language-servers/ruff
1
0
Fork 0
mirror of https://github.com/astral-sh/ruff.git synced 2025-10-01 22:31:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

[flake8-bandit] Remove suspicious-lxml-import (S410) (#10154)

Browse source 
## Summary

The `lxml` library has been modified to address known vulnerabilities
and unsafe defaults. As such, the `defusedxml`
library is no longer necessary, `defusedxml` has deprecated its `lxml`
module.

Closes https://github.com/astral-sh/ruff/issues/10030.
This commit is contained in:
Charlie Marsh 2024-02-28 12:38:55 -05:00 committed by GitHub
parent 1791e7d73b
commit a1905172a8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 10 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
crates/ruff_linter/src/codes.rs
View file

@ -655,7 +655,7 @@ pub fn code_to_rule(linter: Linter, code: &str) -> Option<(RuleGroup, Rule)> {
(Flake8Bandit, "407") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousXmlExpatImport), (Flake8Bandit, "407") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousXmlExpatImport),
(Flake8Bandit, "408") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousXmlMinidomImport), (Flake8Bandit, "408") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousXmlMinidomImport),
(Flake8Bandit, "409") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousXmlPulldomImport), (Flake8Bandit, "409") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousXmlPulldomImport),
(Flake8Bandit, "410") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousLxmlImport), (Flake8Bandit, "410") => (RuleGroup::Removed, rules::flake8_bandit::rules::SuspiciousLxmlImport),
(Flake8Bandit, "411") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousXmlrpcImport), (Flake8Bandit, "411") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousXmlrpcImport),
(Flake8Bandit, "412") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousHttpoxyImport), (Flake8Bandit, "412") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousHttpoxyImport),
(Flake8Bandit, "413") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousPycryptoImport), (Flake8Bandit, "413") => (RuleGroup::Preview, rules::flake8_bandit::rules::SuspiciousPycryptoImport),

10
crates/ruff_linter/src/rules/flake8_bandit/rules/suspicious_imports.rs
View file

@ -211,8 +211,14 @@ impl Violation for SuspiciousXmlPulldomImport {
} }
} }
/// ## Removed
/// This rule was removed as the `lxml` library has been modified to address
/// known vulnerabilities and unsafe defaults. As such, the `defusedxml`
/// library is no longer necessary, `defusedxml` has [deprecated] its `lxml`
/// module.
///
/// ## What it does /// ## What it does
/// Checks for imports of the`lxml` module. /// Checks for imports of the `lxml` module.
/// ///
/// ## Why is this bad? /// ## Why is this bad?
/// Using various methods from the `lxml` module to parse untrusted XML data is /// Using various methods from the `lxml` module to parse untrusted XML data is
@ -223,6 +229,8 @@ impl Violation for SuspiciousXmlPulldomImport {
/// ```python /// ```python
/// import lxml /// import lxml
/// ``` /// ```
///
/// [deprecated]: https://github.com/tiran/defusedxml/blob/c7445887f5e1bcea470a16f61369d29870cfcfe1/README.md#defusedxmllxml
#[violation] #[violation]
pub struct SuspiciousLxmlImport; pub struct SuspiciousLxmlImport;

1
ruff.schema.json generated
View file

@ -3594,7 +3594,6 @@
"S408", "S408",
"S409", "S409",
"S41", "S41",
"S410",
"S411", "S411",
"S412", "S412",
"S413", "S413",