From 57fc3864cda747c049eabbf7eafd446f2db5401d Mon Sep 17 00:00:00 2001
From: Charlie Marsh <charlie.r.marsh@gmail.com>
Date: Wed, 18 Oct 2023 10:24:12 -0400
Subject: [PATCH] Remove Python 2-only methods from URLOpen audit

---
 .../test/fixtures/flake8_bandit/S310.py       |  32 ++---
 .../rules/suspicious_function_call.rs         |   9 +-
 ...s__flake8_bandit__tests__S310_S310.py.snap | 110 +++++++++---------
 3 files changed, 75 insertions(+), 76 deletions(-)

diff --git a/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S310.py b/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S310.py
index e4579254248385..c69c5a15d6a894 100644
--- a/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S310.py
+++ b/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S310.py
@@ -1,19 +1,19 @@
-import urllib
+import urllib.request
 
-urllib.urlopen(url='http://www.google.com')
-urllib.urlopen(url='http://www.google.com', **kwargs)
-urllib.urlopen('http://www.google.com')
-urllib.urlopen('file:///foo/bar/baz')
-urllib.urlopen(url)
+urllib.request.urlopen(url='http://www.google.com')
+urllib.request.urlopen(url='http://www.google.com', **kwargs)
+urllib.request.urlopen('http://www.google.com')
+urllib.request.urlopen('file:///foo/bar/baz')
+urllib.request.urlopen(url)
 
-urllib.Request(url='http://www.google.com', **kwargs)
-urllib.Request(url='http://www.google.com')
-urllib.Request('http://www.google.com')
-urllib.Request('file:///foo/bar/baz')
-urllib.Request(url)
+urllib.request.Request(url='http://www.google.com', **kwargs)
+urllib.request.Request(url='http://www.google.com')
+urllib.request.Request('http://www.google.com')
+urllib.request.Request('file:///foo/bar/baz')
+urllib.request.Request(url)
 
-urllib.URLopener().open(fullurl='http://www.google.com', **kwargs)
-urllib.URLopener().open(fullurl='http://www.google.com')
-urllib.URLopener().open('http://www.google.com')
-urllib.URLopener().open('file:///foo/bar/baz')
-urllib.URLopener().open(url)
+urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
+urllib.request.URLopener().open(fullurl='http://www.google.com')
+urllib.request.URLopener().open('http://www.google.com')
+urllib.request.URLopener().open('file:///foo/bar/baz')
+urllib.request.URLopener().open(url)
diff --git a/crates/ruff_linter/src/rules/flake8_bandit/rules/suspicious_function_call.rs b/crates/ruff_linter/src/rules/flake8_bandit/rules/suspicious_function_call.rs
index 1c2fc85b051452..e654a73f117e7c 100644
--- a/crates/ruff_linter/src/rules/flake8_bandit/rules/suspicious_function_call.rs
+++ b/crates/ruff_linter/src/rules/flake8_bandit/rules/suspicious_function_call.rs
@@ -849,10 +849,9 @@ pub(crate) fn suspicious_function_call(checker: &mut Checker, call: &ExprCall) {
             ["" | "builtins", "eval"] => Some(SuspiciousEvalUsage.into()),
             // MarkSafe
             ["django", "utils", "safestring", "mark_safe"] => Some(SuspiciousMarkSafeUsage.into()),
-            // URLOpen
-            ["urllib", "urlopen" | "urlretrieve" | "Request"] |
-            ["urllib", "request", "urlopen" | "urlretrieve"] |
-            ["six", "moves", "urllib", "request", "urlopen" | "urlretrieve"] => {
+            // URLOpen (`urlopen`, `urlretrieve`, `Request`)
+            ["urllib", "request", "urlopen" | "urlretrieve" | "Request"] |
+            ["six", "moves", "urllib", "request", "urlopen" | "urlretrieve" | "Request"] => {
                 // If the `url` argument is a string literal, allow `http` and `https` schemes.
                 if call.arguments.args.iter().all(|arg| !arg.is_starred_expr()) && call.arguments.keywords.iter().all(|keyword| !keyword.arg.is_none()) {
                     if let Some(url) = &call.arguments.find_argument("url", 0) {
@@ -866,7 +865,7 @@ pub(crate) fn suspicious_function_call(checker: &mut Checker, call: &ExprCall) {
                 }
                 Some(SuspiciousURLOpenUsage.into())
             },
-            ["urllib", "URLopener" | "FancyURLopener"] |
+            // URLOpen (`URLopener`, `FancyURLopener`)
             ["urllib", "request", "URLopener" | "FancyURLopener"] |
             ["six", "moves", "urllib", "request", "URLopener" | "FancyURLopener"] => Some(SuspiciousURLOpenUsage.into()),
             // NonCryptographicRandom
diff --git a/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S310_S310.py.snap b/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S310_S310.py.snap
index 5af774e47677ab..ddf363cb4b6087 100644
--- a/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S310_S310.py.snap
+++ b/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S310_S310.py.snap
@@ -3,105 +3,105 @@ source: crates/ruff_linter/src/rules/flake8_bandit/mod.rs
 ---
 S310.py:4:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
   |
-3 | urllib.urlopen(url='http://www.google.com')
-4 | urllib.urlopen(url='http://www.google.com', **kwargs)
-  | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
-5 | urllib.urlopen('http://www.google.com')
-6 | urllib.urlopen('file:///foo/bar/baz')
+3 | urllib.request.urlopen(url='http://www.google.com')
+4 | urllib.request.urlopen(url='http://www.google.com', **kwargs)
+  | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
+5 | urllib.request.urlopen('http://www.google.com')
+6 | urllib.request.urlopen('file:///foo/bar/baz')
   |
 
