Flake8 plugin adding some checks to make Python code adhere to more secure coding standard
Project description
Flake8 Secure Coding Standard Plugin
flake8 plugin that enforces some secure coding standards.
Installation
pip install flake8-secure-coding-standard
Flake8 codes
Code | Description |
---|---|
SCS100 | Use of os.path.abspath() and os.path.relpath() should be avoided in favor of os.path.realpath() |
SCS101 | Use of eval() and exec() represent a security risk and should be avoided |
SCS102 | Use of os.system() should be avoided |
SCS103 | Use of shell=True in subprocess functions or use of functions that internally set this should be avoided |
SCS104 | Use of tempfile.mktemp() should be avoided, prefer tempfile.mkstemp() |
SCS105 | Use of yaml.load() should be avoided, prefer yaml.safe_load() or yaml.load(xxx, Loader=SafeLoader) |
SCS106 | Use of jsonpickle.decode() should be avoided |
SCS107 | Use of debugging code shoud not be present in production code (e.g. import pdb ) |
SCS108 | assert statements should not be present in production code |
SCS109 | Use of builtin open for writing is discouraged in favor of os.open to allow for setting file permissions |
SCS110 | Avoid using os.popen() as it internally uses subprocess.Popen with shell=True |
SCS111 | Use of shlex.quote() should be avoided on non-POSIX platforms |
Pre-commit hook
See pre-commit for instructions
Sample .pre-commit-config.yaml
:
- repo: https://github.com/PyCQA/flake8g
rev: 3.7.8
hooks:
- id: flake8
additional_dependencies: [flake8-secure-coding-standard]
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for flake8-secure-coding-standard-1.2.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | dad435efb8337675bdb57f8fa7d9d0ec2095867893c2c4ca6cc78f96bbf9919e |
|
MD5 | 3a6d7a5ef68ec5f0d126f0020f74ff61 |
|
BLAKE2b-256 | 9783f5448ff373856ae1c438de5cdeedfe020a2bb9741fceb335150fc7b5d504 |
Close
Hashes for flake8_secure_coding_standard-1.2.2-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b7e492bb5919742970fc63d14a14d245114e1d9ed0210d84f68b8a4f73a2f73a |
|
MD5 | 98c456ede6b438ce1ac7639f71b76a41 |
|
BLAKE2b-256 | ccffd48396eb73e494296ccf58f0e9b6fda54182edda3c28bf64b65539baa710 |