Mercurial Repositories > eric / changeset
changeset
Updated source docu.
Tue, 16 Jun 2020 20:02:20 +0200
- author
- Detlev Offenbach <detlev@die-offenbachs.de>
- date
- Tue, 16 Jun 2020 20:02:20 +0200
- changeset 7624
- 6eabbcf3bdf8
- parent 7623
- ddea119f0b1d
- child 7625
- 6448a86f3ff2
Updated source docu.
--- a/eric6/APIs/Python3/eric6.api Tue Jun 16 20:01:18 2020 +0200 +++ b/eric6/APIs/Python3/eric6.api Tue Jun 16 20:02:20 2020 +0200 @@ -2938,6 +2938,7 @@ eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleChecker.ignoreCode?4(code, lineFlags) eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleChecker.initBatchService?4() eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleChecker.initService?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleChecker.securityOk?4(code, lineFlags) eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleChecker.worker?4(inputQueue, outputQueue) eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.CodeStyleCheckerDialog.argsRole?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.CodeStyleCheckerDialog.availableFutures?7 @@ -2945,6 +2946,8 @@ eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.CodeStyleCheckerDialog.checkBatch?4() eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.CodeStyleCheckerDialog.checkCategories?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.CodeStyleCheckerDialog.codeRole?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.CodeStyleCheckerDialog.cryptoBitSelectionsDsaRsa?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.CodeStyleCheckerDialog.cryptoBitSelectionsEc?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.CodeStyleCheckerDialog.filenameRole?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.CodeStyleCheckerDialog.fixableRole?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.CodeStyleCheckerDialog.hasResults?7 @@ -3076,6 +3079,149 @@ eric6.Plugins.CheckerPlugins.CodeStyleChecker.NamingStyleChecker.NamingStyleChecker.run?4() eric6.Plugins.CheckerPlugins.CodeStyleChecker.NamingStyleChecker.NamingStyleChecker.unpackArgs?4() eric6.Plugins.CheckerPlugins.CodeStyleChecker.NamingStyleChecker.NamingStyleChecker?1(tree, filename, options) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert.checkAssertUsed?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.AWS_ACCESS_KEY_ID_MAX_ENTROPY?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.AWS_ACCESS_KEY_ID_REGEX?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.AWS_ACCESS_KEY_ID_SYMBOLS?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.AWS_SECRET_ACCESS_KEY_MAX_ENTROPY?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.AWS_SECRET_ACCESS_KEY_REGEX?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.AWS_SECRET_ACCESS_KEY_SYMBOLS?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.checkHardcodedAwsKey?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.shannonEntropy?4(data, symbols) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls._blacklists?8 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls.checkBlacklist?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports._blacklists?8 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports.checkBlacklist?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation.checkNoCertificateValidation?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.checkDjangoExtraUsed?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.checkDjangoRawSqlUsed?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.keywords2dict?4(keywords) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.DeepAssignation.isAssigned?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.DeepAssignation.isAssignedIn?4(items) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.DeepAssignation?1(varName, ignoreNodes=None) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.PY2?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.checkDjangoXssVulnerability?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.checkPotentialRisk?4(reportError, node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.evaluateCall?4(call, parent, ignoreNodes=None) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.evaluateVar?4(xssVar, parent, until, ignoreNodes=None) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.transform2call?4(var) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec.checkExecUsed?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug.checkFlaskDebug?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces.checkBindAllInterfaces?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions.checkFilePermissions?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.RE_CANDIDATES?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.RE_WORDS?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.checkHardcodedPasswordAsDefault?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.checkHardcodedPasswordAsFunctionArg?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.checkHardcodedPasswordAsString?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp.checkHardcodedTmpDirectory?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generateCheckersDict?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko.checkParamikoCalls?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell._evaluateShellCall?5(context) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.checkOtherFunctionWithShell?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.checkStartProcessWithNoShell?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.checkStartProcessWithPartialPath?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.checkStartProcessWithShell?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.checkSubprocessPopenWithShell?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.checkSubprocessPopenWithoutShell?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.fullPathMatchRe?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.hasShell?4(context) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.SIMPLE_SQL_RE?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql._checkString?5(data) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql._evaluateAst?5(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.checkHardcodedSqlExpressions?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard.checkLinuxCommandsWildcardInjection?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew.checkHashlibNew?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.checkInsecureSslDefaults?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.checkInsecureSslProtocolVersion?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.checkSslWithoutVersion?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates.checkJinja2Autoescape?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates.checkMakoTemplateUsage?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification.checkSshNoHostKeyVerification?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.checkTryExceptContinue?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.checkTryExceptPass?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey._classifyKeySize?5(reportError, config, keyType, keySize, node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey._weakCryptoKeySizeCryptography?5(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey._weakCryptoKeySizePycrypto?5(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.checkWeakCryptographicKey?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad.checkYamlLoad?4(reportError, context, config) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad.getChecks?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.SecurityChecker.Codes?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.SecurityChecker.getConfig?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.SecurityChecker.reportError?4(lineNumber, offset, code, severity, confidence, *args) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.SecurityChecker.run?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.SecurityChecker?1(source, filename, select, ignore, expected, repeat, args) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.bytesVal?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.callArgs?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.callArgsCount?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.callFunctionName?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.callFunctionNameQual?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.callKeywords?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.checkCallArgValue?4(argumentName, argumentValues=None) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.functionDefDefaultsQual?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.getCallArgAtPosition?4(positionNum) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.getCallArgValue?4(argumentName) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.getLinenoForCallArg?4(argumentName) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.getOffsetForCallArg?4(argumentName) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.isModuleBeingImported?4(module) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.isModuleImportedExact?4(module) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.isModuleImportedLike?4(module) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.node?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.statement?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.stringVal?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext.stringValAsEscapedBytes?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.SecurityContext?1(contextObject=None) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityDefaults.SecurityDefaults?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor.generic_visit?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor.visit?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor.visit_Bytes?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor.visit_Call?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor.visit_ClassDef?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor.visit_Constant?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor.visit_FunctionDef?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor.visit_Import?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor.visit_ImportFrom?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor.visit_Str?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.SecurityNodeVisitor?1(checker, secCheckers, filename) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils._get?5(node, bits, stop=None) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.concatString?4(node, stop=None) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.deepgetattr?4(obj, attr) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.escapedBytesRepresentation?4(b) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.getAttrQualName?4(node, aliases) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.getCallName?4(node, aliases) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.getCalledName?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.getModuleQualnameFromPath?4(path) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.getQualAttr?4(node, aliases) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.linerange?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.linerange_fix?4(node) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.namespacePathJoin?4(namespace, name) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.namespacePathSplit?4(path) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.translations._securityMessages?8 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.translations._securityMessagesSampleArgs?8 eric6.Plugins.CheckerPlugins.CodeStyleChecker.eradicate.MULTILINE_ASSIGNMENT_REGEX?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.eradicate.PARTIAL_DICTIONARY_REGEX?