diff --git a/precli/core/result.py b/precli/core/result.py index 570f15cb..b09081d9 100644 --- a/precli/core/result.py +++ b/precli/core/result.py @@ -39,7 +39,8 @@ def rule_id(self) -> str: """ The ID of the rule. - The IDs match PREXXXX where XXXX is a unique number. + The IDs match ??XXX where ?? is language identifier and XXX is a + unique number. :return: rule ID :rtype: str diff --git a/precli/parsers/python.py b/precli/parsers/python.py index 0363761f..d4f9564c 100644 --- a/precli/parsers/python.py +++ b/precli/parsers/python.py @@ -19,7 +19,7 @@ Import = namedtuple("Import", "module alias") SUPPRESS_COMMENT = re.compile(r"# suppress:? (?P[^#]+)?#?") -SUPPRESSED_RULES = re.compile(r"(?:(PRE\d\d\d\d|[a-z_]+),?)+") +SUPPRESSED_RULES = re.compile(r"(?:(PY\d\d\d|[a-z_]+),?)+") class Python(Parser): diff --git a/precli/rules/go/golang_org_x_crypto_ssh/ssh_insecure_ignore_hostkey.py b/precli/rules/go/golang_org_x_crypto_ssh/ssh_insecure_ignore_hostkey.py index b114495d..128c6cff 100644 --- a/precli/rules/go/golang_org_x_crypto_ssh/ssh_insecure_ignore_hostkey.py +++ b/precli/rules/go/golang_org_x_crypto_ssh/ssh_insecure_ignore_hostkey.py @@ -129,7 +129,7 @@ .. seealso:: - - `Improper Hostkey Validation Using SSH `_ + - `Improper Hostkey Validation Using SSH `_ - `ssh package - golang.org_x_crypto_ssh - Go Packages `_ - `CWE-295: Improper Certificate Validation `_ diff --git a/precli/rules/python/M2Crypto/m2crypto_weak_key.py b/precli/rules/python/M2Crypto/m2crypto_weak_key.py index df22e672..e354a194 100644 --- a/precli/rules/python/M2Crypto/m2crypto_weak_key.py +++ b/precli/rules/python/M2Crypto/m2crypto_weak_key.py @@ -74,7 +74,7 @@ .. seealso:: - - `Inadequate Encryption Strength Using Weak Keys in M2Crypto Module `_ + - `Inadequate Encryption Strength Using Weak Keys in M2Crypto Module `_ - `m2crypto _ m2crypto · GitLab `_ - `CWE-326: Inadequate Encryption Strength `_ diff --git a/precli/rules/python/PyYAML/yaml_load.py b/precli/rules/python/PyYAML/yaml_load.py index b97e6e2f..25c532db 100644 --- a/precli/rules/python/PyYAML/yaml_load.py +++ b/precli/rules/python/PyYAML/yaml_load.py @@ -44,7 +44,7 @@ .. seealso:: - - `Deserialization of Untrusted Data in the PyYAML Module `_ + - `Deserialization of Untrusted Data in the PyYAML Module `_ - `PyYAML Documentation `_ - `CWE-502: Deserialization of Untrusted Data `_ diff --git a/precli/rules/python/aiohttp/no_certificate_verify.py b/precli/rules/python/aiohttp/no_certificate_verify.py index bd802b54..3cc1cf8b 100644 --- a/precli/rules/python/aiohttp/no_certificate_verify.py +++ b/precli/rules/python/aiohttp/no_certificate_verify.py @@ -49,7 +49,7 @@ .. seealso:: - - `Improper Certificate Validation Using Requests Module `_ + - `Improper Certificate Validation Using Requests Module `_ - `Advanced Client Usage — aiohttp documentation `_ - `CWE-295: Improper Certificate Validation `_ diff --git a/precli/rules/python/cryptography/cryptography_weak_cipher.py b/precli/rules/python/cryptography/cryptography_weak_cipher.py index a670bee7..eb7f4785 100644 --- a/precli/rules/python/cryptography/cryptography_weak_cipher.py +++ b/precli/rules/python/cryptography/cryptography_weak_cipher.py @@ -107,7 +107,7 @@ .. seealso:: - - `Use of a Broken or Risky Cryptographic Algorithm in Cryptography Module `_ + - `Use of a Broken or Risky Cryptographic Algorithm in Cryptography Module `_ - `Symmetric encryption — Cryptography documentation `_ - `CWE-327: Use of a Broken or Risky Cryptographic Algorithm `_ diff --git a/precli/rules/python/cryptography/cryptography_weak_cipher_mode.py b/precli/rules/python/cryptography/cryptography_weak_cipher_mode.py index 85cd56a4..5b33bb99 100644 --- a/precli/rules/python/cryptography/cryptography_weak_cipher_mode.py +++ b/precli/rules/python/cryptography/cryptography_weak_cipher_mode.py @@ -77,7 +77,7 @@ .. seealso:: - - `Use of a Risky Cryptographic Cipher Mode in Cryptography Module `_ + - `Use of a Risky Cryptographic Cipher Mode in Cryptography Module `_ - `Symmetric encryption — Cryptography documentation `_ - `CWE-327: Use of a Broken or Risky Cryptographic Algorithm `_ diff --git a/precli/rules/python/cryptography/cryptography_weak_hash.py b/precli/rules/python/cryptography/cryptography_weak_hash.py index df395167..20d36c66 100644 --- a/precli/rules/python/cryptography/cryptography_weak_hash.py +++ b/precli/rules/python/cryptography/cryptography_weak_hash.py @@ -48,7 +48,7 @@ .. seealso:: - - `Reversible One Way Hash in Cryptography Module `_ + - `Reversible One Way Hash in Cryptography Module `_ - `Message digests (Hashing) — Cryptography `_ - `CWE-328: Use of Weak Hash `_ - `NIST Policy on Hash Functions `_ diff --git a/precli/rules/python/cryptography/cryptography_weak_key.py b/precli/rules/python/cryptography/cryptography_weak_key.py index 23d3ead5..eb0854f1 100644 --- a/precli/rules/python/cryptography/cryptography_weak_key.py +++ b/precli/rules/python/cryptography/cryptography_weak_key.py @@ -74,7 +74,7 @@ .. seealso:: - - `Inadequate Encryption Strength Using Weak Keys in Cryptography Module `_ + - `Inadequate Encryption Strength Using Weak Keys in Cryptography Module `_ - `Asymmetric algorithms — Cryptography documentation `_ - `CWE-326: Inadequate Encryption Strength `_ diff --git a/precli/rules/python/dill/dill_load.py b/precli/rules/python/dill/dill_load.py index 1f3f3cec..d0218ae1 100644 --- a/precli/rules/python/dill/dill_load.py +++ b/precli/rules/python/dill/dill_load.py @@ -33,7 +33,7 @@ .. seealso:: - - `Deserialization of Untrusted Data in the Dill Module `_ + - `Deserialization of Untrusted Data in the Dill Module `_ - `dill package documentation `_ - `CWE-502: Deserialization of Untrusted Data `_ diff --git a/precli/rules/python/httpx/no_certificate_verify.py b/precli/rules/python/httpx/no_certificate_verify.py index 21ad98b8..df6f116b 100644 --- a/precli/rules/python/httpx/no_certificate_verify.py +++ b/precli/rules/python/httpx/no_certificate_verify.py @@ -45,7 +45,7 @@ .. seealso:: - - `Improper Certificate Validation Using Httpx Module `_ + - `Improper Certificate Validation Using Httpx Module `_ - `HTTPX `_ - `CWE-295: Improper Certificate Validation `_ diff --git a/precli/rules/python/jsonpickle/jsonpickle_decode.py b/precli/rules/python/jsonpickle/jsonpickle_decode.py index 4543ba14..c21dd925 100644 --- a/precli/rules/python/jsonpickle/jsonpickle_decode.py +++ b/precli/rules/python/jsonpickle/jsonpickle_decode.py @@ -34,7 +34,7 @@ .. seealso:: - - `Deserialization of Untrusted Data in JsonPickle Module `_ + - `Deserialization of Untrusted Data in JsonPickle Module `_ - `jsonpickle Documentation `_ - `CWE-502: Deserialization of Untrusted Data `_ - `pickle — Python object serialization `_ diff --git a/precli/rules/python/pandas/pandas_read_pickle.py b/precli/rules/python/pandas/pandas_read_pickle.py index 48bc6f19..4a30137d 100644 --- a/precli/rules/python/pandas/pandas_read_pickle.py +++ b/precli/rules/python/pandas/pandas_read_pickle.py @@ -45,7 +45,7 @@ .. seealso:: - - `Deserialization of Untrusted Data in Pandas