 S310.py:6:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
   |
-4 | urllib.urlopen(url='http://www.google.com', **kwargs)
-5 | urllib.urlopen('http://www.google.com')
-6 | urllib.urlopen('file:///foo/bar/baz')
-  | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
-7 | urllib.urlopen(url)
+4 | urllib.request.urlopen(url='http://www.google.com', **kwargs)
+5 | urllib.request.urlopen('http://www.google.com')
+6 | urllib.request.urlopen('file:///foo/bar/baz')
+  | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
+7 | urllib.request.urlopen(url)
   |
 
 S310.py:7:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
   |
-5 | urllib.urlopen('http://www.google.com')
-6 | urllib.urlopen('file:///foo/bar/baz')
-7 | urllib.urlopen(url)
-  | ^^^^^^^^^^^^^^^^^^^ S310
+5 | urllib.request.urlopen('http://www.google.com')
+6 | urllib.request.urlopen('file:///foo/bar/baz')
+7 | urllib.request.urlopen(url)
+  | ^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
 8 | 
-9 | urllib.Request(url='http://www.google.com', **kwargs)
+9 | urllib.request.Request(url='http://www.google.com', **kwargs)
   |
 
 S310.py:9:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
    |
- 7 | urllib.urlopen(url)
+ 7 | urllib.request.urlopen(url)
  8 | 
- 9 | urllib.Request(url='http://www.google.com', **kwargs)
-   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
-10 | urllib.Request(url='http://www.google.com')
-11 | urllib.Request('http://www.google.com')
+ 9 | urllib.request.Request(url='http://www.google.com', **kwargs)
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
+10 | urllib.request.Request(url='http://www.google.com')
+11 | urllib.request.Request('http://www.google.com')
    |
 
 S310.py:12:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
    |
-10 | urllib.Request(url='http://www.google.com')
-11 | urllib.Request('http://www.google.com')
-12 | urllib.Request('file:///foo/bar/baz')
-   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
-13 | urllib.Request(url)
+10 | urllib.request.Request(url='http://www.google.com')
+11 | urllib.request.Request('http://www.google.com')
+12 | urllib.request.Request('file:///foo/bar/baz')
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
+13 | urllib.request.Request(url)
    |
 
 S310.py:13:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
    |
-11 | urllib.Request('http://www.google.com')
-12 | urllib.Request('file:///foo/bar/baz')
-13 | urllib.Request(url)
-   | ^^^^^^^^^^^^^^^^^^^ S310
+11 | urllib.request.Request('http://www.google.com')
+12 | urllib.request.Request('file:///foo/bar/baz')
+13 | urllib.request.Request(url)
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
 14 | 
-15 | urllib.URLopener().open(fullurl='http://www.google.com', **kwargs)
+15 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
    |
 
 S310.py:15:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
    |
-13 | urllib.Request(url)
+13 | urllib.request.Request(url)
 14 | 
-15 | urllib.URLopener().open(fullurl='http://www.google.com', **kwargs)
-   | ^^^^^^^^^^^^^^^^^^ S310
-16 | urllib.URLopener().open(fullurl='http://www.google.com')
-17 | urllib.URLopener().open('http://www.google.com')
+15 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
+16 | urllib.request.URLopener().open(fullurl='http://www.google.com')
+17 | urllib.request.URLopener().open('http://www.google.com')
    |
 
 S310.py:16:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
    |
-15 | urllib.URLopener().open(fullurl='http://www.google.com', **kwargs)
-16 | urllib.URLopener().open(fullurl='http://www.google.com')
-   | ^^^^^^^^^^^^^^^^^^ S310
-17 | urllib.URLopener().open('http://www.google.com')
-18 | urllib.URLopener().open('file:///foo/bar/baz')
+15 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
+16 | urllib.request.URLopener().open(fullurl='http://www.google.com')
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
+17 | urllib.request.URLopener().open('http://www.google.com')
+18 | urllib.request.URLopener().open('file:///foo/bar/baz')
    |
 
 S310.py:17:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
    |
-15 | urllib.URLopener().open(fullurl='http://www.google.com', **kwargs)
-16 | urllib.URLopener().open(fullurl='http://www.google.com')
-17 | urllib.URLopener().open('http://www.google.com')
-   | ^^^^^^^^^^^^^^^^^^ S310
-18 | urllib.URLopener().open('file:///foo/bar/baz')
-19 | urllib.URLopener().open(url)
+15 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
+16 | urllib.request.URLopener().open(fullurl='http://www.google.com')
+17 | urllib.request.URLopener().open('http://www.google.com')
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
+18 | urllib.request.URLopener().open('file:///foo/bar/baz')
+19 | urllib.request.URLopener().open(url)
    |
 
 S310.py:18:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
    |
-16 | urllib.URLopener().open(fullurl='http://www.google.com')
-17 | urllib.URLopener().open('http://www.google.com')
-18 | urllib.URLopener().open('file:///foo/bar/baz')
-   | ^^^^^^^^^^^^^^^^^^ S310
-19 | urllib.URLopener().open(url)
+16 | urllib.request.URLopener().open(fullurl='http://www.google.com')
+17 | urllib.request.URLopener().open('http://www.google.com')
+18 | urllib.request.URLopener().open('file:///foo/bar/baz')
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
+19 | urllib.request.URLopener().open(url)
    |
 
 S310.py:19:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
    |
-17 | urllib.URLopener().open('http://www.google.com')
-18 | urllib.URLopener().open('file:///foo/bar/baz')
-19 | urllib.URLopener().open(url)
-   | ^^^^^^^^^^^^^^^^^^ S310
+17 | urllib.request.URLopener().open('http://www.google.com')
+18 | urllib.request.URLopener().open('file:///foo/bar/baz')
+19 | urllib.request.URLopener().open(url)
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
    |