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.eradicate.comment_contains_code?4(line, aggressive=True) @@ -3116,6 +3262,7 @@ eric6.Plugins.CheckerPlugins.CodeStyleChecker.mccabe.PathNode.to_dot?4() eric6.Plugins.CheckerPlugins.CodeStyleChecker.mccabe.PathNode?1(name, look="circle") eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.ARITHMETIC_OP?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.ASSIGNMENT_EXPRESSION_OP?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.BENCHMARK_KEYS?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.BLANK_LINES_CONFIG?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.BaseReport.error?4(line_number, offset, text, check) @@ -3195,12 +3342,14 @@ eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.WHITESPACE_AFTER_COMMA_REGEX?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.WS_NEEDED_OPERATORS?7 eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.WS_OPTIONAL_OPERATORS?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle._SYMBOLIC_OPS?8 eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle._add_check?5(check, kind, codes, args) eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle._break_around_binary_operators?5(tokens) eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle._checks?8 eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle._get_parameters?5(function) eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle._is_binary_operator?5(token_type, text) eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle._is_eol_token?5(token) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle._is_one_liner?5(logical_line, indent_level, lines, line_number) eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle._main?5() eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle._parse_multi_options?5(options, split_token=', ') eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.ambiguous_identifier?4(logical_line, tokens) @@ -3256,7 +3405,10 @@ eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.whitespace_before_parameters?4(logical_line, tokens) eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations._messages?8 eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations._messages_sample_args?8 -eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations.getTranslatedMessage?4(messageCode, messageArgs) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations.getMessageCodes?4() +eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations.getTranslatedMessage?4(messageCode, messageArgs, example=False) +eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations.messageCatalogs?7 +eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations.messageSampleArgsCatalog?7 eric6.Plugins.CheckerPlugins.SyntaxChecker.SyntaxCheck.VcsConflictMarkerRegExpList?7 eric6.Plugins.CheckerPlugins.SyntaxChecker.SyntaxCheck.extractLineFlags?4(line, startComment=") eric6.Plugins.CheckerPlugins.SyntaxChecker.SyntaxCheck.initBatchService?4()
--- a/eric6/APIs/Python3/eric6.bas Tue Jun 16 20:01:18 2020 +0200 +++ b/eric6/APIs/Python3/eric6.bas Tue Jun 16 20:02:20 2020 +0200 @@ -514,6 +514,7 @@ Interface ClbrBaseClasses.Class VisibilityMixin InterfacePage ConfigurationPageBase Ui_InterfacePage InvalidISO8859Error Exception +InvalidModulePath Exception InvalidPlistException Exception IrcChannelEditDialog QDialog Ui_IrcChannelEditDialog IrcChannelWidget QWidget Ui_IrcChannelWidget
--- a/eric6/Documentation/Help/source.qhp Tue Jun 16 20:01:18 2020 +0200 +++ b/eric6/Documentation/Help/source.qhp Tue Jun 16 20:02:20 2020 +0200 @@ -290,6 +290,42 @@ </section> <section title="eric6.Plugins.CheckerPlugins" ref="index-eric6.Plugins.CheckerPlugins.html"> <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker" ref="index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.html"> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security" ref="index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.html"> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks" ref="index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.html"> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.__init__" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.__init__.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad.html" /> + </section> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityDefaults" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityDefaults.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html" /> + <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.translations" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.translations.html" /> + </section> <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.AnnotationsChecker" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.AnnotationsChecker.html" /> <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.AstUtilities" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.AstUtilities.html" /> <section title="eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleAddBuiltinIgnoreDialog" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleAddBuiltinIgnoreDialog.html" /> @@ -2336,6 +2372,7 @@ <keyword name="Checker.report_invalid_syntax" id="Checker.report_invalid_syntax" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#Checker.report_invalid_syntax" /> <keyword name="Checker.run_check" id="Checker.run_check" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#Checker.run_check" /> <keyword name="CheckerPlugins (Package)" id="CheckerPlugins (Package)" ref="index-eric6.Plugins.CheckerPlugins.html" /> + <keyword name="Checks (Package)" id="Checks (Package)" ref="index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.html" /> <keyword name="ChromeImporter" id="ChromeImporter" ref="eric6.WebBrowser.Bookmarks.BookmarksImporters.ChromeImporter.html#ChromeImporter" /> <keyword name="ChromeImporter (Constructor)" id="ChromeImporter (Constructor)" ref="eric6.WebBrowser.Bookmarks.BookmarksImporters.ChromeImporter.html#ChromeImporter.__init__" /> <keyword name="ChromeImporter (Module)" id="ChromeImporter (Module)" ref="eric6.WebBrowser.Bookmarks.BookmarksImporters.ChromeImporter.html" /> @@ -3515,6 +3552,10 @@ <keyword name="DebuggerPython3Page.on_refreshButton_clicked" id="DebuggerPython3Page.on_refreshButton_clicked" ref="eric6.Preferences.ConfigurationPages.DebuggerPython3Page.html#DebuggerPython3Page.on_refreshButton_clicked" /> <keyword name="DebuggerPython3Page.on_venvDlgButton_clicked" id="DebuggerPython3Page.on_venvDlgButton_clicked" ref="eric6.Preferences.ConfigurationPages.DebuggerPython3Page.html#DebuggerPython3Page.on_venvDlgButton_clicked" /> <keyword name="DebuggerPython3Page.save" id="DebuggerPython3Page.save" ref="eric6.Preferences.ConfigurationPages.DebuggerPython3Page.html#DebuggerPython3Page.save" /> + <keyword name="DeepAssignation" id="DeepAssignation" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html#DeepAssignation" /> + <keyword name="DeepAssignation (Constructor)" id="DeepAssignation (Constructor)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html#DeepAssignation.__init__" /> + <keyword name="DeepAssignation.isAssigned" id="DeepAssignation.isAssigned" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html#DeepAssignation.isAssigned" /> + <keyword name="DeepAssignation.isAssignedIn" id="DeepAssignation.isAssignedIn" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html#DeepAssignation.isAssignedIn" /> <keyword name="DeepLEngine" id="DeepLEngine" ref="eric6.Plugins.UiExtensionPlugins.Translator.TranslatorEngines.DeepLEngine.html#DeepLEngine" /> <keyword name="DeepLEngine (Constructor)" id="DeepLEngine (Constructor)" ref="eric6.Plugins.UiExtensionPlugins.Translator.TranslatorEngines.DeepLEngine.html#DeepLEngine.__init__" /> <keyword name="DeepLEngine (Module)" id="DeepLEngine (Module)" ref="eric6.Plugins.UiExtensionPlugins.Translator.TranslatorEngines.DeepLEngine.html" /> @@ -8635,6 +8676,7 @@ <keyword name="InterfacePage.on_resetLayoutButton_clicked" id="InterfacePage.on_resetLayoutButton_clicked" ref="eric6.Preferences.ConfigurationPages.InterfacePage.html#InterfacePage.on_resetLayoutButton_clicked" /> <keyword name="InterfacePage.save" id="InterfacePage.save" ref="eric6.Preferences.ConfigurationPages.InterfacePage.html#InterfacePage.save" /> <keyword name="InvalidISO8859Error" id="InvalidISO8859Error" ref="eric6.E5Network.E5RFC6266.html#InvalidISO8859Error" /> + <keyword name="InvalidModulePath" id="InvalidModulePath" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#InvalidModulePath" /> <keyword name="InvalidPlistException" id="InvalidPlistException" ref="eric6.Utilities.binplistlib.html#InvalidPlistException" /> <keyword name="IrcChannel" id="IrcChannel" ref="eric6.Network.IRC.IrcNetworkManager.html#IrcChannel" /> <keyword name="IrcChannel (Constructor)" id="IrcChannel (Constructor)" ref="eric6.Network.IRC.IrcNetworkManager.html#IrcChannel.__init__" /> @@ -12618,6 +12660,57 @@ <keyword name="SearchWidget.searchStringFound" id="SearchWidget.searchStringFound" ref="eric6.UI.SearchWidget.html#SearchWidget.searchStringFound" /> <keyword name="SearchWidget.showFind" id="SearchWidget.showFind" ref="eric6.UI.SearchWidget.html#SearchWidget.showFind" /> <keyword name="SearchWidget.showFind" id="SearchWidget.showFind" ref="eric6.WebBrowser.SearchWidget.html#SearchWidget.showFind" /> + <keyword name="Security (Package)" id="Security (Package)" ref="index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.html" /> + <keyword name="SecurityChecker" id="SecurityChecker" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html#SecurityChecker" /> + <keyword name="SecurityChecker (Constructor)" id="SecurityChecker (Constructor)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html#SecurityChecker.__init__" /> + <keyword name="SecurityChecker (Module)" id="SecurityChecker (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html" /> + <keyword name="SecurityChecker.__generateTree" id="SecurityChecker.__generateTree" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html#SecurityChecker.__generateTree" /> + <keyword name="SecurityChecker.__ignoreCode" id="SecurityChecker.__ignoreCode" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html#SecurityChecker.__ignoreCode" /> + <keyword name="SecurityChecker.__reportInvalidSyntax" id="SecurityChecker.__reportInvalidSyntax" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html#SecurityChecker.__reportInvalidSyntax" /> + <keyword name="SecurityChecker.getConfig" id="SecurityChecker.getConfig" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html#SecurityChecker.getConfig" /> + <keyword name="SecurityChecker.reportError" id="SecurityChecker.reportError" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html#SecurityChecker.reportError" /> + <keyword name="SecurityChecker.run" id="SecurityChecker.run" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html#SecurityChecker.run" /> + <keyword name="SecurityContext" id="SecurityContext" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext" /> + <keyword name="SecurityContext (Constructor)" id="SecurityContext (Constructor)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.__init__" /> + <keyword name="SecurityContext (Module)" id="SecurityContext (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html" /> + <keyword name="SecurityContext.__getLiteralValue" id="SecurityContext.__getLiteralValue" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.__getLiteralValue" /> + <keyword name="SecurityContext.__repr__" id="SecurityContext.__repr__" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.