Module `_ + - `Deserialization of Untrusted Data in Pandas Module `_ - `Input_output — pandas `_ - `CWE-502: Deserialization of Untrusted Data `_ - `pickle — Python object serialization `_ diff --git a/precli/rules/python/paramiko/paramiko_no_host_key_verify.py b/precli/rules/python/paramiko/paramiko_no_host_key_verify.py index 18d2e0f9..21620a3f 100644 --- a/precli/rules/python/paramiko/paramiko_no_host_key_verify.py +++ b/precli/rules/python/paramiko/paramiko_no_host_key_verify.py @@ -48,7 +48,7 @@ .. seealso:: - - `Improper Certificate Validation Using Paramiko Module `_ + - `Improper Certificate Validation Using Paramiko Module `_ - `Paramiko’s documentation `_ - `CWE-295: Improper Certificate Validation `_ diff --git a/precli/rules/python/pycrypto/pycrypto_weak_cipher.py b/precli/rules/python/pycrypto/pycrypto_weak_cipher.py index 57876a3c..1e30ee1b 100644 --- a/precli/rules/python/pycrypto/pycrypto_weak_cipher.py +++ b/precli/rules/python/pycrypto/pycrypto_weak_cipher.py @@ -103,7 +103,7 @@ .. seealso:: - - `Use of a Broken or Risky Cryptographic Algorithm in PyCrypto Module `_ + - `Use of a Broken or Risky Cryptographic Algorithm in PyCrypto Module `_ - `PyCrypto - The Python Cryptography Toolkit `_ - `CWE-327: Use of a Broken or Risky Cryptographic Algorithm `_ diff --git a/precli/rules/python/pycrypto/pycrypto_weak_hash.py b/precli/rules/python/pycrypto/pycrypto_weak_hash.py index 4490df34..706f046a 100644 --- a/precli/rules/python/pycrypto/pycrypto_weak_hash.py +++ b/precli/rules/python/pycrypto/pycrypto_weak_hash.py @@ -63,7 +63,7 @@ .. seealso:: - - `Reversible One Way Hash in PyCrypto Module `_ + - `Reversible One Way Hash in PyCrypto Module `_ - `PyCrypto - The Python Cryptography Toolkit `_ - `CWE-328: Use of Weak Hash `_ - `NIST Policy on Hash Functions `_ diff --git a/precli/rules/python/pycrypto/pycrypto_weak_key.py b/precli/rules/python/pycrypto/pycrypto_weak_key.py index 48c0238c..5eb305a9 100644 --- a/precli/rules/python/pycrypto/pycrypto_weak_key.py +++ b/precli/rules/python/pycrypto/pycrypto_weak_key.py @@ -62,7 +62,7 @@ .. seealso:: - - `Inadequate Encryption Strength Using Weak Keys in PyCrypto Module `_ + - `Inadequate Encryption Strength Using Weak Keys in PyCrypto Module `_ - `PyCrypto - The Python Cryptography Toolkit `_ - `CWE-326: Inadequate Encryption Strength `_ diff --git a/precli/rules/python/pycryptodomex/pycryptodomex_weak_cipher.py b/precli/rules/python/pycryptodomex/pycryptodomex_weak_cipher.py index 62e2a042..a19cee9b 100644 --- a/precli/rules/python/pycryptodomex/pycryptodomex_weak_cipher.py +++ b/precli/rules/python/pycryptodomex/pycryptodomex_weak_cipher.py @@ -103,7 +103,7 @@ .. seealso:: - - `Use of a Broken or Risky Cryptographic Algorithm in PyCrypto Module `_ + - `Use of a Broken or Risky Cryptographic Algorithm in PyCrypto Module `_ - `PyCryptodome `_ - `CWE-327: Use of a Broken or Risky Cryptographic Algorithm `_ diff --git a/precli/rules/python/pycryptodomex/pycryptodomex_weak_hash.py b/precli/rules/python/pycryptodomex/pycryptodomex_weak_hash.py index 46a41f22..069fb668 100644 --- a/precli/rules/python/pycryptodomex/pycryptodomex_weak_hash.py +++ b/precli/rules/python/pycryptodomex/pycryptodomex_weak_hash.py @@ -63,7 +63,7 @@ .. seealso:: - - `Reversible One Way Hash in PyCryptodomex Module `_ + - `Reversible One Way Hash in PyCryptodomex Module `_ - `PyCryptodome `_ - `CWE-328: Use of Weak Hash `_ - `NIST Policy on Hash Functions `_ diff --git a/precli/rules/python/pycryptodomex/pycryptodomex_weak_key.py b/precli/rules/python/pycryptodomex/pycryptodomex_weak_key.py index 02c1a698..7f2a530c 100644 --- a/precli/rules/python/pycryptodomex/pycryptodomex_weak_key.py +++ b/precli/rules/python/pycryptodomex/pycryptodomex_weak_key.py @@ -62,7 +62,7 @@ .. seealso:: - - `Inadequate Encryption Strength Using Weak Keys in PyCrypto Module `_ + - `Inadequate Encryption Strength Using Weak Keys in PyCrypto Module `_ - `PyCryptodome `_ - `CWE-326: Inadequate Encryption Strength `_ diff --git a/precli/rules/python/pyghmi/pyghmi_cleartext.py b/precli/rules/python/pyghmi/pyghmi_cleartext.py index 6d38b8c9..c9a76f34 100644 --- a/precli/rules/python/pyghmi/pyghmi_cleartext.py +++ b/precli/rules/python/pyghmi/pyghmi_cleartext.py @@ -87,7 +87,7 @@ .. seealso:: - - `Cleartext Transmission of Sensitive Information in the Pyghmi Module `_ + - `Cleartext Transmission of Sensitive Information in the Pyghmi Module `_ - `Documentation — pyghmi documentation `_ - `CWE-319: Cleartext Transmission of Sensitive Information `_ - `Risks of Using the Intelligent Platform Management Interface (IPMI) CISA `_ diff --git a/precli/rules/python/pyopenssl/insecure_tls_method.py b/precli/rules/python/pyopenssl/insecure_tls_method.py index 0e5652a0..5cbd2595 100644 --- a/precli/rules/python/pyopenssl/insecure_tls_method.py +++ b/precli/rules/python/pyopenssl/insecure_tls_method.py @@ -54,7 +54,7 @@ .. seealso:: - - `Inadequate Encryption Strength Using Weak SSL Protocols `_ + - `Inadequate Encryption Strength Using Weak SSL Protocols `_ - `pyOpenSSL’s documentation `_ - `CWE-326: Inadequate Encryption Strength `_ diff --git a/precli/rules/python/pyopenssl/pyopenssl_weak_key.py b/precli/rules/python/pyopenssl/pyopenssl_weak_key.py index b0ce81ce..c4df09d7 100644 --- a/precli/rules/python/pyopenssl/pyopenssl_weak_key.py +++ b/precli/rules/python/pyopenssl/pyopenssl_weak_key.py @@ -62,7 +62,7 @@ .. seealso:: - - `Inadequate Encryption Strength Using Weak Keys in PyOpenSSL Module `_ + - `Inadequate Encryption Strength Using Weak Keys in PyOpenSSL Module `_ - `crypto — Generic cryptographic module — pyOpenSSL documentation `_ - `CWE-326: Inadequate Encryption Strength `_ diff --git a/precli/rules/python/requests/no_certificate_verify.py b/precli/rules/python/requests/no_certificate_verify.py index ef217115..f4152784 100644 --- a/precli/rules/python/requests/no_certificate_verify.py +++ b/precli/rules/python/requests/no_certificate_verify.py @@ -45,7 +45,7 @@ .. seealso:: - - `Improper Certificate Validation Using Requests Module `_ + - `Improper Certificate Validation Using Requests Module `_ - `Requests HTTP for Humans™ `_ - `CWE-295: Improper Certificate Validation `_ diff --git a/precli/rules/python/stdlib/crypt/crypt_weak_hash.py b/precli/rules/python/stdlib/crypt/crypt_weak_hash.py index 897727e9..7fa038f8 100644 --- a/precli/rules/python/stdlib/crypt/crypt_weak_hash.py +++ b/precli/rules/python/stdlib/crypt/crypt_weak_hash.py @@ -89,7 +89,7 @@ .. seealso:: - - `Reversible One Way Hash in Crypt Module `_ + - `Reversible One Way Hash in Crypt Module `_ - `crypt — Function to check Unix passwords `_ - `CWE-328: Use of Weak Hash `_ - `NIST Policy on Hash Functions `_ diff --git a/precli/rules/python/stdlib/ftplib/ftp_cleartext.py b/precli/rules/python/stdlib/ftplib/ftp_cleartext.py index a7eb8b9b..3db7abe0 100644 --- a/precli/rules/python/stdlib/ftplib/ftp_cleartext.py +++ b/precli/rules/python/stdlib/ftplib/ftp_cleartext.py @@ -75,7 +75,7 @@ .. seealso:: - - `Cleartext Transmission of Sensitive Information