-
-
Notifications
You must be signed in to change notification settings - Fork 585
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add new plugin to check use of pyghmi #795
Conversation
This patch set adds a new bandit plugin to check the use of pyghmi. Signed-off-by: Tin Lam <tin@irrational.io>
Signed-off-by: Tin Lam <tin@irrational.io>
This patch set adds a new bandit plugin to check the use of the pyghmi library, as the IPMI is known to be an insecured protocol. Closes: PyCQA#356 Signed-off-by: Tin Lam <tin@irrational.io>
if context.is_module_imported_like(module): | ||
return bandit.Issue( | ||
severity=bandit.MEDIUM, | ||
confidence=bandit.MEDIUM, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there no CWE for this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I resurrected this old commit from @stannum-l as a way to get the issue resolved. Yep, it'll need further work.
@@ -224,6 +224,7 @@ Usage:: | |||
B412 import_httpoxy | |||
B413 import_pycrypto | |||
B414 import_pycryptodome | |||
B415 pyghmi |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
B415 pyghmi |
Created a better PR in #803 |
This patch set adds a new bandit plugin to check the use of pyghmi.
Closes #356
Signed-off-by: Tin Lam tin@irrational.io