Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove blacklist call to input() #662

Merged
merged 1 commit into from Dec 9, 2020
Merged

Remove blacklist call to input() #662

merged 1 commit into from Dec 9, 2020

Conversation

ericwb
Copy link
Member

@ericwb ericwb commented Dec 9, 2020

Now that bandit 1.6.3 is Python 3.x only, there is no longer a
need to check for a Python 2.x security issue. Namely, input()
is considered safe in Python 3.x.

Fixes #596

Signed-off-by: Eric Brown browne@vmware.com

@ericwb ericwb added this to the Release 1.6.4 milestone Dec 9, 2020
@ericwb
Remove blacklist call to input()
82ea344 
Now that bandit 1.6.3 is Python 3.x only, there is no longer a
need to check for a Python 2.x security issue. Namely, input()
is considered safe in Python 3.x.

Fixes #596

Signed-off-by: Eric Brown <browne@vmware.com>
lukehinds
lukehinds approved these changes Dec 9, 2020
View reviewed changes
Copy link
Member

@lukehinds lukehinds left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@lukehinds lukehinds merged commit 8295ded into PyCQA:master Dec 9, 2020
@ericwb ericwb modified the milestones: Release 1.6.4, Release 1.7.0 Dec 13, 2020
@bobwhitelock
Copy link

Not a big issue, but just to note: this change is backwards incompatible, we were running bandit -s B322 in our CI, and when we switched to the latest bandit this started failing with an error like this: [main] ERROR Unknown test found in profile: B322. Easily fixed once we found this issue, just thought I'd mention it in case this was unintentional and since this could impact other projects.

m-vdb added a commit to RasaHQ/rasa that referenced this pull request Dec 17, 2020
@m-vdb
remove B322 from bandit blacklist
53cc269 
(cf. PyCQA/bandit#662)
@ericwb ericwb mentioned this pull request Dec 20, 2020
Closed
@ML-Chen ML-Chen mentioned this pull request Jan 14, 2021
Closed
@kysrpex kysrpex mentioned this pull request Feb 17, 2021
Closed
kysrpex added a commit to simphony/simphony-osp that referenced this pull request Feb 18, 2021
@kysrpex
The test B322 was designed for Python 2 and Bandit dropped support fo…
fea58e4 
…r it, therefore it no longer exists. See Bandit issue PyCQA/bandit#662 .
@kysrpex kysrpex mentioned this pull request Feb 18, 2021
Merged
@ericwb ericwb deleted the input branch June 29, 2021 03:13
mikespallino pushed a commit to mikespallino/bandit that referenced this pull request Aug 25, 2021
@ericwb @mikespallino
Remove blacklist call to input() (PyCQA#662)
a450e9e 
Now that bandit 1.6.3 is Python 3.x only, there is no longer a
need to check for a Python 2.x security issue. Namely, input()
is considered safe in Python 3.x.

Fixes PyCQA#596

Signed-off-by: Eric Brown <browne@vmware.com>
mikespallino pushed a commit to mikespallino/bandit that referenced this pull request Jan 7, 2022
@ericwb @mikespallino
Remove blacklist call to input() (PyCQA#662)
5cbf7f3 
Now that bandit 1.6.3 is Python 3.x only, there is no longer a
need to check for a Python 2.x security issue. Namely, input()
is considered safe in Python 3.x.

Fixes PyCQA#596

Signed-off-by: Eric Brown <browne@vmware.com>
@renovate renovate bot mentioned this pull request Mar 7, 2022
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukehinds lukehinds lukehinds approved these changes

@sigmavirus24 sigmavirus24 Awaiting requested review from sigmavirus24

@ghugo ghugo Awaiting requested review from ghugo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Release 1.7.0
Development

Successfully merging this pull request may close these issues.

input() should not be detected as an issue in Python 3
3 participants
@ericwb @bobwhitelock @lukehinds