in the Ftplib Module `_ + - `Cleartext Transmission of Sensitive Information in the Ftplib Module `_ - `ftplib — FTP protocol client `_ - `CWE-319: Cleartext Transmission of Sensitive Information `_ - https://www.paramiko.org/ diff --git a/precli/rules/python/stdlib/hashlib/hashlib_weak_hash.py b/precli/rules/python/stdlib/hashlib/hashlib_weak_hash.py index 591a2859..545d3bba 100644 --- a/precli/rules/python/stdlib/hashlib/hashlib_weak_hash.py +++ b/precli/rules/python/stdlib/hashlib/hashlib_weak_hash.py @@ -75,7 +75,7 @@ .. seealso:: - - `Reversible One Way Hash in Hashlib Module `_ + - `Reversible One Way Hash in Hashlib Module `_ - `hashlib — Secure hashes and message digests `_ - `CWE-328: Use of Weak Hash `_ - `NIST Policy on Hash Functions `_ diff --git a/precli/rules/python/stdlib/hmac/hmac_timing_attack.py b/precli/rules/python/stdlib/hmac/hmac_timing_attack.py index c8ad4899..3802e041 100644 --- a/precli/rules/python/stdlib/hmac/hmac_timing_attack.py +++ b/precli/rules/python/stdlib/hmac/hmac_timing_attack.py @@ -72,7 +72,7 @@ .. seealso:: - - `Observable Timing Discrepancy in Hmac Module `_ + - `Observable Timing Discrepancy in Hmac Module `_ - `hmac — Keyed-Hashing for Message Authentication `_ - `CWE-208: Observable Timing Discrepancy `_ diff --git a/precli/rules/python/stdlib/hmac/hmac_weak_hash.py b/precli/rules/python/stdlib/hmac/hmac_weak_hash.py index d8565173..23ea9e4b 100644 --- a/precli/rules/python/stdlib/hmac/hmac_weak_hash.py +++ b/precli/rules/python/stdlib/hmac/hmac_weak_hash.py @@ -67,7 +67,7 @@ .. seealso:: - - `Reversible One Way Hash in Hmac Module `_ + - `Reversible One Way Hash in Hmac Module `_ - `hmac — Keyed-Hashing for Message Authentication `_ - `CWE-328: Use of Weak Hash `_ - `NIST Policy on Hash Functions `_ diff --git a/precli/rules/python/stdlib/imaplib/imap_cleartext.py b/precli/rules/python/stdlib/imaplib/imap_cleartext.py index 1a5f0ea1..119e7a5f 100644 --- a/precli/rules/python/stdlib/imaplib/imap_cleartext.py +++ b/precli/rules/python/stdlib/imaplib/imap_cleartext.py @@ -63,7 +63,7 @@ .. seealso:: - - `Cleartext Transmission of Sensitive Information in the Imaplib Module `_ + - `Cleartext Transmission of Sensitive Information in the Imaplib Module `_ - `imaplib — IMAP4 protocol client `_ - `CWE-319: Cleartext Transmission of Sensitive Information `_ diff --git a/precli/rules/python/stdlib/json/json_load.py b/precli/rules/python/stdlib/json/json_load.py index 793c8f15..6ad67ce2 100644 --- a/precli/rules/python/stdlib/json/json_load.py +++ b/precli/rules/python/stdlib/json/json_load.py @@ -33,7 +33,7 @@ .. seealso:: - - `Deserialization of Untrusted Data in the Json Module `_ + - `Deserialization of Untrusted Data in the Json Module `_ - `json — JSON encoder and decoder `_ - `CWE-502: Deserialization of Untrusted Data `_ diff --git a/precli/rules/python/stdlib/logging/insecure_listen_config.py b/precli/rules/python/stdlib/logging/insecure_listen_config.py index e5a60510..fe19dc86 100644 --- a/precli/rules/python/stdlib/logging/insecure_listen_config.py +++ b/precli/rules/python/stdlib/logging/insecure_listen_config.py @@ -48,7 +48,7 @@ def validate(recv: bytes): .. seealso:: - - `Code Injection in Logging Config `_ + - `Code Injection in Logging Config `_ - `logging.config — Logging configuration `_ - `CWE-94: Improper Control of Generation of Code ('Code Injection') `_ diff --git a/precli/rules/python/stdlib/marshal/marshal_load.py b/precli/rules/python/stdlib/marshal/marshal_load.py index ab68979c..3435b09e 100644 --- a/precli/rules/python/stdlib/marshal/marshal_load.py +++ b/precli/rules/python/stdlib/marshal/marshal_load.py @@ -38,7 +38,7 @@ .. seealso:: - - `Deserialization of Untrusted Data in the Marshal Module `_ + - `Deserialization of Untrusted Data in the Marshal Module `_ - `marshal — Internal Python object serialization `_ - `CWE-502: Deserialization of Untrusted Data `_ diff --git a/precli/rules/python/stdlib/nntplib/nntp_cleartext.py b/precli/rules/python/stdlib/nntplib/nntp_cleartext.py index ad92048b..4596f5ea 100644 --- a/precli/rules/python/stdlib/nntplib/nntp_cleartext.py +++ b/precli/rules/python/stdlib/nntplib/nntp_cleartext.py @@ -48,7 +48,7 @@ .. seealso:: - - `Cleartext Transmission of Sensitive Information in the Nntplib Module `_ + - `Cleartext Transmission of Sensitive Information in the Nntplib Module `_ - `nntplib — NNTP protocol client `_ - `CWE-319: Cleartext Transmission of Sensitive Information `_ diff --git a/precli/rules/python/stdlib/pickle/pickle_load.py b/precli/rules/python/stdlib/pickle/pickle_load.py index 5d71dc2b..6bce31d3 100644 --- a/precli/rules/python/stdlib/pickle/pickle_load.py +++ b/precli/rules/python/stdlib/pickle/pickle_load.py @@ -49,7 +49,7 @@ def load_pickle_file(file_path): .. seealso:: - - `Deserialization of Untrusted Data in Pickle Module `_ + - `Deserialization of Untrusted Data in Pickle Module `_ - `pickle — Python object serialization `_ - `CWE-502: Deserialization of Untrusted Data `_ - `json — JSON encoder and decoder `_ diff --git a/precli/rules/python/stdlib/poplib/pop_cleartext.py b/precli/rules/python/stdlib/poplib/pop_cleartext.py index 09dd8f5e..955aeaaf 100644 --- a/precli/rules/python/stdlib/poplib/pop_cleartext.py +++ b/precli/rules/python/stdlib/poplib/pop_cleartext.py @@ -59,7 +59,7 @@ .. seealso:: - - `Cleartext Transmission of Sensitive Information in the Poplib Module `_ + - `Cleartext Transmission of Sensitive Information in the Poplib Module `_ - `poplib — POP3 protocol client `_ - `CWE-319: Cleartext Transmission of Sensitive Information `_ diff --git a/precli/rules/python/stdlib/shelve/shelve_open.py b/precli/rules/python/stdlib/shelve/shelve_open.py index 6aabd950..2aeb7224 100644 --- a/precli/rules/python/stdlib/shelve/shelve_open.py +++ b/precli/rules/python/stdlib/shelve/shelve_open.py @@ -37,7 +37,7 @@ .. seealso:: - - `Deserialization of Untrusted Data in the Shelve Module `_ + - `Deserialization of Untrusted Data in the Shelve Module `_ - `shelve — Python object persistence `_ - `CWE-502: Deserialization of Untrusted Data `_ diff --git a/precli/rules/python/stdlib/smtplib/smtp_cleartext.py b/precli/rules/python/stdlib/smtplib/smtp_cleartext.py index 1bffb0a0..f89fdf5b 100644 --- a/precli/rules/python/stdlib/smtplib/smtp_cleartext.py +++ b/precli/rules/python/stdlib/smtplib/smtp_cleartext.py @@ -92,7 +92,7 @@ def prompt(prompt): .. seealso:: - - `Cleartext Transmission of Sensitive Information in the Smtplib Module `_ + - `Cleartext Transmission of Sensitive Information in the Smtplib Module `_ - `smtplib — SMTP protocol client `_ - `CWE-319: Cleartext Transmission of Sensitive Information `_ diff --git a/precli/rules/python/stdlib/ssl/create_unverified_context.py b/precli/rules/python/stdlib/ssl/create_unverified_context.py index c44a348d..cfab557a 100644 --- a/precli/rules/python/stdlib/ssl/create_unverified_context.py +++ b/precli/rules/python/stdlib/ssl/create_unverified_context.py @@ -49,7 +49,7 @@ .. seealso:: - - `Improper Certificate Validation Using ssl._create_unverified_context `_ + - `Improper Certificate Validation Using ssl._create_unverified_context `_ - `ssl — TLS/SSL wrapper for socket objects `_ - `CWE-295: Improper Certificate Validation `_ diff --git a/precli/rules/python/stdlib/ssl/insecure_tls_version.py b/precli/rules/python/stdlib/ssl/insecure_tls_version.py index 457bef8f..a0177c19 100644 --- a/precli/rules/python/stdlib/ssl/insecure_tls_version.py +++ b/precli/rules/python/stdlib/ssl/insecure_tls_version.py @@ -66,7 +66,7 @@ .. seealso:: - - `Inadequate Encryption Strength Using Weak SSL Protocols `_ + - `Inadequate Encryption Strength Using Weak SSL Protocols `_ - `ssl — TLS/SSL wrapper for socket objects `_ - `CWE-326: Inadequate Encryption Strength `_ diff --git a/precli/rules/python/stdlib/telnetlib/telnetlib_cleartext.py b/precli/rules/python/stdlib/telnetlib/telnetlib_cleartext.py index d2bd2ed1..e895fe6a 100644 --- a/precli/rules/python/stdlib/telnetlib/telnetlib_cleartext.py +++ b/precli/rules/python/stdlib/telnetlib/telnetlib_cleartext.py @@ -101,7 +101,7 @@ .. seealso:: - - `Cleartext Transmission of Sensitive Information in the Telnetlib Module `_ + - `Cleartext Transmission of Sensitive Information in the Telnetlib Module `_ - `telnetlib — Telnet client `_ - `CWE-319: Cleartext Transmission of Sensitive Information `_ - https://www.paramiko.org/ diff --git a/precli/rules/python/stdlib/tempfile/mktemp_race_condition.py b/precli/rules/python/stdlib/tempfile/mktemp_race_condition.py index 21147186..e00db060 100644 --- a/precli/rules/python/stdlib/tempfile/mktemp_race_condition.py +++ b/precli/rules/python/stdlib/tempfile/mktemp_race_condition.py @@ -47,7 +47,7 @@ .. seealso:: - - `Insecure Temporary File in the Tempfile Module `_ + - `Insecure Temporary File in the Tempfile Module `_ - `tempfile — Generate temporary files and directories `_ - `CWE-377: Insecure Temporary File `_ diff --git a/setup.cfg b/setup.cfg index fc1cdc12..0e4d4a13 100644 --- a/setup.cfg +++ b/setup.cfg @@ -34,131 +34,131 @@ precli.parsers = precli.rules.go = # precli/rules/go/golang_org_x_crypto_ssh/ssh_insecure_ignore_hostkey.py - PRE1501 = precli.rules.go.golang_org_x_crypto_ssh.ssh_insecure_ignore_hostkey:SshInsecureIgnoreHostKey + GO501 = precli.rules.go.golang_org_x_crypto_ssh.ssh_insecure_ignore_hostkey:SshInsecureIgnoreHostKey precli.rules.python = # precli/rules/python/stdlib/assert/assert.py - PRE0001 = precli.rules.python.stdlib.assert.assert:Assert + PY001 = precli.rules.python.stdlib.assert.assert:Assert # precli/rules/python/stdlib/crypt/crypt_weak_hash.py - PRE0002 = precli.rules.python.stdlib.crypt.crypt_weak_hash:CryptWeakHash + PY002 = precli.rules.python.stdlib.crypt.crypt_weak_hash:CryptWeakHash # precli/rules/python/stdlib/ftplib/ftp_cleartext.py - PRE0003 = precli.rules.python.stdlib.ftplib.ftp_cleartext:FtpCleartext + PY003 = precli.rules.python.stdlib.ftplib.ftp_cleartext:FtpCleartext # precli/rules/python/stdlib/hashlib/hashlib_weak_hash.py - PRE0004 = precli.rules.python.stdlib.hashlib.hashlib_weak_hash:HashlibWeakHash + PY004 = precli.rules.python.stdlib.hashlib.hashlib_weak_hash:HashlibWeakHash # precli/rules/python/stdlib/hmac/hmac_timing_attack.py - PRE0005 = precli.rules.python.stdlib.hmac.hmac_timing_attack:HmacTimingAttack + PY005 = precli.rules.python.stdlib.hmac.hmac_timing_attack:HmacTimingAttack # precli/rules/python/stdlib/hmac/hmac_weak_hash.py - PRE0006 = precli.rules.python.stdlib.hmac.hmac_weak_hash:HmacWeakHash + PY006 = precli.rules.python.stdlib.hmac.hmac_weak_hash:HmacWeakHash # precli/rules/python/stdlib/imaplib/imap_cleartext.py - PRE0007 = precli.rules.python.stdlib.imaplib.imap_cleartext:ImapCleartext + PY007 = precli.rules.python.stdlib.imaplib.imap_cleartext:ImapCleartext # precli/rules/python/stdlib/json/json_load.py - PRE0008 = precli.rules.python.stdlib.json.json_load:JsonLoad + PY008 = precli.rules.python.stdlib.json.json_load:JsonLoad # precli/rules/python/stdlib/logging/insecure_listen_config.py - PRE0009 = precli.rules.python.stdlib.logging.insecure_listen_config:InsecureListenConfig + PY009 = precli.rules.python.stdlib.logging.insecure_listen_config:InsecureListenConfig # precli/rules/python/stdlib/marshal/marshal_load.py - PRE0010 = precli.rules.python.stdlib.marshal.marshal_load:MarshalLoad + PY010 = precli.rules.python.stdlib.marshal.marshal_load:MarshalLoad # precli/rules/python/stdlib/nntplib/nntp_cleartext.py - PRE0011 = precli.rules.python.stdlib.nntplib.nntp_cleartext:NntpCleartext + PY011 = precli.rules.python.stdlib.nntplib.nntp_cleartext:NntpCleartext # precli/rules/python/stdlib/pickle/pickle_load.py - PRE0012 = precli.rules.python.stdlib.pickle.pickle_load:PickleLoad + PY012 = precli.rules.python.stdlib.pickle.pickle_load:PickleLoad # precli/rules/python/stdlib/poplib/pop_cleartext.py - PRE0013 = precli.rules.python.stdlib.poplib.pop_cleartext:PopCleartext + PY013 = precli.rules.python.stdlib.poplib.pop_cleartext:PopCleartext # precli/rules/python/stdlib/shelve/shelve_open.py - PRE0014 = precli.rules.python.stdlib.shelve.shelve_open:ShelveOpen + PY014 = precli.rules.python.stdlib.shelve.shelve_open:ShelveOpen # precli/rules/python/stdlib/smtplib/smtp_cleartext.py - PRE0015 = precli.rules.python.stdlib.smtplib.smtp_cleartext:SmtpCleartext + PY015 = precli.rules.python.stdlib.smtplib.smtp_cleartext:SmtpCleartext # precli/rules/python/stdlib/ssl/create_unverified_context.py - PRE0016 = precli.rules.python.stdlib.ssl.create_unverified_context:CreateUnverifiedContext + PY016 = precli.rules.python.stdlib.ssl.create_unverified_context:CreateUnverifiedContext # precli/rules/python/stdlib/ssl/insecure_tls_version.py - PRE0017 = precli.rules.python.stdlib.ssl.insecure_tls_version:InsecureTlsVersion + PY017 = precli.rules.python.stdlib.ssl.insecure_tls_version:InsecureTlsVersion # precli/rules/python/stdlib/telnetlib/telnetlib_cleartext.py - PRE0018 = precli.rules.python.stdlib.telnetlib.telnetlib_cleartext:TelnetlibCleartext + PY018 = precli.rules.python.stdlib.telnetlib.telnetlib_cleartext:TelnetlibCleartext # precli/rules/python/stdlib/tempfile/mktemp_race_condition.py - PRE0019 = precli.rules.python.stdlib.tempfile.mktemp_race_condition:MktempRaceCondition + PY019 = precli.rules.python.stdlib.tempfile.mktemp_race_condition:MktempRaceCondition # precli/rules/python/aiohttp/no_certificate_verify.py - PRE0501 = precli.rules.python.aiohttp.no_certificate_verify:NoCertificateVerify + PY501 = precli.rules.python.aiohttp.no_certificate_verify:NoCertificateVerify # precli/rules/python/cryptography/cryptography_weak_cipher.py - PRE0502 = precli.rules.python.cryptography.cryptography_weak_cipher:CryptographyWeakCipher + PY502 = precli.rules.python.cryptography.cryptography_weak_cipher:CryptographyWeakCipher # precli/rules/python/cryptography/cryptography_weak_cipher_mode.py - PRE0503 = precli.rules.python.cryptography.cryptography_weak_cipher_mode:CryptographyWeakCipherMode + PY503 = precli.rules.python.cryptography.cryptography_weak_cipher_mode:CryptographyWeakCipherMode # precli/rules/python/cryptography/cryptography_weak_hash.py - PRE0504 = precli.rules.python.cryptography.cryptography_weak_hash:CryptographyWeakHash + PY504 = precli.rules.python.cryptography.cryptography_weak_hash:CryptographyWeakHash # precli/rules/python/cryptography/cryptography_weak_key.py - PRE0505 = precli.rules.python.cryptography.cryptography_weak_key:CryptographyWeakKey + PY505 = precli.rules.python.cryptography.cryptography_weak_key:CryptographyWeakKey # precli/rules/python/dill/dill_load.py - PRE0506 = precli.rules.python.dill.dill_load:DillLoad + PY506 = precli.rules.python.dill.dill_load:DillLoad # precli/rules/python/httpx/no_certificate_verify.py - PRE0507 = precli.rules.python.httpx.no_certificate_verify:NoCertificateVerify + PY507 = precli.rules.python.httpx.no_certificate_verify:NoCertificateVerify # precli/rules/python/jsonpickle/jsonpickle_decode.py - PRE0508 = precli.rules.python.jsonpickle.jsonpickle_decode:JsonpickleDecode + PY508 = precli.rules.python.jsonpickle.jsonpickle_decode:JsonpickleDecode # precli/rules/python/M2Crypto/m2crypto_weak_key.py - PRE0509 = precli.rules.python.M2Crypto.m2crypto_weak_key:M2CryptoWeakKey + PY509 = precli.rules.python.M2Crypto.m2crypto_weak_key:M2CryptoWeakKey # precli/rules/python/pandas/pandas_read_pickle.py - PRE0510 = precli.rules.python.pandas.pandas_read_pickle:PandasReadPickle + PY510 = precli.rules.python.pandas.pandas_read_pickle:PandasReadPickle # precli/rules/python/paramiko/paramiko_no_host_key_verify.py - PRE0511 = precli.rules.python.paramiko.paramiko_no_host_key_verify:ParamikoNoHostKeyVerify + PY511 = precli.rules.python.paramiko.paramiko_no_host_key_verify:ParamikoNoHostKeyVerify # precli/rules/python/pycrypto/pycrypto_weak_cipher.py - PRE0512 = precli.rules.python.pycrypto.pycrypto_weak_cipher:PycryptoWeakCipher + PY512 = precli.rules.python.pycrypto.pycrypto_weak_cipher:PycryptoWeakCipher # precli/rules/python/pycrypto/pycrypto_weak_hash.py - PRE0513 = precli.rules.python.pycrypto.pycrypto_weak_hash:PycryptoWeakHash + PY513 = precli.rules.python.pycrypto.pycrypto_weak_hash:PycryptoWeakHash # precli/rules/python/pycrypto/pycrypto_weak_key.py - PRE0514 = precli.rules.python.pycrypto.pycrypto_weak_key:PycryptoWeakKey + PY514 = precli.rules.python.pycrypto.pycrypto_weak_key:PycryptoWeakKey # precli/rules/python/pycryptodomex/pycryptodomex_weak_cipher.py - PRE0515 = precli.rules.python.pycryptodomex.pycryptodomex_weak_cipher:PycryptodomexWeakCipher + PY515 = precli.rules.python.pycryptodomex.pycryptodomex_weak_cipher:PycryptodomexWeakCipher # precli/rules/python/pycryptodomex/pycryptodomex_weak_hash.py - PRE0516 = precli.rules.python.pycryptodomex.pycryptodomex_weak_hash:PycryptodomexWeakHash + PY516 = precli.rules.python.pycryptodomex.pycryptodomex_weak_hash:PycryptodomexWeakHash # precli/rules/python/pycryptodomex/pycryptodomex_weak_key.py - PRE0517 = precli.rules.python.pycryptodomex.pycryptodomex_weak_key:PycryptodomexWeakKey + PY517 = precli.rules.python.pycryptodomex.pycryptodomex_weak_key:PycryptodomexWeakKey # precli/rules/python/pyghmi/pyghmi_cleartext.py - PRE0518 = precli.rules.python.pyghmi.pyghmi_cleartext:PyghmiCleartext + PY518 = precli.rules.python.pyghmi.pyghmi_cleartext:PyghmiCleartext # precli/rules/python/pyopenssl/insecure_tls_method.py - PRE0519 = precli.rules.python.pyopenssl.insecure_tls_method:InsecureTlsMethod + PY519 = precli.rules.python.pyopenssl.insecure_tls_method:InsecureTlsMethod # precli/rules/python/pyopenssl/pyopenssl_weak_key.py - PRE0520 = precli.rules.python.pyopenssl.pyopenssl_weak_key:PyopensslWeakKey + PY520 = precli.rules.python.pyopenssl.pyopenssl_weak_key:PyopensslWeakKey # precli/rules/python/PyYAML/yaml_load.py - PRE0521 = precli.rules.python.PyYAML.yaml_load:YamlLoad + PY521 = precli.rules.python.PyYAML.yaml_load:YamlLoad # precli/rules/python/requests/no_certificate_verify.py - PRE0522 = precli.rules.python.requests.no_certificate_verify:NoCertificateVerify + PY522 = precli.rules.python.requests.no_certificate_verify:NoCertificateVerify [build_sphinx] all_files = 1 diff --git a/tests/unit/parsers/examples/suppress.py b/tests/unit/parsers/examples/suppress.py index 0365ebcf..125e0ee9 100644 --- a/tests/unit/parsers/examples/suppress.py +++ b/tests/unit/parsers/examples/suppress.py @@ -1,4 +1,4 @@ import hashlib -hashlib.md5() # suppress: PRE0004 +hashlib.md5() # suppress: PY004 diff --git a/tests/unit/parsers/examples/suppress_lowercase_rule.py b/tests/unit/parsers/examples/suppress_lowercase_rule.py index 265f39e0..92f54b83 100644 --- a/tests/unit/parsers/examples/suppress_lowercase_rule.py +++ b/tests/unit/parsers/examples/suppress_lowercase_rule.py @@ -1,4 +1,4 @@ import hashlib -hashlib.md5() # suppress: pre0004 +hashlib.md5() # suppress: py004 diff --git a/tests/unit/parsers/examples/suppress_multiline.py b/tests/unit/parsers/examples/suppress_multiline.py index 0365ebcf..125e0ee9 100644 --- a/tests/unit/parsers/examples/suppress_multiline.py +++ b/tests/unit/parsers/examples/suppress_multiline.py @@ -1,4 +1,4 @@ import hashlib -hashlib.md5() # suppress: PRE0004 +hashlib.md5() # suppress: PY004 diff --git a/tests/unit/parsers/examples/suppress_multiple_comments.py b/tests/unit/parsers/examples/suppress_multiple_comments.py index 0de9af23..70e40c08 100644 --- a/tests/unit/parsers/examples/suppress_multiple_comments.py +++ b/tests/unit/parsers/examples/suppress_multiple_comments.py @@ -1,4 +1,4 @@ import hashlib -hashlib.md5() # type: ... # suppress: PRE0004 # noqa: E501 ; pylint: disable=line-too-long +hashlib.md5() # type: ... # suppress: PY004 # noqa: E501 ; pylint: disable=line-too-long diff --git a/tests/unit/parsers/examples/suppress_multiple_rules.py b/tests/unit/parsers/examples/suppress_multiple_rules.py index 9346193f..a4e57d3d 100644 --- a/tests/unit/parsers/examples/suppress_multiple_rules.py +++ b/tests/unit/parsers/examples/suppress_multiple_rules.py @@ -1,4 +1,4 @@ import hashlib -hashlib.md5() # suppress: PRE0001, PRE0002, PRE0003, PRE0004, PRE0005 +hashlib.md5() # suppress: PY001, PY002, PY003, PY004, PY005 diff --git a/tests/unit/parsers/examples/suppress_preceding.py b/tests/unit/parsers/examples/suppress_preceding.py index 8246f647..388addd8 100644 --- a/tests/unit/parsers/examples/suppress_preceding.py +++ b/tests/unit/parsers/examples/suppress_preceding.py @@ -1,5 +1,5 @@ import hashlib -# suppress: PRE0004 +# suppress: PY004 hashlib.md5() diff --git a/tests/unit/parsers/examples/suppress_spaced_rules.py b/tests/unit/parsers/examples/suppress_spaced_rules.py index aac0a06f..3ceff40a 100644 --- a/tests/unit/parsers/examples/suppress_spaced_rules.py +++ b/tests/unit/parsers/examples/suppress_spaced_rules.py @@ -1,4 +1,4 @@ import hashlib -hashlib.md5() # suppress: PRE0003 PRE0004 +hashlib.md5() # suppress: PY003 PY004 diff --git a/tests/unit/parsers/examples/suppress_wrong_rule.py b/tests/unit/parsers/examples/suppress_wrong_rule.py index b75fbcbc..d31f5475 100644 --- a/tests/unit/parsers/examples/suppress_wrong_rule.py +++ b/tests/unit/parsers/examples/suppress_wrong_rule.py @@ -1,4 +1,4 @@ import hashlib -hashlib.md5() # suppress: