVERITY.HIGH": 0.0,
23-
"SEVERITY.LOW": 2.0,
24-
"SEVERITY.MEDIUM": 1.0,
25-
"SEVERITY.UNDEFINED": 0.0,
26-
"loc": 7299,
14+
"loc": 1264,
2715
"nosec": 0
2816
},
29-
"cogs/modmail.py": {
17+
"./cogs/modmail.py": {
3018
"CONFIDENCE.HIGH": 0.0,
3119
"CONFIDENCE.LOW": 0.0,
3220
"CONFIDENCE.MEDIUM": 0.0,
@@ -35,10 +23,10 @@
3523
"SEVERITY.LOW": 0.0,
3624
"SEVERITY.MEDIUM": 0.0,
3725
"SEVERITY.UNDEFINED": 0.0,
38-
"loc": 973,
26+
"loc": 1280,
3927
"nosec": 0
4028
},
41-
"cogs/plugins.py": {
29+
"./cogs/plugins.py": {
4230
"CONFIDENCE.HIGH": 1.0,
4331
"CONFIDENCE.LOW": 0.0,
4432
"CONFIDENCE.MEDIUM": 0.0,
@@ -47,22 +35,22 @@
4735
"SEVERITY.LOW": 1.0,
4836
"SEVERITY.MEDIUM": 0.0,
4937
"SEVERITY.UNDEFINED": 0.0,
50-
"loc": 537,
38+
"loc": 572,
5139
"nosec": 0
5240
},
53-
"cogs/utility.py": {
54-
"CONFIDENCE.HIGH": 1.0,
41+
"./cogs/utility.py": {
42+
"CONFIDENCE.HIGH": 2.0,
5543
"CONFIDENCE.LOW": 0.0,
5644
"CONFIDENCE.MEDIUM": 0.0,
5745
"CONFIDENCE.UNDEFINED": 0.0,
5846
"SEVERITY.HIGH": 0.0,
59-
"SEVERITY.LOW": 0.0,
47+
"SEVERITY.LOW": 1.0,
6048
"SEVERITY.MEDIUM": 1.0,
6149
"SEVERITY.UNDEFINED": 0.0,
62-
"loc": 1587,
50+
"loc": 1710,
6351
"nosec": 0
6452
},
65-
"core/_color_data.py": {
53+
"./core/_color_data.py": {
6654
"CONFIDENCE.HIGH": 0.0,
6755
"CONFIDENCE.LOW": 0.0,
6856
"CONFIDENCE.MEDIUM": 0.0,
@@ -71,10 +59,10 @@
7159
"SEVERITY.LOW": 0.0,
7260
"SEVERITY.MEDIUM": 0.0,
7361
"SEVERITY.UNDEFINED": 0.0,
74-
"loc": 1168,
62+
"loc": 1166,
7563
"nosec": 0
7664
},
77-
"core/changelog.py": {
65+
"./core/changelog.py": {
7866
"CONFIDENCE.HIGH": 0.0,
7967
"CONFIDENCE.LOW": 0.0,
8068
"CONFIDENCE.MEDIUM": 0.0,
@@ -83,10 +71,10 @@
8371
"SEVERITY.LOW": 0.0,
8472
"SEVERITY.MEDIUM": 0.0,
8573
"SEVERITY.UNDEFINED": 0.0,
86-
"loc": 154,
74+
"loc": 145,
8775
"nosec": 0
8876
},
89-
"core/checks.py": {
77+
"./core/checks.py": {
9078
"CONFIDENCE.HIGH": 0.0,
9179
"CONFIDENCE.LOW": 0.0,
9280
"CONFIDENCE.MEDIUM": 0.0,
@@ -95,10 +83,22 @@
9583
"SEVERITY.LOW": 0.0,
9684
"SEVERITY.MEDIUM": 0.0,
9785
"SEVERITY.UNDEFINED": 0.0,
98-
"loc": 75,
86+
"loc": 89,
87+
"nosec": 0
88+
},
89+
"./core/clients.py": {
90+
"CONFIDENCE.HIGH": 0.0,
91+
"CONFIDENCE.LOW": 0.0,
92+
"CONFIDENCE.MEDIUM": 1.0,
93+
"CONFIDENCE.UNDEFINED": 0.0,
94+
"SEVERITY.HIGH": 0.0,
95+
"SEVERITY.LOW": 1.0,
96+
"SEVERITY.MEDIUM": 0.0,
97+
"SEVERITY.UNDEFINED": 0.0,
98+
"loc": 585,
9999
"nosec": 0
100100
},
101-
"core/clients.py": {
101+
"./core/config.py": {
102102
"CONFIDENCE.HIGH": 0.0,
103103
"CONFIDENCE.LOW": 0.0,
104104
"CONFIDENCE.MEDIUM": 0.0,
@@ -107,10 +107,10 @@
107107
"SEVERITY.LOW": 0.0,
108108
"SEVERITY.MEDIUM": 0.0,
109109
"SEVERITY.UNDEFINED": 0.0,
110-
"loc": 200,
110+
"loc": 327,
111111
"nosec": 0
112112
},
113-
"core/config.py": {
113+
"./core/decorators.py": {
114114
"CONFIDENCE.HIGH": 0.0,
115115
"CONFIDENCE.LOW": 0.0,
116116
"CONFIDENCE.MEDIUM": 0.0,
@@ -119,10 +119,10 @@
119119
"SEVERITY.LOW": 0.0,
120120
"SEVERITY.MEDIUM": 0.0,
121121
"SEVERITY.UNDEFINED": 0.0,
122-
"loc": 276,
122+
"loc": 9,
123123
"nosec": 0
124124
},
125-
"core/decorators.py": {
125+
"./core/models.py": {
126126
"CONFIDENCE.HIGH": 0.0,
127127
"CONFIDENCE.LOW": 0.0,
128128
"CONFIDENCE.MEDIUM": 0.0,
@@ -131,10 +131,10 @@
131131
"SEVERITY.LOW": 0.0,
132132
"SEVERITY.MEDIUM": 0.0,