__repr__" /> + <keyword name="SecurityContext.bytesVal" id="SecurityContext.bytesVal" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.bytesVal" /> + <keyword name="SecurityContext.callArgs" id="SecurityContext.callArgs" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.callArgs" /> + <keyword name="SecurityContext.callArgsCount" id="SecurityContext.callArgsCount" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.callArgsCount" /> + <keyword name="SecurityContext.callFunctionName" id="SecurityContext.callFunctionName" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.callFunctionName" /> + <keyword name="SecurityContext.callFunctionNameQual" id="SecurityContext.callFunctionNameQual" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.callFunctionNameQual" /> + <keyword name="SecurityContext.callKeywords" id="SecurityContext.callKeywords" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.callKeywords" /> + <keyword name="SecurityContext.checkCallArgValue" id="SecurityContext.checkCallArgValue" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.checkCallArgValue" /> + <keyword name="SecurityContext.functionDefDefaultsQual" id="SecurityContext.functionDefDefaultsQual" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.functionDefDefaultsQual" /> + <keyword name="SecurityContext.getCallArgAtPosition" id="SecurityContext.getCallArgAtPosition" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.getCallArgAtPosition" /> + <keyword name="SecurityContext.getCallArgValue" id="SecurityContext.getCallArgValue" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.getCallArgValue" /> + <keyword name="SecurityContext.getLinenoForCallArg" id="SecurityContext.getLinenoForCallArg" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.getLinenoForCallArg" /> + <keyword name="SecurityContext.getOffsetForCallArg" id="SecurityContext.getOffsetForCallArg" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.getOffsetForCallArg" /> + <keyword name="SecurityContext.isModuleBeingImported" id="SecurityContext.isModuleBeingImported" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.isModuleBeingImported" /> + <keyword name="SecurityContext.isModuleImportedExact" id="SecurityContext.isModuleImportedExact" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.isModuleImportedExact" /> + <keyword name="SecurityContext.isModuleImportedLike" id="SecurityContext.isModuleImportedLike" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.isModuleImportedLike" /> + <keyword name="SecurityContext.node" id="SecurityContext.node" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.node" /> + <keyword name="SecurityContext.statement" id="SecurityContext.statement" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.statement" /> + <keyword name="SecurityContext.stringVal" id="SecurityContext.stringVal" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.stringVal" /> + <keyword name="SecurityContext.stringValAsEscapedBytes" id="SecurityContext.stringValAsEscapedBytes" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html#SecurityContext.stringValAsEscapedBytes" /> + <keyword name="SecurityDefaults (Module)" id="SecurityDefaults (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityDefaults.html" /> + <keyword name="SecurityNodeVisitor" id="SecurityNodeVisitor" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor" /> + <keyword name="SecurityNodeVisitor (Constructor)" id="SecurityNodeVisitor (Constructor)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.__init__" /> + <keyword name="SecurityNodeVisitor (Module)" id="SecurityNodeVisitor (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html" /> + <keyword name="SecurityNodeVisitor.__postVisit" id="SecurityNodeVisitor.__postVisit" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.__postVisit" /> + <keyword name="SecurityNodeVisitor.__preVisit" id="SecurityNodeVisitor.__preVisit" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.__preVisit" /> + <keyword name="SecurityNodeVisitor.__runChecks" id="SecurityNodeVisitor.__runChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.__runChecks" /> + <keyword name="SecurityNodeVisitor.generic_visit" id="SecurityNodeVisitor.generic_visit" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.generic_visit" /> + <keyword name="SecurityNodeVisitor.visit" id="SecurityNodeVisitor.visit" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.visit" /> + <keyword name="SecurityNodeVisitor.visit_Bytes" id="SecurityNodeVisitor.visit_Bytes" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.visit_Bytes" /> + <keyword name="SecurityNodeVisitor.visit_Call" id="SecurityNodeVisitor.visit_Call" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.visit_Call" /> + <keyword name="SecurityNodeVisitor.visit_ClassDef" id="SecurityNodeVisitor.visit_ClassDef" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.visit_ClassDef" /> + <keyword name="SecurityNodeVisitor.visit_Constant" id="SecurityNodeVisitor.visit_Constant" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.visit_Constant" /> + <keyword name="SecurityNodeVisitor.visit_FunctionDef" id="SecurityNodeVisitor.visit_FunctionDef" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.visit_FunctionDef" /> + <keyword name="SecurityNodeVisitor.visit_Import" id="SecurityNodeVisitor.visit_Import" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.visit_Import" /> + <keyword name="SecurityNodeVisitor.visit_ImportFrom" id="SecurityNodeVisitor.visit_ImportFrom" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.visit_ImportFrom" /> + <keyword name="SecurityNodeVisitor.visit_Str" id="SecurityNodeVisitor.visit_Str" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html#SecurityNodeVisitor.visit_Str" /> <keyword name="SecurityPage" id="SecurityPage" ref="eric6.Preferences.ConfigurationPages.SecurityPage.html#SecurityPage" /> <keyword name="SecurityPage (Constructor)" id="SecurityPage (Constructor)" ref="eric6.Preferences.ConfigurationPages.SecurityPage.html#SecurityPage.__init__" /> <keyword name="SecurityPage (Module)" id="SecurityPage (Module)" ref="eric6.Preferences.ConfigurationPages.SecurityPage.html" /> @@ -12625,6 +12718,7 @@ <keyword name="SecurityPage.on_masterPasswordCheckBox_clicked" id="SecurityPage.on_masterPasswordCheckBox_clicked" ref="eric6.Preferences.ConfigurationPages.SecurityPage.html#SecurityPage.on_masterPasswordCheckBox_clicked" /> <keyword name="SecurityPage.save" id="SecurityPage.save" ref="eric6.Preferences.ConfigurationPages.SecurityPage.html#SecurityPage.save" /> <keyword name="SecurityPage.setMode" id="SecurityPage.setMode" ref="eric6.Preferences.ConfigurationPages.SecurityPage.html#SecurityPage.setMode" /> + <keyword name="SecurityUtils (Module)" id="SecurityUtils (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html" /> <keyword name="SendRefererWhitelistDialog" id="SendRefererWhitelistDialog" ref="eric6.WebBrowser.Network.SendRefererWhitelistDialog.html#SendRefererWhitelistDialog" /> <keyword name="SendRefererWhitelistDialog (Constructor)" id="SendRefererWhitelistDialog (Constructor)" ref="eric6.WebBrowser.Network.SendRefererWhitelistDialog.html#SendRefererWhitelistDialog.__init__" /> <keyword name="SendRefererWhitelistDialog (Module)" id="SendRefererWhitelistDialog (Module)" ref="eric6.WebBrowser.Network.SendRefererWhitelistDialog.html" /> @@ -16912,6 +17006,7 @@ <keyword name="_ClbrBase.setEndLine" id="_ClbrBase.setEndLine" ref="eric6.Utilities.ClassBrowsers.ClbrBaseClasses.html#_ClbrBase.setEndLine" /> <keyword name="__check" id="__check" ref="eric6.Plugins.CheckerPlugins.Tabnanny.Tabnanny.html#__check" /> <keyword name="__checkCodeStyle" id="__checkCodeStyle" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleChecker.html#__checkCodeStyle" /> + <keyword name="__checkSyntax" id="__checkSyntax" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleChecker.html#__checkSyntax" /> <keyword name="__getMasterPassword" id="__getMasterPassword" ref="eric6.Utilities.crypto.__init__.html#__getMasterPassword" /> <keyword name="__getPygmentsLexer" id="__getPygmentsLexer" ref="eric6.QScintilla.Lexers.__init__.html#__getPygmentsLexer" /> <keyword name="__initChannelModesDict" id="__initChannelModesDict" ref="eric6.Network.IRC.IrcUtilities.html#__initChannelModesDict" /> @@ -16935,6 +17030,11 @@ <keyword name="_add_check" id="_add_check" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#_add_check" /> <keyword name="_break_around_binary_operators" id="_break_around_binary_operators" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#_break_around_binary_operators" /> <keyword name="_buildChildrenLists" id="_buildChildrenLists" ref="eric6.Graphics.GraphicsUtilities.html#_buildChildrenLists" /> + <keyword name="_checkString" id="_checkString" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.html#_checkString" /> + <keyword name="_classifyKeySize" id="_classifyKeySize" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.html#_classifyKeySize" /> + <keyword name="_evaluateAst" id="_evaluateAst" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.html#_evaluateAst" /> + <keyword name="_evaluateShellCall" id="_evaluateShellCall" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html#_evaluateShellCall" /> + <keyword name="_get" id="_get" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#_get" /> <keyword name="_get_parameters" id="_get_parameters" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#_get_parameters" /> <keyword name="_getfullargs" id="_getfullargs" ref="eric6.DebugClients.Python.DebugUtilities.html#_getfullargs" /> <keyword name="_indent" id="_indent" ref="eric6.Utilities.ClassBrowsers.pyclbr.html#_indent" /> @@ -16942,9 +17042,12 @@ <keyword name="_initTypeMap" id="_initTypeMap" ref="eric6.DebugClients.Python.DebugVariables.html#_initTypeMap" /> <keyword name="_is_binary_operator" id="_is_binary_operator" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#_is_binary_operator" /> <keyword name="_is_eol_token" id="_is_eol_token" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#_is_eol_token" /> + <keyword name="_is_one_liner" id="_is_one_liner" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#_is_one_liner" /> <keyword name="_main" id="_main" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#_main" /> <keyword name="_parse_multi_options" id="_parse_multi_options" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#_parse_multi_options" /> <keyword name="_percentReplacementFunc" id="_percentReplacementFunc" ref="eric6.Utilities.__init__.html#_percentReplacementFunc" /> + <keyword name="_weakCryptoKeySizeCryptography" id="_weakCryptoKeySizeCryptography" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.html#_weakCryptoKeySizeCryptography" /> + <keyword name="_weakCryptoKeySizePycrypto" id="_weakCryptoKeySizePycrypto" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.html#_weakCryptoKeySizePycrypto" /> <keyword name="absolutePath" id="absolutePath" ref="eric6.Utilities.__init__.html#absolutePath" /> <keyword name="absoluteUniversalPath" id="absoluteUniversalPath" ref="eric6.Utilities.__init__.html#absoluteUniversalPath" /> <keyword name="addActions" id="addActions" ref="eric6.E5Gui.E5Action.html#addActions" /> @@ -16954,15 +17057,57 @@ <keyword name="amendConfig" id="amendConfig" ref="eric6.Plugins.VcsPlugins.vcsSubversion.SvnUtilities.html#amendConfig" /> <keyword name="analyze" id="analyze" ref="eric6.DataViews.CodeMetrics.html#analyze" /> <keyword name="append_PKCS7_padding" id="append_PKCS7_padding" ref="eric6.Utilities.crypto.py3AES.html#append_PKCS7_padding" /> + <keyword name="assert (Module)" id="assert (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert.html" /> + <keyword name="awsHardcodedPassword (Module)" id="awsHardcodedPassword (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.html" /> <keyword name="bare_except" id="bare_except" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#bare_except" /> <keyword name="batchCheck" id="batchCheck" ref="eric6.Plugins.CheckerPlugins.Tabnanny.Tabnanny.html#batchCheck" /> <keyword name="binplistlib (Module)" id="binplistlib (Module)" ref="eric6.Utilities.binplistlib.html" /> + <keyword name="blackListCalls (Module)" id="blackListCalls (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls.html" /> + <keyword name="blackListImports (Module)" id="blackListImports (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports.html" /> <keyword name="blank_lines" id="blank_lines" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#blank_lines" /> <keyword name="break_after_binary_operator" id="break_after_binary_operator" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#break_after_binary_operator" /> <keyword name="break_before_binary_operator" id="break_before_binary_operator" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#break_before_binary_operator" /> + <keyword name="certificateValidation (Module)" id="certificateValidation (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation.html" /> <keyword name="changeRememberedMaster" id="changeRememberedMaster" ref="eric6.Utilities.crypto.