PRE0005 +hashlib.md5() # suppress: PY005 diff --git a/tests/unit/parsers/test_python.py b/tests/unit/parsers/test_python.py index 4604da5c..cba7ef4e 100644 --- a/tests/unit/parsers/test_python.py +++ b/tests/unit/parsers/test_python.py @@ -24,7 +24,7 @@ def test_suppress(self): ) self.assertEqual(1, len(results)) result = results[0] - self.assertEqual("PRE0004", result.rule_id) + self.assertEqual("PY004", result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(0, result.location.start_column) @@ -38,7 +38,7 @@ def test_suppress_lowercase_rule(self): ) self.assertEqual(1, len(results)) result = results[0] - self.assertEqual("PRE0004", result.rule_id) + self.assertEqual("PY004", result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(0, result.location.start_column) @@ -52,7 +52,7 @@ def test_suppress_multiline(self): ) self.assertEqual(1, len(results)) result = results[0] - self.assertEqual("PRE0004", result.rule_id) + self.assertEqual("PY004", result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(0, result.location.start_column) @@ -66,7 +66,7 @@ def test_suppress_multiple_comments(self): ) self.assertEqual(1, len(results)) result = results[0] - self.assertEqual("PRE0004", result.rule_id) + self.assertEqual("PY004", result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(0, result.location.start_column) @@ -80,7 +80,7 @@ def test_suppress_multiple_rules(self): ) self.assertEqual(1, len(results)) result = results[0] - self.assertEqual("PRE0004", result.rule_id) + self.assertEqual("PY004", result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(0, result.location.start_column) @@ -94,7 +94,7 @@ def test_suppress_preceding(self): ) self.assertEqual(1, len(results)) result = results[0] - self.assertEqual("PRE0004", result.rule_id) + self.assertEqual("PY004", result.rule_id) self.assertEqual(5, result.location.start_line) self.assertEqual(5, result.location.end_line) self.assertEqual(0, result.location.start_column) @@ -108,7 +108,7 @@ def test_suppress_spaced_rules(self): ) self.assertEqual(1, len(results)) result = results[0] - self.assertEqual("PRE0004", result.rule_id) + self.assertEqual("PY004", result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(0, result.location.start_column) @@ -122,7 +122,7 @@ def test_suppress_wrong_rule(self): ) self.assertEqual(1, len(results)) result = results[0] - self.assertEqual("PRE0004", result.rule_id) + self.assertEqual("PY004", result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(0, result.location.start_column) diff --git a/tests/unit/rules/python/M2Crypto/test_m2crypto_weak_key.py b/tests/unit/rules/python/M2Crypto/test_m2crypto_weak_key.py index bad5e779..66602ed7 100644 --- a/tests/unit/rules/python/M2Crypto/test_m2crypto_weak_key.py +++ b/tests/unit/rules/python/M2Crypto/test_m2crypto_weak_key.py @@ -12,7 +12,7 @@ class M2cryptoWeakKeyTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0509" + self.rule_id = "PY509" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/PyYAML/test_yaml_load.py b/tests/unit/rules/python/PyYAML/test_yaml_load.py index 1ee9aab9..e6558530 100644 --- a/tests/unit/rules/python/PyYAML/test_yaml_load.py +++ b/tests/unit/rules/python/PyYAML/test_yaml_load.py @@ -12,7 +12,7 @@ class YamlLoadTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0521" + self.rule_id = "PY521" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/aiohttp/test_no_certificate_verify.py b/tests/unit/rules/python/aiohttp/test_no_certificate_verify.py index ed514fb6..03b3ae51 100644 --- a/tests/unit/rules/python/aiohttp/test_no_certificate_verify.py +++ b/tests/unit/rules/python/aiohttp/test_no_certificate_verify.py @@ -12,7 +12,7 @@ class NoCertificateVerifyTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0501" + self.rule_id = "PY501" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/cryptography/test_cryptography_weak_cipher.py b/tests/unit/rules/python/cryptography/test_cryptography_weak_cipher.py index ad76f5e6..f9532be5 100644 --- a/tests/unit/rules/python/cryptography/test_cryptography_weak_cipher.py +++ b/tests/unit/rules/python/cryptography/test_cryptography_weak_cipher.py @@ -12,7 +12,7 @@ class CryptographyWeakCipherTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0502" + self.rule_id = "PY502" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/cryptography/test_cryptography_weak_cipher_mode.py b/tests/unit/rules/python/cryptography/test_cryptography_weak_cipher_mode.py index 08d72058..a1ef492c 100644 --- a/tests/unit/rules/python/cryptography/test_cryptography_weak_cipher_mode.py +++ b/tests/unit/rules/python/cryptography/test_cryptography_weak_cipher_mode.py @@ -12,7 +12,7 @@ class CryptographyWeakCipherModeTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0503" + self.rule_id = "PY503" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/cryptography/test_cryptography_weak_hash.py b/tests/unit/rules/python/cryptography/test_cryptography_weak_hash.py index cc4b84fb..198628c8 100644 --- a/tests/unit/rules/python/cryptography/test_cryptography_weak_hash.py +++ b/tests/unit/rules/python/cryptography/test_cryptography_weak_hash.py @@ -12,7 +12,7 @@ class CryptographyWeakHashTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0504" + self.rule_id = "PY504" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/cryptography/test_cryptography_weak_key.py b/tests/unit/rules/python/cryptography/test_cryptography_weak_key.py index 954115b1..30733a11 100644 --- a/tests/unit/rules/python/cryptography/test_cryptography_weak_key.py +++ b/tests/unit/rules/python/cryptography/test_cryptography_weak_key.py @@ -12,7 +12,7 @@ class CryptographyWeakKeyTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0505" + self.rule_id = "PY505" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/dill/test_dill_load.py b/tests/unit/rules/python/dill/test_dill_load.py index 2c063bdb..53436ddb 100644 --- a/tests/unit/rules/python/dill/test_dill_load.py +++ b/tests/unit/rules/python/dill/test_dill_load.py @@ -12,7 +12,7 @@ class DillLoadTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0506" + self.rule_id = "PY506" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/httpx/test_no_certificate_verify.py b/tests/unit/rules/python/httpx/test_no_certificate_verify.py index ac48d8b7..d83fa3b3 100644 --- a/tests/unit/rules/python/httpx/test_no_certificate_verify.py +++ b/tests/unit/rules/python/httpx/test_no_certificate_verify.py @@ -12,7 +12,7 @@ class NoCertificateVerifyTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0507" + self.rule_id = "PY507" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/jsonpickle/test_jsonpickle_decode.py b/tests/unit/rules/python/jsonpickle/test_jsonpickle_decode.py index 294a3cf6..95a8b8dc 100644 --- a/tests/unit/rules/python/jsonpickle/test_jsonpickle_decode.py +++ b/tests/unit/rules/python/jsonpickle/test_jsonpickle_decode.py @@ -12,7 +12,7 @@ class JsonPickleDecodeTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0508" + self.rule_id = "PY508" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/pandas/test_pandas_read_pickle.py