133133
"SEVERITY.UNDEFINED": 0.0,
134-
"loc": 7,
134+
"loc": 199,
135135
"nosec": 0
136136
},
137-
"core/models.py": {
137+
"./core/paginator.py": {
138138
"CONFIDENCE.HIGH": 0.0,
139139
"CONFIDENCE.LOW": 0.0,
140140
"CONFIDENCE.MEDIUM": 0.0,
@@ -143,10 +143,10 @@
143143
"SEVERITY.LOW": 0.0,
144144
"SEVERITY.MEDIUM": 0.0,
145145
"SEVERITY.UNDEFINED": 0.0,
146-
"loc": 91,
146+
"loc": 209,
147147
"nosec": 0
148148
},
149-
"core/paginator.py": {
149+
"./core/thread.py": {
150150
"CONFIDENCE.HIGH": 0.0,
151151
"CONFIDENCE.LOW": 0.0,
152152
"CONFIDENCE.MEDIUM": 0.0,
@@ -155,10 +155,10 @@
155155
"SEVERITY.LOW": 0.0,
156156
"SEVERITY.MEDIUM": 0.0,
157157
"SEVERITY.UNDEFINED": 0.0,
158-
"loc": 214,
158+
"loc": 993,
159159
"nosec": 0
160160
},
161-
"core/thread.py": {
161+
"./core/time.py": {
162162
"CONFIDENCE.HIGH": 0.0,
163163
"CONFIDENCE.LOW": 0.0,
164164
"CONFIDENCE.MEDIUM": 0.0,
@@ -167,10 +167,10 @@
167167
"SEVERITY.LOW": 0.0,
168168
"SEVERITY.MEDIUM": 0.0,
169169
"SEVERITY.UNDEFINED": 0.0,
170-
"loc": 716,
170+
"loc": 158,
171171
"nosec": 0
172172
},
173-
"core/time.py": {
173+
"./core/utils.py": {
174174
"CONFIDENCE.HIGH": 0.0,
175175
"CONFIDENCE.LOW": 0.0,
176176
"CONFIDENCE.MEDIUM": 0.0,
@@ -179,65 +179,103 @@
179179
"SEVERITY.LOW": 0.0,
180180
"SEVERITY.MEDIUM": 0.0,
181181
"SEVERITY.UNDEFINED": 0.0,
182-
"loc": 169,
182+
"loc": 283,
183183
"nosec": 0
184184
},
185-
"core/utils.py": {
186-
"CONFIDENCE.HIGH": 0.0,
185+
"_totals": {
186+
"CONFIDENCE.HIGH": 4.0,
187187
"CONFIDENCE.LOW": 0.0,
188188
"CONFIDENCE.MEDIUM": 1.0,
189189
"CONFIDENCE.UNDEFINED": 0.0,
190190
"SEVERITY.HIGH": 0.0,
191-
"SEVERITY.LOW": 1.0,
192-
"SEVERITY.MEDIUM": 0.0,
191+
"SEVERITY.LOW": 4.0,
192+
"SEVERITY.MEDIUM": 1.0,
193193
"SEVERITY.UNDEFINED": 0.0,
194-
"loc": 199,
194+
"loc": 8989,
195195
"nosec": 0
196196
}
197197
},
198198
"results": [
199199
{
200-
"code": "14 from site import USER_SITE\n15 from subprocess import PIPE\n16 \n17 import discord\n",
201-
"filename": "cogs/plugins.py",
200+
"code": "11 from datetime import datetime\n12 from subprocess import PIPE\n13 from types import SimpleNamespace\n",
201+
"filename": "./bot.py",
202+
"issue_confidence": "HIGH",
203+
"issue_severity": "LOW",
204+
"issue_text": "Consider possible security implications associated with PIPE module.",
205+
"line_number": 12,
206+
"line_range": [
207+
12
208+
],
209+
"more_info": "https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess",
210+
"test_id": "B404",
211+
"test_name": "blacklist"
212+
},
213+
{
214+
"code": "13 from site import USER_SITE\n14 from subprocess import PIPE\n15 \n16 import discord\n",
215+
"filename": "./cogs/plugins.py",
216+
"issue_confidence": "HIGH",
217+
"issue_severity": "LOW",
218+
"issue_text": "Consider possible security implications associated with PIPE module.",
219+
"line_number": 14,
220+
"line_range": [
221+
14,
222+
15
223+
],
224+
"more_info": "https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess",
225+
"test_id": "B404",
226+
"test_name": "blacklist"
227+
},
228+
{
229+
"code": "12 from json import JSONDecodeError, loads\n13 from subprocess import PIPE\n14 from textwrap import indent\n",
230+
"filename": "./cogs/utility.py",
202231
"issue_confidence": "HIGH",