__init__.html#changeRememberedMaster" /> <keyword name="check" id="check" ref="eric6.Plugins.CheckerPlugins.Tabnanny.Tabnanny.html#check" /> + <keyword name="checkAssertUsed" id="checkAssertUsed" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert.html#checkAssertUsed" /> + <keyword name="checkBindAllInterfaces" id="checkBindAllInterfaces" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces.html#checkBindAllInterfaces" /> + <keyword name="checkBlacklist" id="checkBlacklist" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls.html#checkBlacklist" /> + <keyword name="checkBlacklist" id="checkBlacklist" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports.html#checkBlacklist" /> + <keyword name="checkDjangoExtraUsed" id="checkDjangoExtraUsed" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.html#checkDjangoExtraUsed" /> + <keyword name="checkDjangoRawSqlUsed" id="checkDjangoRawSqlUsed" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.html#checkDjangoRawSqlUsed" /> + <keyword name="checkDjangoXssVulnerability" id="checkDjangoXssVulnerability" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html#checkDjangoXssVulnerability" /> + <keyword name="checkExecUsed" id="checkExecUsed" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec.html#checkExecUsed" /> + <keyword name="checkFilePermissions" id="checkFilePermissions" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions.html#checkFilePermissions" /> + <keyword name="checkFlaskDebug" id="checkFlaskDebug" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug.html#checkFlaskDebug" /> + <keyword name="checkHardcodedAwsKey" id="checkHardcodedAwsKey" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.html#checkHardcodedAwsKey" /> + <keyword name="checkHardcodedPasswordAsDefault" id="checkHardcodedPasswordAsDefault" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.html#checkHardcodedPasswordAsDefault" /> + <keyword name="checkHardcodedPasswordAsFunctionArg" id="checkHardcodedPasswordAsFunctionArg" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.html#checkHardcodedPasswordAsFunctionArg" /> + <keyword name="checkHardcodedPasswordAsString" id="checkHardcodedPasswordAsString" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.html#checkHardcodedPasswordAsString" /> + <keyword name="checkHardcodedSqlExpressions" id="checkHardcodedSqlExpressions" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.html#checkHardcodedSqlExpressions" /> + <keyword name="checkHardcodedTmpDirectory" id="checkHardcodedTmpDirectory" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp.html#checkHardcodedTmpDirectory" /> + <keyword name="checkHashlibNew" id="checkHashlibNew" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew.html#checkHashlibNew" /> + <keyword name="checkInsecureSslDefaults" id="checkInsecureSslDefaults" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.html#checkInsecureSslDefaults" /> + <keyword name="checkInsecureSslProtocolVersion" id="checkInsecureSslProtocolVersion" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.html#checkInsecureSslProtocolVersion" /> + <keyword name="checkJinja2Autoescape" id="checkJinja2Autoescape" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates.html#checkJinja2Autoescape" /> + <keyword name="checkLinuxCommandsWildcardInjection" id="checkLinuxCommandsWildcardInjection" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard.html#checkLinuxCommandsWildcardInjection" /> + <keyword name="checkMakoTemplateUsage" id="checkMakoTemplateUsage" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates.html#checkMakoTemplateUsage" /> + <keyword name="checkNoCertificateValidation" id="checkNoCertificateValidation" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation.html#checkNoCertificateValidation" /> + <keyword name="checkOtherFunctionWithShell" id="checkOtherFunctionWithShell" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html#checkOtherFunctionWithShell" /> + <keyword name="checkParamikoCalls" id="checkParamikoCalls" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko.html#checkParamikoCalls" /> + <keyword name="checkPotentialRisk" id="checkPotentialRisk" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html#checkPotentialRisk" /> <keyword name="checkPyside" id="checkPyside" ref="eric6.Utilities.__init__.html#checkPyside" /> + <keyword name="checkSshNoHostKeyVerification" id="checkSshNoHostKeyVerification" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification.html#checkSshNoHostKeyVerification" /> + <keyword name="checkSslWithoutVersion" id="checkSslWithoutVersion" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.html#checkSslWithoutVersion" /> + <keyword name="checkStartProcessWithNoShell" id="checkStartProcessWithNoShell" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html#checkStartProcessWithNoShell" /> + <keyword name="checkStartProcessWithPartialPath" id="checkStartProcessWithPartialPath" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html#checkStartProcessWithPartialPath" /> + <keyword name="checkStartProcessWithShell" id="checkStartProcessWithShell" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html#checkStartProcessWithShell" /> + <keyword name="checkSubprocessPopenWithShell" id="checkSubprocessPopenWithShell" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html#checkSubprocessPopenWithShell" /> + <keyword name="checkSubprocessPopenWithoutShell" id="checkSubprocessPopenWithoutShell" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html#checkSubprocessPopenWithoutShell" /> + <keyword name="checkTryExceptContinue" id="checkTryExceptContinue" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.html#checkTryExceptContinue" /> + <keyword name="checkTryExceptPass" id="checkTryExceptPass" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.html#checkTryExceptPass" /> + <keyword name="checkWeakCryptographicKey" id="checkWeakCryptographicKey" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.html#checkWeakCryptographicKey" /> + <keyword name="checkYamlLoad" id="checkYamlLoad" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad.html#checkYamlLoad" /> <keyword name="className" id="className" ref="eric6.Project.UicLoadUi.html#className" /> <keyword name="cleanUp" id="cleanUp" ref="install-debugclients.html#cleanUp" /> <keyword name="cleanUp" id="cleanUp" ref="install.html#cleanUp" /> @@ -16993,6 +17138,7 @@ <keyword name="completeFormData" id="completeFormData" ref="eric6.WebBrowser.Tools.Scripts.html#completeFormData" /> <keyword name="composeCallPath" id="composeCallPath" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.MiscellaneousChecker.html#composeCallPath" /> <keyword name="compound_statements" id="compound_statements" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#compound_statements" /> + <keyword name="concatString" id="concatString" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#concatString" /> <keyword name="condaVersion" id="condaVersion" ref="eric6.CondaInterface.__init__.html#condaVersion" /> <keyword name="condaVersionStr" id="condaVersionStr" ref="eric6.CondaInterface.__init__.html#condaVersionStr" /> <keyword name="confirmOverwrite" id="confirmOverwrite" ref="eric6.E5Gui.E5FileSaveConfirmDialog.html#confirmOverwrite" /> @@ -17131,6 +17277,7 @@ <keyword name="decodeString" id="decodeString" ref="eric6.Utilities.__init__.html#decodeString" /> <keyword name="decoratedName" id="decoratedName" ref="eric6.MicroPython.MicroPythonFileSystemUtilities.html#decoratedName" /> <keyword name="decryptData" id="decryptData" ref="eric6.Utilities.crypto.py3AES.html#decryptData" /> + <keyword name="deepgetattr" id="deepgetattr" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#deepgetattr" /> <keyword name="desktopName" id="desktopName" ref="eric6.Globals.__init__.html#desktopName" /> <keyword name="detect_encoding" id="detect_encoding" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.eradicate.html#detect_encoding" /> <keyword name="determinePythonVersion" id="determinePythonVersion" ref="eric6.Utilities.__init__.html#determinePythonVersion" /> @@ -17139,6 +17286,8 @@ <keyword name="displayString" id="displayString" ref="eric6.Plugins.PluginVcsMercurial.html#displayString" /> <keyword name="displayString" id="displayString" ref="eric6.Plugins.PluginVcsPySvn.html#displayString" /> <keyword name="displayString" id="displayString" ref="eric6.Plugins.PluginVcsSubversion.html#displayString" /> + <keyword name="djangoSqlInjection (Module)" id="djangoSqlInjection (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.html" /> + <keyword name="djangoXssVulnerability (Module)" id="djangoXssVulnerability (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html" /> <keyword name="doDependancyChecks" id="doDependancyChecks" ref="install.html#doDependancyChecks" /> <keyword name="drawPolygon" id="drawPolygon" ref="eric6.Snapshot.SnapshotFreehandGrabber.html#drawPolygon" /> <keyword name="drawRect" id="drawRect" ref="eric6.Snapshot.SnapshotRegionGrabber.html#drawRect" /> @@ -17177,6 +17326,9 @@ <keyword name="eric6dbgstub (Module)" id="eric6dbgstub (Module)" ref="eric6.DebugClients.Python.eric6dbgstub.html" /> <keyword name="escape_entities" id="escape_entities" ref="eric6.Utilities.__init__.html#escape_entities" /> <keyword name="escape_uentities" id="escape_uentities" ref="eric6.Utilities.__init__.html#escape_uentities" /> + <keyword name="escapedBytesRepresentation" id="escapedBytesRepresentation" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#escapedBytesRepresentation" /> + <keyword name="evaluateCall" id="evaluateCall" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html#evaluateCall" /> + <keyword name="evaluateVar" id="evaluateVar" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html#evaluateVar" /> <keyword name="excepthook" id="excepthook" ref="eric6.eric6.html#excepthook" /> <keyword name="exeDisplayData" id="exeDisplayData" ref="eric6.Plugins.PluginEricapi.html#exeDisplayData" /> <keyword name="exeDisplayData" id="exeDisplayData" ref="eric6.Plugins.PluginVcsGit.html#exeDisplayData" /> @@ -17184,6 +17336,7 @@ <keyword name="exeDisplayData" id="exeDisplayData" ref="eric6.Plugins.PluginVcsPySvn.html#exeDisplayData" /> <keyword name="exeDisplayData" id="exeDisplayData" ref="eric6.Plugins.PluginVcsSubversion.html#exeDisplayData" /> <keyword name="exeDisplayDataList" id="exeDisplayDataList" ref="eric6.Plugins.PluginEricdoc.html#exeDisplayDataList" /> + <keyword name="exec (Module)" id="exec (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec.html" /> <keyword name="exit" id="exit" ref="install-debugclients.html#exit" /> <keyword name="exit" id="exit" ref="install.html#exit" /> <keyword name="exit" id="exit" ref="uninstall-debugclients.html#exit" /> @@ -17211,11 +17364,17 @@ <keyword name="find_module" id="find_module" ref="eric6.Utilities.ModuleParser.html#find_module" /> <keyword name="fix_file" id="fix_file" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.eradicate.html#fix_file" /> <keyword name="flashDataPathForOS" id="flashDataPathForOS" ref="eric6.WebBrowser.FlashCookieManager.FlashCookieUtilities.html#flashDataPathForOS" /> + <keyword name="flaskDebug (Module)" id="flaskDebug (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug.html" /> <keyword name="formatTime" id="formatTime" ref="eric6.Plugins.VcsPlugins.vcsPySvn.SvnUtilities.html#formatTime" /> <keyword name="format_witnesses" id="format_witnesses" ref="eric6.Plugins.CheckerPlugins.Tabnanny.Tabnanny.html#format_witnesses" /> <keyword name="formatargvalues" id="formatargvalues" ref="eric6.DebugClients.Python.DebugUtilities.html#formatargvalues" /> <keyword name="fromNativeSeparators" id="fromNativeSeparators" ref="eric6.Utilities.