b/tests/unit/rules/python/pandas/test_pandas_read_pickle.py index 28e753a9..4c7823e4 100644 --- a/tests/unit/rules/python/pandas/test_pandas_read_pickle.py +++ b/tests/unit/rules/python/pandas/test_pandas_read_pickle.py @@ -12,7 +12,7 @@ class PandasReadPickleTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0510" + self.rule_id = "PY510" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/paramiko/test_host_key_policy.py b/tests/unit/rules/python/paramiko/test_host_key_policy.py index c1e83ed7..a542a122 100644 --- a/tests/unit/rules/python/paramiko/test_host_key_policy.py +++ b/tests/unit/rules/python/paramiko/test_host_key_policy.py @@ -12,7 +12,7 @@ class HostKeyPolicyTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0511" + self.rule_id = "PY511" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/pycrypto/test_pycrypto_weak_cipher.py b/tests/unit/rules/python/pycrypto/test_pycrypto_weak_cipher.py index c2b87a57..ddd8d39c 100644 --- a/tests/unit/rules/python/pycrypto/test_pycrypto_weak_cipher.py +++ b/tests/unit/rules/python/pycrypto/test_pycrypto_weak_cipher.py @@ -12,7 +12,7 @@ class PycryptoWeakCipherTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0512" + self.rule_id = "PY512" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/pycrypto/test_pycrypto_weak_hash.py b/tests/unit/rules/python/pycrypto/test_pycrypto_weak_hash.py index 824a32fd..0ee00991 100644 --- a/tests/unit/rules/python/pycrypto/test_pycrypto_weak_hash.py +++ b/tests/unit/rules/python/pycrypto/test_pycrypto_weak_hash.py @@ -12,7 +12,7 @@ class PycryptoWeakCipherTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0513" + self.rule_id = "PY513" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/pycrypto/test_pycrypto_weak_key.py b/tests/unit/rules/python/pycrypto/test_pycrypto_weak_key.py index 2fbd4134..4865f6b3 100644 --- a/tests/unit/rules/python/pycrypto/test_pycrypto_weak_key.py +++ b/tests/unit/rules/python/pycrypto/test_pycrypto_weak_key.py @@ -12,7 +12,7 @@ class PycryptoWeakKeyTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0514" + self.rule_id = "PY514" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_cipher.py b/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_cipher.py index 1f786ff3..76f22fbf 100644 --- a/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_cipher.py +++ b/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_cipher.py @@ -12,7 +12,7 @@ class PycryptodomexWeakCipherTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0515" + self.rule_id = "PY515" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_hash.py b/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_hash.py index de9d1b4a..fd44557f 100644 --- a/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_hash.py +++ b/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_hash.py @@ -12,7 +12,7 @@ class PycryptodomexWeakCipherTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0516" + self.rule_id = "PY516" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_key.py b/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_key.py index 849f8c5c..5112c73e 100644 --- a/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_key.py +++ b/tests/unit/rules/python/pycryptodomex/test_pycryptodomex_weak_key.py @@ -12,7 +12,7 @@ class PycryptodomexWeakKeyTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0517" + self.rule_id = "PY517" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/pyghmi/test_pyghmi_cleartext.py b/tests/unit/rules/python/pyghmi/test_pyghmi_cleartext.py index 578c5944..e973416d 100644 --- a/tests/unit/rules/python/pyghmi/test_pyghmi_cleartext.py +++ b/tests/unit/rules/python/pyghmi/test_pyghmi_cleartext.py @@ -12,7 +12,7 @@ class PyghmiCleartextTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0518" + self.rule_id = "PY518" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/pyopenssl/test_pyopenssl_weak_key.py b/tests/unit/rules/python/pyopenssl/test_pyopenssl_weak_key.py index 20187afd..5b5425e9 100644 --- a/tests/unit/rules/python/pyopenssl/test_pyopenssl_weak_key.py +++ b/tests/unit/rules/python/pyopenssl/test_pyopenssl_weak_key.py @@ -12,7 +12,7 @@ class PyopensslWeakKeyTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0520" + self.rule_id = "PY520" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/pyopenssl/test_ssl_context.py b/tests/unit/rules/python/pyopenssl/test_ssl_context.py index 4ddce7ae..a91d869a 100644 --- a/tests/unit/rules/python/pyopenssl/test_ssl_context.py +++ b/tests/unit/rules/python/pyopenssl/test_ssl_context.py @@ -12,7 +12,7 @@ class SslContextTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0519" + self.rule_id = "PY519" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/requests/test_no_certificate_verify.py b/tests/unit/rules/python/requests/test_no_certificate_verify.py index 79763b9a..0b44d6c9 100644 --- a/tests/unit/rules/python/requests/test_no_certificate_verify.py +++ b/tests/unit/rules/python/requests/test_no_certificate_verify.py @@ -12,7 +12,7 @@ class NoCertificateVerifyTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0522" + self.rule_id = "PY522" self.parser = python.Python(enabled=[self.rule_id]) self.base_path = os.path.join( "tests", diff --git a/tests/unit/rules/python/stdlib/crypt/test_crypt_weak_hash.py b/tests/unit/rules/python/stdlib/crypt/test_crypt_weak_hash.py index 5adb7f93..e8c3d400 100644 --- a/tests/unit/rules/python/stdlib/crypt/test_crypt_weak_hash.py +++ b/tests/unit/rules/python/stdlib/crypt/test_crypt_weak_hash.py @@ -11,7 +11,7 @@ class CryptWeakHashTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0002" + self.rule_id = "PY002" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/ftplib/test_ftp_cleartext.py b/tests/unit/rules/python/stdlib/ftplib/test_ftp_cleartext.py index 466ca8c3..24799fe3 100644 --- a/tests/unit/rules/python/stdlib/ftplib/test_ftp_cleartext.py +++ b/tests/unit/rules/python/stdlib/ftplib/test_ftp_cleartext.py @@ -11,7 +11,7 @@ class FtpCleartextTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0003" + self.rule_id = "PY003" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/hashlib/test_hashlib_weak_hash.py b/tests/unit/rules/python/stdlib/hashlib/test_hashlib_weak_hash.py index e7b13798..83a9b551 100644 --- a/tests/unit/rules/python/stdlib/hashlib/test_hashlib_weak_hash.py +++ b/tests/unit/rules/python/stdlib/hashlib/test_hashlib_weak_hash.py @@ -11,7 +11,7 @@ class HashlibWeakHashTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0004" + self.rule_id = "PY004" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/hmac/test_hmac_timing_attack.py b/tests/unit/rules/python/stdlib/hmac/test_hmac_timing_attack.py index a827732c..cfaaa4e0 100644 --- a/tests/unit/rules/python/stdlib/hmac/test_hmac_timing_attack.py +++ b/tests/unit/rules/python/stdlib/hmac/test_hmac_timing_attack.py @@ -11,7 +11,7 @@ class HmacTimingAttackTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0005" + self.rule_id = "PY005" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/hmac/test_hmac_weak_hash.py