203232
"issue_severity": "LOW",
204233
"issue_text": "Consider possible security implications associated with PIPE module.",
205-
"line_number": 15,
234+
"line_number": 13,
206235
"line_range": [
207-
15,
208-
16
236+
13
209237
],
210238
"more_info": "https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess",
211239
"test_id": "B404",
212240
"test_name": "blacklist"
213241
},
214242
{
215-
"code": "1824 try:\n1825 exec(to_compile, env) # pylint: disable=exec-used\n1826 except Exception as exc:\n",
216-
"filename": "cogs/utility.py",
243+
"code": "1985 try:\n1986 exec(to_compile, env) # pylint: disable=exec-used\n1987 except Exception as exc:\n",
244+
"filename": "./cogs/utility.py",
217245
"issue_confidence": "HIGH",
218246
"issue_severity": "MEDIUM",
219247
"issue_text": "Use of exec detected.",
220-
"line_number": 1825,
248+
"line_number": 1986,
221249
"line_range": [
222-
1825
250+
1986
223251
],
224252
"more_info": "https://bandit.readthedocs.io/en/latest/plugins/b102_exec_used.html",
225253
"test_id": "B102",
226254
"test_name": "exec_used"
227255
},
228256
{
229-
"code": "219 for token in shlex.shlex(alias, punctuation_chars=\"&\"):\n220 if token != \"&&\":\n221 buffer += \" \" + token\n",
230-
"filename": "core/utils.py",
257+
"code": "68 \n69 def __init__(self, bot, access_token: str = \"\", username: str = \"\", **kwargs):\n70 self.bot = bot\n71 self.session = bot.session\n72 self.headers: dict = None\n73 self.access_token = access_token\n74 self.username = username\n75 self.avatar_url: str = kwargs.pop(\"avatar_url\", \"\")\n76 self.url: str = kwargs.pop(\"url\", \"\")\n77 if self.access_token:\n78 self.headers = {\"Authorization\": \"token \" + str(access_token)}\n79 \n80 async def request(\n",
258+
"filename": "./core/clients.py",
231259
"issue_confidence": "MEDIUM",
232260
"issue_severity": "LOW",
233-
"issue_text": "Possible hardcoded password: '&&'",
234-
"line_number": 220,
261+
"issue_text": "Possible hardcoded password: ''",
262+
"line_number": 69,
235263
"line_range": [
236-
220
264+
69,
265+
70,
266+
71,
267+
72,
268+
73,
269+
74,
270+
75,
271+
76,
272+
77,
273+
78,
274+
79
237275
],
238-
"more_info": "https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html",
239-
"test_id": "B105",
240-
"test_name": "hardcoded_password_string"
276+
"more_info": "https://bandit.readthedocs.io/en/latest/plugins/b107_hardcoded_password_default.html",
277+
"test_id": "B107",
278+
"test_name": "hardcoded_password_default"
241279
}
242280
]
243281
}

.github/workflows/lints.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -22,13 +22,13 @@ jobs:
2222
- name: Install dependencies
2323
run: |
2424
python -m pip install --upgrade pip
25-
python -m pip install bandit pylint black
25+
python -m pip install bandit==1.6.2 pylint black==19.10b0
2626
continue-on-error: true
2727
- name: Bandit syntax check
28-
run: bandit ./bot.py cogs/*.py core/*.py -b .bandit_baseline.json
28+
run: bandit -r . -b .bandit_baseline.json
2929
- name: Pylint
3030
run: pylint ./bot.py cogs/*.py core/*.py --disable=import-error --exit-zero -r y
3131
continue-on-error: true
32-
- name: Black and flake8
32+
- name: Black
3333
run: |
34-
black . --diff
34+
black . --diff --check

0 commit comments

Comments
 (0)