__init__.html#fromNativeSeparators" /> <keyword name="fstat" id="fstat" ref="eric6.MicroPython.MicroPythonFileSystemUtilities.html#fstat" /> + <keyword name="generalBindAllInterfaces (Module)" id="generalBindAllInterfaces (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces.html" /> + <keyword name="generalFilePermissions (Module)" id="generalFilePermissions (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions.html" /> + <keyword name="generalHardcodedPassword (Module)" id="generalHardcodedPassword (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.html" /> + <keyword name="generalHardcodedTmp (Module)" id="generalHardcodedTmp (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp.html" /> + <keyword name="generateCheckersDict" id="generateCheckersDict" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.__init__.html#generateCheckersDict" /> <keyword name="generateDistroInfo" id="generateDistroInfo" ref="eric6.Utilities.__init__.html#generateDistroInfo" /> <keyword name="generatePluginsVersionInfo" id="generatePluginsVersionInfo" ref="eric6.Utilities.__init__.html#generatePluginsVersionInfo" /> <keyword name="generatePyQtToolPath" id="generatePyQtToolPath" ref="eric6.Utilities.__init__.html#generatePyQtToolPath" /> @@ -17225,8 +17384,36 @@ <keyword name="getAllImages" id="getAllImages" ref="eric6.WebBrowser.Tools.Scripts.html#getAllImages" /> <keyword name="getAllMetaAttributes" id="getAllMetaAttributes" ref="eric6.WebBrowser.Tools.Scripts.html#getAllMetaAttributes" /> <keyword name="getAnnotationComplexity" id="getAnnotationComplexity" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.AnnotationsChecker.html#getAnnotationComplexity" /> + <keyword name="getAttrQualName" id="getAttrQualName" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#getAttrQualName" /> <keyword name="getBasicHelper" id="getBasicHelper" ref="eric6.VCS.__init__.html#getBasicHelper" /> + <keyword name="getCallName" id="getCallName" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#getCallName" /> + <keyword name="getCalledName" id="getCalledName" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#getCalledName" /> <keyword name="getChannelModesDict" id="getChannelModesDict" ref="eric6.Network.IRC.IrcUtilities.html#getChannelModesDict" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.html#getChecks" /> + <keyword name="getChecks" id="getChecks" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad.html#getChecks" /> <keyword name="getCombinedIcon" id="getCombinedIcon" ref="eric6.UI.PixmapCache.html#getCombinedIcon" /> <keyword name="getCompleter" id="getCompleter" ref="eric6.QScintilla.TypingCompleters.__init__.html#getCompleter" /> <keyword name="getConda" id="getConda" ref="eric6.Preferences.__init__.html#getConda" /> @@ -17300,7 +17487,9 @@ <keyword name="getLexer" id="getLexer" ref="eric6.QScintilla.Lexers.__init__.html#getLexer" /> <keyword name="getLongDescription" id="getLongDescription" ref="setup.html#getLongDescription" /> <keyword name="getMarkupProvider" id="getMarkupProvider" ref="eric6.QScintilla.MarkupProviders.__init__.html#getMarkupProvider" /> + <keyword name="getMessageCodes" id="getMessageCodes" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations.html#getMessageCodes" /> <keyword name="getMicroPython" id="getMicroPython" ref="eric6.Preferences.__init__.html#getMicroPython" /> + <keyword name="getModuleQualnameFromPath" id="getModuleQualnameFromPath" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#getModuleQualnameFromPath" /> <keyword name="getMultiProject" id="getMultiProject" ref="eric6.Preferences.__init__.html#getMultiProject" /> <keyword name="getOpenFileFiltersList" id="getOpenFileFiltersList" ref="eric6.QScintilla.Lexers.__init__.html#getOpenFileFiltersList" /> <keyword name="getOpenFileName" id="getOpenFileName" ref="eric6.E5Gui.E5FileDialog.html#getOpenFileName" /> @@ -17332,6 +17521,7 @@ <keyword name="getQtBinariesPath" id="getQtBinariesPath" ref="eric6.Globals.__init__.html#getQtBinariesPath" /> <keyword name="getQtMacBundle" id="getQtMacBundle" ref="eric6.Utilities.__init__.html#getQtMacBundle" /> <keyword name="getQtTranslationsDir" id="getQtTranslationsDir" ref="eric6.Preferences.__init__.html#getQtTranslationsDir" /> + <keyword name="getQualAttr" id="getQualAttr" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#getQualAttr" /> <keyword name="getRealName" id="getRealName" ref="eric6.Utilities.__init__.html#getRealName" /> <keyword name="getRegistryData" id="getRegistryData" ref="eric6.Debugger.DebuggerInterfaceNone.html#getRegistryData" /> <keyword name="getRegistryData" id="getRegistryData" ref="eric6.Debugger.DebuggerInterfacePython.html#getRegistryData" /> @@ -17393,6 +17583,7 @@ <keyword name="handleArgs" id="handleArgs" ref="eric6.Toolbox.Startup.html#handleArgs" /> <keyword name="handleSingleApplication" id="handleSingleApplication" ref="eric6.eric6.html#handleSingleApplication" /> <keyword name="hasEnvironmentEntry" id="hasEnvironmentEntry" ref="eric6.Utilities.__init__.html#hasEnvironmentEntry" /> + <keyword name="hasShell" id="hasShell" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html#hasShell" /> <keyword name="hasTypeAnnotations" id="hasTypeAnnotations" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.AnnotationsChecker.html#hasTypeAnnotations" /> <keyword name="hashPassword" id="hashPassword" ref="eric6.Utilities.crypto.py3PBKDF2.html#hashPassword" /> <keyword name="hashPasswordTuple" id="hashPasswordTuple" ref="eric6.Utilities.crypto.py3PBKDF2.html#hashPasswordTuple" /> @@ -17431,6 +17622,12 @@ <keyword name="initService" id="initService" ref="eric6.Plugins.CheckerPlugins.SyntaxChecker.yamlCheckSyntax.html#initService" /> <keyword name="initService" id="initService" ref="eric6.Plugins.CheckerPlugins.Tabnanny.Tabnanny.html#initService" /> <keyword name="initializeResourceSearchPath" id="initializeResourceSearchPath" ref="eric6.Toolbox.Startup.html#initializeResourceSearchPath" /> + <keyword name="injectionParamiko (Module)" id="injectionParamiko (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko.html" /> + <keyword name="injectionShell (Module)" id="injectionShell (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html" /> + <keyword name="injectionSql (Module)" id="injectionSql (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.html" /> + <keyword name="injectionWildcard (Module)" id="injectionWildcard (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard.html" /> + <keyword name="insecureHashlibNew (Module)" id="insecureHashlibNew (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew.html" /> + <keyword name="insecureSslTls (Module)" id="insecureSslTls (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.html" /> <keyword name="install (Module)" id="install (Module)" ref="install.html" /> <keyword name="install-debugclients (Module)" id="install-debugclients (Module)" ref="install-debugclients.html" /> <keyword name="install-i18n (Module)" id="install-i18n (Module)" ref="install-i18n.html" /> @@ -17473,6 +17670,7 @@ <keyword name="is_stream_binary_plist" id="is_stream_binary_plist" ref="eric6.Utilities.binplistlib.html#is_stream_binary_plist" /> <keyword name="is_string_literal" id="is_string_literal" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#is_string_literal" /> <keyword name="isinpath" id="isinpath" ref="eric6.Utilities.__init__.html#isinpath" /> + <keyword name="jinja2Templates (Module)" id="jinja2Templates (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates.html" /> <keyword name="joinext" id="joinext" ref="eric6.Utilities.__init__.html#joinext" /> <keyword name="jsCheckSyntax (Module)" id="jsCheckSyntax (Module)" ref="eric6.Plugins.CheckerPlugins.SyntaxChecker.jsCheckSyntax.html" /> <keyword name="jsSyntaxBatchCheck" id="jsSyntaxBatchCheck" ref="eric6.Plugins.CheckerPlugins.SyntaxChecker.jsCheckSyntax.html#jsSyntaxBatchCheck" /> @@ -17481,7 +17679,10 @@ <keyword name="jsonCheckSyntax (Module)" id="jsonCheckSyntax (Module)" ref="eric6.Plugins.CheckerPlugins.SyntaxChecker.jsonCheckSyntax.html" /> <keyword name="jsonSyntaxBatchCheck" id="jsonSyntaxBatchCheck" ref="eric6.Plugins.CheckerPlugins.SyntaxChecker.jsonCheckSyntax.html#jsonSyntaxBatchCheck" /> <keyword name="jsonSyntaxCheck" id="jsonSyntaxCheck" ref="eric6.Plugins.CheckerPlugins.SyntaxChecker.jsonCheckSyntax.html#jsonSyntaxCheck" /> + <keyword name="keywords2dict" id="keywords2dict" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.html#keywords2dict" /> <keyword name="largefiles (Module)" id="largefiles (Module)" ref="eric6.Plugins.VcsPlugins.vcsMercurial.LargefilesExtension.largefiles.html" /> + <keyword name="linerange" id="linerange" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#linerange" /> + <keyword name="linerange_fix" id="linerange_fix" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#linerange_fix" /> <keyword name="linesep" id="linesep" ref="eric6.Utilities.__init__.html#linesep" /> <keyword name="listdirStat" id="listdirStat" ref="eric6.MicroPython.MicroPythonFileSystemUtilities.html#listdirStat" /> <keyword name="loadTranslatorForLocale" id="loadTranslatorForLocale" ref="eric6.Toolbox.Startup.html#loadTranslatorForLocale" /> @@ -17524,6 +17725,7 @@ <keyword name="main" id="main" ref="uninstall-debugclients.html#main" /> <keyword name="main" id="main" ref="uninstall.html#main" /> <keyword name="makeAppInfo" id="makeAppInfo" ref="eric6.Globals.AppInfo.html#makeAppInfo" /> + <keyword name="makoTemplates (Module)" id="makoTemplates (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates.html" /> <keyword name="maximum_doc_length" id="maximum_doc_length" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#maximum_doc_length" /> <keyword name="maximum_line_length" id="maximum_line_length" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#maximum_line_length" /> <keyword name="mccabe (Module)" id="mccabe (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.mccabe.html" /> @@ -17538,6 +17740,8 @@ <keyword name="mtime2string" id="mtime2string" ref="eric6.MicroPython.MicroPythonFileSystemUtilities.html#mtime2string" /> <keyword name="multiline_case" id="multiline_case" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.eradicate.html#multiline_case" /> <keyword name="mute_string" id="mute_string" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#mute_string" /> + <keyword name="namespacePathJoin" id="namespacePathJoin" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#namespacePathJoin" /> + <keyword name="namespacePathSplit" id="namespacePathSplit" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html#namespacePathSplit" /> <keyword name="normabsjoinpath" id="normabsjoinpath" ref="eric6.Utilities.__init__.html#normabsjoinpath" /> <keyword name="normabspath" id="normabspath" ref="eric6.Utilities.__init__.html#normabspath" /> <keyword name="normalizeCode" id="normalizeCode" ref="eric6.Plugins.CheckerPlugins.SyntaxChecker.SyntaxCheck.html#normalizeCode" /> @@ -17665,6 +17869,7 @@ <keyword name="sbsdiff" id="sbsdiff" ref="eric6.UI.CompareDialog.html#sbsdiff" /> <keyword name="schemeFromProxyType" id="schemeFromProxyType" ref="eric6.E5Network.E5NetworkProxyFactory.html#schemeFromProxyType" /> <keyword name="scrollToAnchor" id="scrollToAnchor" ref="eric6.WebBrowser.Tools.Scripts.html#scrollToAnchor" /> + <keyword name="securityOk" id="securityOk" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleChecker.html#securityOk" /> <keyword name="sendPostData" id="sendPostData" ref="eric6.WebBrowser.Tools.Scripts.html#sendPostData" /> <keyword name="sessionType" id="sessionType" ref="eric6.Globals.