b/tests/unit/rules/python/stdlib/hmac/test_hmac_weak_hash.py index 9906b53e..ff9591f9 100644 --- a/tests/unit/rules/python/stdlib/hmac/test_hmac_weak_hash.py +++ b/tests/unit/rules/python/stdlib/hmac/test_hmac_weak_hash.py @@ -11,7 +11,7 @@ class HmacWeakHashTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0006" + self.rule_id = "PY006" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/imaplib/test_imap_cleartext.py b/tests/unit/rules/python/stdlib/imaplib/test_imap_cleartext.py index b6041b0a..358df4ed 100644 --- a/tests/unit/rules/python/stdlib/imaplib/test_imap_cleartext.py +++ b/tests/unit/rules/python/stdlib/imaplib/test_imap_cleartext.py @@ -11,7 +11,7 @@ class ImapCleartextTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0007" + self.rule_id = "PY007" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/json/test_json_load.py b/tests/unit/rules/python/stdlib/json/test_json_load.py index e4af3dad..bd2c0eeb 100644 --- a/tests/unit/rules/python/stdlib/json/test_json_load.py +++ b/tests/unit/rules/python/stdlib/json/test_json_load.py @@ -11,7 +11,7 @@ class JsonLoadTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0008" + self.rule_id = "PY008" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/logging/test_insecure_listen_config.py b/tests/unit/rules/python/stdlib/logging/test_insecure_listen_config.py index 8500c966..f2643743 100644 --- a/tests/unit/rules/python/stdlib/logging/test_insecure_listen_config.py +++ b/tests/unit/rules/python/stdlib/logging/test_insecure_listen_config.py @@ -11,7 +11,7 @@ class InsecureListenConfigTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0009" + self.rule_id = "PY009" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/marshal/test_marshal_load.py b/tests/unit/rules/python/stdlib/marshal/test_marshal_load.py index 066a3eee..9225a7dd 100644 --- a/tests/unit/rules/python/stdlib/marshal/test_marshal_load.py +++ b/tests/unit/rules/python/stdlib/marshal/test_marshal_load.py @@ -11,7 +11,7 @@ class MarshalLoadTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0010" + self.rule_id = "PY010" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/nntplib/test_nntp_cleartext.py b/tests/unit/rules/python/stdlib/nntplib/test_nntp_cleartext.py index 18ac9031..8c35828c 100644 --- a/tests/unit/rules/python/stdlib/nntplib/test_nntp_cleartext.py +++ b/tests/unit/rules/python/stdlib/nntplib/test_nntp_cleartext.py @@ -11,7 +11,7 @@ class NntpCleartextTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0011" + self.rule_id = "PY011" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/pickle/test_pickle_load.py b/tests/unit/rules/python/stdlib/pickle/test_pickle_load.py index 264573dd..74295a1c 100644 --- a/tests/unit/rules/python/stdlib/pickle/test_pickle_load.py +++ b/tests/unit/rules/python/stdlib/pickle/test_pickle_load.py @@ -11,7 +11,7 @@ class PickleLoadTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0012" + self.rule_id = "PY012" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/poplib/test_pop_cleartext.py b/tests/unit/rules/python/stdlib/poplib/test_pop_cleartext.py index b030bf24..eee607d4 100644 --- a/tests/unit/rules/python/stdlib/poplib/test_pop_cleartext.py +++ b/tests/unit/rules/python/stdlib/poplib/test_pop_cleartext.py @@ -11,7 +11,7 @@ class PopCleartextTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0013" + self.rule_id = "PY013" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/shelve/test_shelve_open.py b/tests/unit/rules/python/stdlib/shelve/test_shelve_open.py index 5ff90119..40f7e618 100644 --- a/tests/unit/rules/python/stdlib/shelve/test_shelve_open.py +++ b/tests/unit/rules/python/stdlib/shelve/test_shelve_open.py @@ -11,7 +11,7 @@ class ShelveOpenTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0014" + self.rule_id = "PY014" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/smtplib/test_smtp_cleartext.py b/tests/unit/rules/python/stdlib/smtplib/test_smtp_cleartext.py index cfb757a7..5d0966cf 100644 --- a/tests/unit/rules/python/stdlib/smtplib/test_smtp_cleartext.py +++ b/tests/unit/rules/python/stdlib/smtplib/test_smtp_cleartext.py @@ -11,7 +11,7 @@ class SmtpCleartextTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0015" + self.rule_id = "PY015" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/ssl/test_get_server_certificate.py b/tests/unit/rules/python/stdlib/ssl/test_get_server_certificate.py index daf691a3..2e8a6a58 100644 --- a/tests/unit/rules/python/stdlib/ssl/test_get_server_certificate.py +++ b/tests/unit/rules/python/stdlib/ssl/test_get_server_certificate.py @@ -11,7 +11,7 @@ class GetServerCertificateTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0017" + self.rule_id = "PY017" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/ssl/test_ssl_context.py b/tests/unit/rules/python/stdlib/ssl/test_ssl_context.py index 6b02e18c..2dee63a5 100644 --- a/tests/unit/rules/python/stdlib/ssl/test_ssl_context.py +++ b/tests/unit/rules/python/stdlib/ssl/test_ssl_context.py @@ -11,7 +11,7 @@ class SslSocketTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0017" + self.rule_id = "PY017" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/ssl/test_ssl_create_context.py b/tests/unit/rules/python/stdlib/ssl/test_ssl_create_context.py index b0da20c8..3ed35db3 100644 --- a/tests/unit/rules/python/stdlib/ssl/test_ssl_create_context.py +++ b/tests/unit/rules/python/stdlib/ssl/test_ssl_create_context.py @@ -11,7 +11,7 @@ class SslCreateContextTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0016" + self.rule_id = "PY016" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/ssl/test_wrap_socket.py b/tests/unit/rules/python/stdlib/ssl/test_wrap_socket.py index a05df039..a2a82bdd 100644 --- a/tests/unit/rules/python/stdlib/ssl/test_wrap_socket.py +++ b/tests/unit/rules/python/stdlib/ssl/test_wrap_socket.py @@ -11,7 +11,7 @@ class WrapSocketTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0017" + self.rule_id = "PY017" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/telnetlib/test_telnetlib_cleartext.py b/tests/unit/rules/python/stdlib/telnetlib/test_telnetlib_cleartext.py index 983b57c0..a9716eb7 100644 --- a/tests/unit/rules/python/stdlib/telnetlib/test_telnetlib_cleartext.py +++ b/tests/unit/rules/python/stdlib/telnetlib/test_telnetlib_cleartext.py @@ -11,7 +11,7 @@ class TelnetlibCleartextTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0018" + self.rule_id = "PY018" self.base_path = os.path.join( "tests", "unit", diff --git a/tests/unit/rules/python/stdlib/tempfile/test_mktemp_race_condition.py b/tests/unit/rules/python/stdlib/tempfile/test_mktemp_race_condition.py index c3e8846c..7aa2235b 100644 --- a/tests/unit/rules/python/stdlib/tempfile/test_mktemp_race_condition.py +++ b/tests/unit/rules/python/stdlib/tempfile/test_mktemp_race_condition.py @@ -11,7 +11,7 @@ class MktempRaceConditionTests(test_case.TestCase): def setUp(self): super().setUp() - self.rule_id = "PRE0019" + self.rule_id = "PY019" self.base_path = os.path.join( "tests", "unit",