__init__.html#sessionType" /> <keyword name="setActions" id="setActions" ref="eric6.Preferences.Shortcuts.html#setActions" /> @@ -17724,6 +17929,7 @@ <keyword name="setupFormObserver" id="setupFormObserver" ref="eric6.WebBrowser.Tools.Scripts.html#setupFormObserver" /> <keyword name="setupWebChannel" id="setupWebChannel" ref="eric6.WebBrowser.Tools.Scripts.html#setupWebChannel" /> <keyword name="setupWindowObject" id="setupWindowObject" ref="eric6.WebBrowser.Tools.Scripts.html#setupWindowObject" /> + <keyword name="shannonEntropy" id="shannonEntropy" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.html#shannonEntropy" /> <keyword name="shelve (Module)" id="shelve (Module)" ref="eric6.Plugins.VcsPlugins.vcsMercurial.ShelveExtension.shelve.html" /> <keyword name="shouldResetLayout" id="shouldResetLayout" ref="eric6.Preferences.__init__.html#shouldResetLayout" /> <keyword name="shutilCopy" id="shutilCopy" ref="install-debugclients.html#shutilCopy" /> @@ -17733,6 +17939,7 @@ <keyword name="sort" id="sort" ref="eric6.Graphics.GraphicsUtilities.html#sort" /> <keyword name="speedString" id="speedString" ref="eric6.WebBrowser.Download.DownloadUtilities.html#speedString" /> <keyword name="splitPath" id="splitPath" ref="eric6.Utilities.__init__.html#splitPath" /> + <keyword name="sshNoHostKeyVerification (Module)" id="sshNoHostKeyVerification (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification.html" /> <keyword name="startDebugger" id="startDebugger" ref="eric6.DebugClients.Python.eric6dbgstub.html#startDebugger" /> <keyword name="startswithPath" id="startswithPath" ref="eric6.Utilities.__init__.html#startswithPath" /> <keyword name="stdin_get_value" id="stdin_get_value" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#stdin_get_value" /> @@ -17763,8 +17970,11 @@ <keyword name="toSecondLevelDomain" id="toSecondLevelDomain" ref="eric6.WebBrowser.AdBlock.AdBlockRule.html#toSecondLevelDomain" /> <keyword name="trailing_blank_lines" id="trailing_blank_lines" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#trailing_blank_lines" /> <keyword name="trailing_whitespace" id="trailing_whitespace" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#trailing_whitespace" /> + <keyword name="transform2call" id="transform2call" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html#transform2call" /> <keyword name="translate" id="translate" ref="eric6.Globals.__init__.html#translate" /> + <keyword name="translations (Module)" id="translations (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.translations.html" /> <keyword name="translations (Module)" id="translations (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations.html" /> + <keyword name="tryExcept (Module)" id="tryExcept (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.html" /> <keyword name="uiStartUp" id="uiStartUp" ref="eric6.eric6.html#uiStartUp" /> <keyword name="uic (Module)" id="uic (Module)" ref="eric6.Utilities.uic.html" /> <keyword name="unescape_uentities" id="unescape_uentities" ref="eric6.Utilities.__init__.html#unescape_uentities" /> @@ -17800,6 +18010,7 @@ <keyword name="version" id="version" ref="eric6.eric6_doc.html#version" /> <keyword name="versionToTuple" id="versionToTuple" ref="eric6.Globals.__init__.html#versionToTuple" /> <keyword name="warning" id="warning" ref="eric6.E5Gui.E5MessageBox.html#warning" /> + <keyword name="weakCryptographicKey (Module)" id="weakCryptographicKey (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.html" /> <keyword name="webBrowserSupport (Module)" id="webBrowserSupport (Module)" ref="eric6.Tools.webBrowserSupport.html" /> <keyword name="whitespace_around_comma" id="whitespace_around_comma" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#whitespace_around_comma" /> <keyword name="whitespace_around_keywords" id="whitespace_around_keywords" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html#whitespace_around_keywords" /> @@ -17832,6 +18043,7 @@ <keyword name="writePlist" id="writePlist" ref="eric6.Utilities.binplistlib.html#writePlist" /> <keyword name="writePlistToBytes" id="writePlistToBytes" ref="eric6.Utilities.binplistlib.html#writePlistToBytes" /> <keyword name="yamlCheckSyntax (Module)" id="yamlCheckSyntax (Module)" ref="eric6.Plugins.CheckerPlugins.SyntaxChecker.yamlCheckSyntax.html" /> + <keyword name="yamlLoad (Module)" id="yamlLoad (Module)" ref="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad.html" /> <keyword name="yamlSyntaxBatchCheck" id="yamlSyntaxBatchCheck" ref="eric6.Plugins.CheckerPlugins.SyntaxChecker.yamlCheckSyntax.html#yamlSyntaxBatchCheck" /> <keyword name="yamlSyntaxCheck" id="yamlSyntaxCheck" ref="eric6.Plugins.CheckerPlugins.SyntaxChecker.yamlCheckSyntax.html#yamlSyntaxCheck" /> <keyword name="yesNo" id="yesNo" ref="eric6.E5Gui.E5MessageBox.html#yesNo" /> @@ -18077,6 +18289,38 @@ <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.DocStyleChecker.html</file> <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.MiscellaneousChecker.html</file> <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.NamingStyleChecker.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.__init__.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityDefaults.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html</file> + <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.translations.html</file> <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.eradicate.html</file> <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.mccabe.html</file> <file>eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html</file> @@ -18908,6 +19152,8 @@ <file>index-eric6.PipInterface.html</file> <file>index-eric6.PluginManager.html</file> <file>index-eric6.Plugins.AboutPlugin.html</file> + <file>index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.html</file> + <file>index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.html</file> <file>index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.html</file> <file>index-eric6.Plugins.CheckerPlugins.SyntaxChecker.html</file> <file>index-eric6.Plugins.CheckerPlugins.Tabnanny.html</file>
--- a/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleChecker.html Tue Jun 16 20:01:18 2020 +0200 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleChecker.html Tue Jun 16 20:02:20 2020 +0200 @@ -48,6 +48,10 @@ <td>Private module function to perform the code style check and/or fix found errors.</td> </tr> <tr> +<td><a href="#__checkSyntax">__checkSyntax</a></td> +<td>Private module function to perform a syntax check.</td> +</tr> +<tr> <td><a href="#codeStyleBatchCheck">codeStyleBatchCheck</a></td> <td>Module function to check code style for a batch of files.</td> </tr> @@ -72,6 +76,10 @@ <td>Initialize the service and return the entry point.</td> </tr> <tr> +<td><a href="#securityOk">securityOk</a></td> +<td>Function to check, if the given code is an acknowledged security report.</td> +</tr> +<tr> <td><a href="#worker">worker</a></td> <td>Module function acting as the parallel worker for the style check.</td> </tr> @@ -192,8 +200,8 @@ excludeMessages, includeMessages, repeatMessages, fixCodes, noFixCodes, fixIssues, maxLineLength, maxDocLineLength, blankLines, hangClosing, docType, codeComplexityArgs, miscellaneousArgs, - annotationArgs, errors, eol, encoding, backup) - bool, str, dict, dict, list of str, str, str, bool) + annotationArgs, securityArgs, errors, eol, encoding, backup) + bool, str, dict, dict, dict, list of str, str, str, bool) </dd> </dl> <dl> @@ -224,6 +232,40 @@ <div align="right"><a href="#top">Up</a></div> <hr /> <hr /> +<a NAME="__checkSyntax" ID="__checkSyntax"></a> +<h2>__checkSyntax</h2> +<b>__checkSyntax</b>(<i>filename, source</i>) + +<p> + Private module function to perform a syntax check. +</p> +<dl> + +<dt><i>filename</i> (str)</dt> +<dd> +source filename +</dd> +<dt><i>source</i> (str)</dt> +<dd> +string containing the code to check +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +tuple containing the error dictionary with syntax error details + and a statistics dictionary or a tuple containing two None +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +tuple of (dict, dict) or tuple of (None, None) +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> <a NAME="codeStyleBatchCheck" ID="codeStyleBatchCheck"></a> <h2>codeStyleBatchCheck</h2> <b>codeStyleBatchCheck</b>(<i>argumentsList, send, fx, cancelled, maxProcesses=0</i>) @@ -403,6 +445,39 @@ <div align="right"><a href="#top">Up</a></div> <hr /> <hr /> +<a NAME="securityOk" ID="securityOk"></a> +<h2>securityOk</h2> +<b>securityOk</b>(<i>code, lineFlags</i>) + +<p> + Function to check, if the given code is an acknowledged security report. +</p> +<dl> + +<dt><i>code</i> (str)</dt> +<dd> +error code to be checked +</dd> +<dt><i>lineFlags</i> (list of str)</dt> +<dd> +list of line flags to check against +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating an acknowledged security report +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> <a NAME="worker" ID="worker"></a> <h2>worker</h2> <b>worker</b>(<i>inputQueue, outputQueue</i>)
--- a/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.html Tue Jun 16 20:01:18 2020 +0200 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.CodeStyleCheckerDialog.html Tue Jun 16 20:02:20 2020 +0200 @@ -57,7 +57,7 @@ <h3>Class Attributes</h3> <table> -<tr><td>argsRole</td></tr><tr><td>availableFutures</td></tr><tr><td>checkCategories</td></tr><tr><td>codeRole</td></tr><tr><td>filenameRole</td></tr><tr><td>fixableRole</td></tr><tr><td>hasResults</td></tr><tr><td>ignoredRole</td></tr><tr><td>lineRole</td></tr><tr><td>messageRole</td></tr><tr><td>noFiles</td></tr><tr><td>noResults</td></tr><tr><td>positionRole</td></tr> +<tr><td>argsRole</td></tr><tr><td>availableFutures</td></tr><tr><td>checkCategories</td></tr><tr><td>codeRole</td></tr><tr><td>cryptoBitSelectionsDsaRsa</td></tr><tr><td>cryptoBitSelectionsEc</td></tr><tr><td>filenameRole</td></tr><tr><td>fixableRole</td></tr><tr><td>hasResults</td></tr><tr><td>ignoredRole</td></tr><tr><td>lineRole</td></tr><tr><td>messageRole</td></tr><tr><td>noFiles</td></tr><tr><td>noResults</td></tr><tr><td>positionRole</td></tr> </table> <h3>Class Methods</h3> @@ -743,7 +743,7 @@ </dl> <a NAME="CodeStyleCheckerDialog.__updateStatistics" ID="CodeStyleCheckerDialog.__updateStatistics"></a> <h4>CodeStyleCheckerDialog.__updateStatistics</h4> -<b>__updateStatistics</b>(<i>statistics, fixer, ignoredErrors</i>) +<b>__updateStatistics</b>(<i>statistics, fixer, ignoredErrors, securityOk</i>) <p> Private method to update the collected statistics. @@ -763,6 +763,10 @@ <dd> number of ignored errors </dd> +<dt><i>securityOk</i> (int)</dt> +<dd> +number of acknowledged security reports +</dd> </dl> <a NAME="CodeStyleCheckerDialog.check" ID="CodeStyleCheckerDialog.check"></a> <h4>CodeStyleCheckerDialog.check</h4>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.__init__.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,76 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.__init__</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.__init__</h1> + +<p> +Package containing the various security checker modules. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#generateCheckersDict">generateCheckersDict</a></td> +<td>Function to generate the dictionary with checkers.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="generateCheckersDict" ID="generateCheckersDict"></a> +<h2>generateCheckersDict</h2> +<b>generateCheckersDict</b>(<i></i>) + +<p> + Function to generate the dictionary with checkers. +</p> +<p> + Checker modules are searched for inside this package. Each module + defining some checks must contain a function 'getChecks()' returning + a dictionary containing the check type as key and a list of tuples + with the check function and associated message codes. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing list of tuples with checker data +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert</h1> + +<p> +Module implementing a check for the use of 'assert'. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkAssertUsed">checkAssertUsed</a></td> +<td>Function to check for the use of 'assert'.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkAssertUsed" ID="checkAssertUsed"></a> +<h2>checkAssertUsed</h2> +<b>checkAssertUsed</b>(<i>reportError, context, config</i>) + +<p> + Function to check for the use of 'assert'. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,141 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword</h1> + +<p> +Module implementing checks for potentially hardcoded AWS passwords. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>AWS_ACCESS_KEY_ID_MAX_ENTROPY</td></tr><tr><td>AWS_ACCESS_KEY_ID_REGEX</td></tr><tr><td>AWS_ACCESS_KEY_ID_SYMBOLS</td></tr><tr><td>AWS_SECRET_ACCESS_KEY_MAX_ENTROPY</td></tr><tr><td>AWS_SECRET_ACCESS_KEY_REGEX</td></tr><tr><td>AWS_SECRET_ACCESS_KEY_SYMBOLS</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkHardcodedAwsKey">checkHardcodedAwsKey</a></td> +<td>Function to check for potentially hardcoded AWS passwords.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +<tr> +<td><a href="#shannonEntropy">shannonEntropy</a></td> +<td>Function to caclculate the Shannon entropy of some given data.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkHardcodedAwsKey" ID="checkHardcodedAwsKey"></a> +<h2>checkHardcodedAwsKey</h2> +<b>checkHardcodedAwsKey</b>(<i>reportError, context, config</i>) + +<p> + Function to check for potentially hardcoded AWS passwords. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="shannonEntropy" ID="shannonEntropy"></a> +<h2>shannonEntropy</h2> +<b>shannonEntropy</b>(<i>data, symbols</i>) + +<p> + Function to caclculate the Shannon entropy of some given data. +</p> +<p> + Source: + http://blog.dkbza.org/2007/05/scanning-data-for-entropy-anomalies.html +</p> +<dl> + +<dt><i>data</i> (str)</dt> +<dd> +data to calculate the entropy for +</dd> +<dt><i>symbols</i> (str)</dt> +<dd> +allowed symbols +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +Shannon entropy of the given data +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +float +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls</h1> + +<p> +Module implementing checks for blacklisted methods and functions. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>_blacklists</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkBlacklist">checkBlacklist</a></td> +<td>Function to check for blacklisted method calls.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkBlacklist" ID="checkBlacklist"></a> +<h2>checkBlacklist</h2> +<b>checkBlacklist</b>(<i>reportError, context, config</i>) + +<p> + Function to check for blacklisted method calls. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports</h1> + +<p> +Module implementing checks for blacklisted imports. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>_blacklists</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkBlacklist">checkBlacklist</a></td> +<td>Function to check for blacklisted method calls.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkBlacklist" ID="checkBlacklist"></a> +<h2>checkBlacklist</h2> +<b>checkBlacklist</b>(<i>reportError, context, config</i>) + +<p> + Function to check for blacklisted method calls. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation</h1> + +<p> +Module implementing checks for switched off certificate validation. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkNoCertificateValidation">checkNoCertificateValidation</a></td> +<td>Function to check for switched off certificate validation.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkNoCertificateValidation" ID="checkNoCertificateValidation"></a> +<h2>checkNoCertificateValidation</h2> +<b>checkNoCertificateValidation</b>(<i>reportError, context, config</i>) + +<p> + Function to check for switched off certificate validation. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,162 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection</h1> + +<p> +Module implementing checks for potential SQL injections risks. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkDjangoExtraUsed">checkDjangoExtraUsed</a></td> +<td>Function to check for potential SQL injection on extra function.</td> +</tr> +<tr> +<td><a href="#checkDjangoRawSqlUsed">checkDjangoRawSqlUsed</a></td> +<td>Function to check for potential SQL injection on RawSQL function.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +<tr> +<td><a href="#keywords2dict">keywords2dict</a></td> +<td>Function to extract keywords arguments into a dictionary.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkDjangoExtraUsed" ID="checkDjangoExtraUsed"></a> +<h2>checkDjangoExtraUsed</h2> +<b>checkDjangoExtraUsed</b>(<i>reportError, context, config</i>) + +<p> + Function to check for potential SQL injection on extra function. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkDjangoRawSqlUsed" ID="checkDjangoRawSqlUsed"></a> +<h2>checkDjangoRawSqlUsed</h2> +<b>checkDjangoRawSqlUsed</b>(<i>reportError, context, config</i>) + +<p> + Function to check for potential SQL injection on RawSQL function. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="keywords2dict" ID="keywords2dict"></a> +<h2>keywords2dict</h2> +<b>keywords2dict</b>(<i>keywords</i>) + +<p> + Function to extract keywords arguments into a dictionary. +</p> +<dl> + +<dt><i>keywords</i> (list of ast.keyword)</dt> +<dd> +list of keyword nodes +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +dictionary with keyword name and value +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,362 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability</h1> + +<p> +Module implementing checks for potential XSS vulnerability. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>PY2</td></tr> +</table> +<h3>Classes</h3> + +<table> + +<tr> +<td><a href="#DeepAssignation">DeepAssignation</a></td> +<td>Class to perform a deep analysis of an assign.</td> +</tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkDjangoXssVulnerability">checkDjangoXssVulnerability</a></td> +<td>Function to check for potential XSS vulnerability.</td> +</tr> +<tr> +<td><a href="#checkPotentialRisk">checkPotentialRisk</a></td> +<td>Function to check a given node for a potential XSS vulnerability.</td> +</tr> +<tr> +<td><a href="#evaluateCall">evaluateCall</a></td> +<td>Function to evaluate a call node for potential XSS vulnerability.</td> +</tr> +<tr> +<td><a href="#evaluateVar">evaluateVar</a></td> +<td>Function to evaluate a variable node for potential XSS vulnerability.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +<tr> +<td><a href="#transform2call">transform2call</a></td> +<td>Function to transform a variable node to a call node.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="DeepAssignation" ID="DeepAssignation"></a> +<h2>DeepAssignation</h2> + +<p> + Class to perform a deep analysis of an assign. +</p> +<h3>Derived from</h3> +object +<h3>Class Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Class Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Methods</h3> + +<table> + +<tr> +<td><a href="#DeepAssignation.__init__">DeepAssignation</a></td> +<td>Constructor</td> +</tr> +<tr> +<td><a href="#DeepAssignation.isAssigned">isAssigned</a></td> +<td>Public method to check assignment against a given node.</td> +</tr> +<tr> +<td><a href="#DeepAssignation.isAssignedIn">isAssignedIn</a></td> +<td>Public method to check, if the variable is assigned to.</td> +</tr> +</table> +<h3>Static Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> + +<a NAME="DeepAssignation.__init__" ID="DeepAssignation.__init__"></a> +<h4>DeepAssignation (Constructor)</h4> +<b>DeepAssignation</b>(<i>varName, ignoreNodes=None</i>) + +<p> + Constructor +</p> +<dl> + +<dt><i>varName</i> (str)</dt> +<dd> +name of the variable +</dd> +<dt><i>ignoreNodes</i> (list of ast.AST)</dt> +<dd> +list of nodes to ignore +</dd> +</dl> +<a NAME="DeepAssignation.isAssigned" ID="DeepAssignation.isAssigned"></a> +<h4>DeepAssignation.isAssigned</h4> +<b>isAssigned</b>(<i>node</i>) + +<p> + Public method to check assignment against a given node. +</p> +<dl> + +<dt><i>node</i> (ast.AST)</dt> +<dd> +node to check against +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating an assignement +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<a NAME="DeepAssignation.isAssignedIn" ID="DeepAssignation.isAssignedIn"></a> +<h4>DeepAssignation.isAssignedIn</h4> +<b>isAssignedIn</b>(<i>items</i>) + +<p> + Public method to check, if the variable is assigned to. +</p> +<dl> + +<dt><i>items</i> (list of ast.AST)</dt> +<dd> +list of nodes to check against +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +list of nodes assigned +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +list of ast.AST +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkDjangoXssVulnerability" ID="checkDjangoXssVulnerability"></a> +<h2>checkDjangoXssVulnerability</h2> +<b>checkDjangoXssVulnerability</b>(<i>reportError, context, config</i>) + +<p> + Function to check for potential XSS vulnerability. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkPotentialRisk" ID="checkPotentialRisk"></a> +<h2>checkPotentialRisk</h2> +<b>checkPotentialRisk</b>(<i>reportError, node</i>) + +<p> + Function to check a given node for a potential XSS vulnerability. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>node</i> (ast.Call)</dt> +<dd> +node to be checked +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="evaluateCall" ID="evaluateCall"></a> +<h2>evaluateCall</h2> +<b>evaluateCall</b>(<i>call, parent, ignoreNodes=None</i>) + +<p> + Function to evaluate a call node for potential XSS vulnerability. +</p> +<dl> + +<dt><i>call</i> (ast.Call)</dt> +<dd> +call node to be checked +</dd> +<dt><i>parent</i> (ast.AST)</dt> +<dd> +parent node +</dd> +<dt><i>ignoreNodes</i> (list of ast.AST)</dt> +<dd> +list of nodes to ignore +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating a secure evaluation +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="evaluateVar" ID="evaluateVar"></a> +<h2>evaluateVar</h2> +<b>evaluateVar</b>(<i>xssVar, parent, until, ignoreNodes=None</i>) + +<p> + Function to evaluate a variable node for potential XSS vulnerability. +</p> +<dl> + +<dt><i>xssVar</i> (ast.Name)</dt> +<dd> +variable node to be checked +</dd> +<dt><i>parent</i> (ast.AST)</dt> +<dd> +parent node +</dd> +<dt><i>until</i> (int)</dt> +<dd> +end line number to evaluate variable against +</dd> +<dt><i>ignoreNodes</i> (list of ast.AST)</dt> +<dd> +list of nodes to ignore +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating a secure evaluation +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="transform2call" ID="transform2call"></a> +<h2>transform2call</h2> +<b>transform2call</b>(<i>var</i>) + +<p> + Function to transform a variable node to a call node. +</p> +<dl> + +<dt><i>var</i> (ast.BinOp)</dt> +<dd> +variable node +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +call node +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +ast.Call +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec</h1> + +<p> +Module implementing a check for the use of 'exec'. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkExecUsed">checkExecUsed</a></td> +<td>Function to check for the use of 'exec'.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkExecUsed" ID="checkExecUsed"></a> +<h2>checkExecUsed</h2> +<b>checkExecUsed</b>(<i>reportError, context, config</i>) + +<p> + Function to check for the use of 'exec'. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug</h1> + +<p> +Module implementing checks for running a flask application with enabled debug. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkFlaskDebug">checkFlaskDebug</a></td> +<td>Function to check for a flask app being run with debug.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkFlaskDebug" ID="checkFlaskDebug"></a> +<h2>checkFlaskDebug</h2> +<b>checkFlaskDebug</b>(<i>reportError, context, config</i>) + +<p> + Function to check for a flask app being run with debug. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces</h1> + +<p> +Module implementing a check for binding to all interfaces. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkBindAllInterfaces">checkBindAllInterfaces</a></td> +<td>Function to check for binding to all interfaces.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkBindAllInterfaces" ID="checkBindAllInterfaces"></a> +<h2>checkBindAllInterfaces</h2> +<b>checkBindAllInterfaces</b>(<i>reportError, context, config</i>) + +<p> + Function to check for binding to all interfaces. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions</h1> + +<p> +Module implementing a check for setting too permissive file permissions. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkFilePermissions">checkFilePermissions</a></td> +<td>Function to check for setting too permissive file permissions.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkFilePermissions" ID="checkFilePermissions"></a> +<h2>checkFilePermissions</h2> +<b>checkFilePermissions</b>(<i>reportError, context, config</i>) + +<p> + Function to check for setting too permissive file permissions. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,158 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword</h1> + +<p> +Module implementing checks for potentially hardcoded passwords. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>RE_CANDIDATES</td></tr><tr><td>RE_WORDS</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkHardcodedPasswordAsDefault">checkHardcodedPasswordAsDefault</a></td> +<td>Function to check for use of hard-coded password argument defaults.</td> +</tr> +<tr> +<td><a href="#checkHardcodedPasswordAsFunctionArg">checkHardcodedPasswordAsFunctionArg</a></td> +<td>Function to check for use of hard-coded password function arguments.</td> +</tr> +<tr> +<td><a href="#checkHardcodedPasswordAsString">checkHardcodedPasswordAsString</a></td> +<td>Function to check for use of hardcoded password strings.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkHardcodedPasswordAsDefault" ID="checkHardcodedPasswordAsDefault"></a> +<h2>checkHardcodedPasswordAsDefault</h2> +<b>checkHardcodedPasswordAsDefault</b>(<i>reportError, context, config</i>) + +<p> + Function to check for use of hard-coded password argument defaults. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkHardcodedPasswordAsFunctionArg" ID="checkHardcodedPasswordAsFunctionArg"></a> +<h2>checkHardcodedPasswordAsFunctionArg</h2> +<b>checkHardcodedPasswordAsFunctionArg</b>(<i>reportError, context, config</i>) + +<p> + Function to check for use of hard-coded password function arguments. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkHardcodedPasswordAsString" ID="checkHardcodedPasswordAsString"></a> +<h2>checkHardcodedPasswordAsString</h2> +<b>checkHardcodedPasswordAsString</b>(<i>reportError, context, config</i>) + +<p> + Function to check for use of hardcoded password strings. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp</h1> + +<p> +Module implementing a check for insecure usage of tmp file/directory. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkHardcodedTmpDirectory">checkHardcodedTmpDirectory</a></td> +<td>Function to check for insecure usage of tmp file/directory.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkHardcodedTmpDirectory" ID="checkHardcodedTmpDirectory"></a> +<h2>checkHardcodedTmpDirectory</h2> +<b>checkHardcodedTmpDirectory</b>(<i>reportError, context, config</i>) + +<p> + Function to check for insecure usage of tmp file/directory. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko</h1> + +<p> +Module implementing a check for shell injection within Paramiko. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkParamikoCalls">checkParamikoCalls</a></td> +<td>Function to check for shell injection within Paramiko.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkParamikoCalls" ID="checkParamikoCalls"></a> +<h2>checkParamikoCalls</h2> +<b>checkParamikoCalls</b>(<i>reportError, context, config</i>) + +<p> + Function to check for shell injection within Paramiko. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,312 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell</h1> + +<p> +Module implementing a check for shell injection. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>fullPathMatchRe</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#_evaluateShellCall">_evaluateShellCall</a></td> +<td>Function to determine the severity of a shell call.</td> +</tr> +<tr> +<td><a href="#checkOtherFunctionWithShell">checkOtherFunctionWithShell</a></td> +<td>Function to check for any function with shell equals true.</td> +</tr> +<tr> +<td><a href="#checkStartProcessWithNoShell">checkStartProcessWithNoShell</a></td> +<td>Function to check for starting a process with no shell.</td> +</tr> +<tr> +<td><a href="#checkStartProcessWithPartialPath">checkStartProcessWithPartialPath</a></td> +<td>Function to check for starting a process with no shell.</td> +</tr> +<tr> +<td><a href="#checkStartProcessWithShell">checkStartProcessWithShell</a></td> +<td>Function to check for starting a process with a shell.</td> +</tr> +<tr> +<td><a href="#checkSubprocessPopenWithShell">checkSubprocessPopenWithShell</a></td> +<td>Function to check for use of popen with shell equals true.</td> +</tr> +<tr> +<td><a href="#checkSubprocessPopenWithoutShell">checkSubprocessPopenWithoutShell</a></td> +<td>Function to check for use of popen without shell equals true.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +<tr> +<td><a href="#hasShell">hasShell</a></td> +<td>Function to check, if the node of the context contains the shell keyword.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="_evaluateShellCall" ID="_evaluateShellCall"></a> +<h2>_evaluateShellCall</h2> +<b>_evaluateShellCall</b>(<i>context</i>) + +<p> + Function to determine the severity of a shell call. +</p> +<dl> + +<dt><i>context</i> (SecurityContext)</dt> +<dd> +context to be inspected +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +severity level (L, M or H) +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkOtherFunctionWithShell" ID="checkOtherFunctionWithShell"></a> +<h2>checkOtherFunctionWithShell</h2> +<b>checkOtherFunctionWithShell</b>(<i>reportError, context, config</i>) + +<p> + Function to check for any function with shell equals true. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkStartProcessWithNoShell" ID="checkStartProcessWithNoShell"></a> +<h2>checkStartProcessWithNoShell</h2> +<b>checkStartProcessWithNoShell</b>(<i>reportError, context, config</i>) + +<p> + Function to check for starting a process with no shell. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkStartProcessWithPartialPath" ID="checkStartProcessWithPartialPath"></a> +<h2>checkStartProcessWithPartialPath</h2> +<b>checkStartProcessWithPartialPath</b>(<i>reportError, context, config</i>) + +<p> + Function to check for starting a process with no shell. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkStartProcessWithShell" ID="checkStartProcessWithShell"></a> +<h2>checkStartProcessWithShell</h2> +<b>checkStartProcessWithShell</b>(<i>reportError, context, config</i>) + +<p> + Function to check for starting a process with a shell. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkSubprocessPopenWithShell" ID="checkSubprocessPopenWithShell"></a> +<h2>checkSubprocessPopenWithShell</h2> +<b>checkSubprocessPopenWithShell</b>(<i>reportError, context, config</i>) + +<p> + Function to check for use of popen with shell equals true. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkSubprocessPopenWithoutShell" ID="checkSubprocessPopenWithoutShell"></a> +<h2>checkSubprocessPopenWithoutShell</h2> +<b>checkSubprocessPopenWithoutShell</b>(<i>reportError, context, config</i>) + +<p> + Function to check for use of popen without shell equals true. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="hasShell" ID="hasShell"></a> +<h2>hasShell</h2> +<b>hasShell</b>(<i>context</i>) + +<p> + Function to check, if the node of the context contains the shell keyword. +</p> +<dl> + +<dt><i>context</i> (SecurityContext)</dt> +<dd> +context to be inspected +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +tuple containing a flag indicating the presence of the 'shell' + argument and flag indicating the value of the 'shell' argument +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +tuple of (bool, bool) +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,167 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql</h1> + +<p> +Module implementing a check for SQL injection. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>SIMPLE_SQL_RE</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#_checkString">_checkString</a></td> +<td>Function to check a given string against the list of search patterns.</td> +</tr> +<tr> +<td><a href="#_evaluateAst">_evaluateAst</a></td> +<td>Function to analyze the given ast node.</td> +</tr> +<tr> +<td><a href="#checkHardcodedSqlExpressions">checkHardcodedSqlExpressions</a></td> +<td>Function to check for SQL injection.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="_checkString" ID="_checkString"></a> +<h2>_checkString</h2> +<b>_checkString</b>(<i>data</i>) + +<p> + Function to check a given string against the list of search patterns. +</p> +<dl> + +<dt><i>data</i> (str)</dt> +<dd> +string data to be checked +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating a match +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="_evaluateAst" ID="_evaluateAst"></a> +<h2>_evaluateAst</h2> +<b>_evaluateAst</b>(<i>node</i>) + +<p> + Function to analyze the given ast node. +</p> +<dl> + +<dt><i>node</i> (ast.Str)</dt> +<dd> +ast node to be analyzed +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +tuple containing a flag indicating an execute call and + the resulting statement +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +tuple of (bool, str) +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkHardcodedSqlExpressions" ID="checkHardcodedSqlExpressions"></a> +<h2>checkHardcodedSqlExpressions</h2> +<b>checkHardcodedSqlExpressions</b>(<i>reportError, context, config</i>) + +<p> + Function to check for SQL injection. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard</h1> + +<p> +Module implementing a check for use of wildcard injection. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkLinuxCommandsWildcardInjection">checkLinuxCommandsWildcardInjection</a></td> +<td>Function to check for use of wildcard injection.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkLinuxCommandsWildcardInjection" ID="checkLinuxCommandsWildcardInjection"></a> +<h2>checkLinuxCommandsWildcardInjection</h2> +<b>checkLinuxCommandsWildcardInjection</b>(<i>reportError, context, config</i>) + +<p> + Function to check for use of wildcard injection. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,102 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew</h1> + +<p> +Module implementing a check for use of insecure md4, md5, or sha1 hash +functions in hashlib.new(). +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkHashlibNew">checkHashlibNew</a></td> +<td>Function to check for use of insecure md4, md5, or sha1 hash functions in hashlib.new().</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkHashlibNew" ID="checkHashlibNew"></a> +<h2>checkHashlibNew</h2> +<b>checkHashlibNew</b>(<i>reportError, context, config</i>) + +<p> + Function to check for use of insecure md4, md5, or sha1 hash functions + in hashlib.new(). +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,158 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls</h1> + +<p> +Module implementing a check for use of SSL/TLS with insecure protocols. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkInsecureSslDefaults">checkInsecureSslDefaults</a></td> +<td>Function to check for SSL use with insecure defaults specified.</td> +</tr> +<tr> +<td><a href="#checkInsecureSslProtocolVersion">checkInsecureSslProtocolVersion</a></td> +<td>Function to check for use of insecure SSL protocol version.</td> +</tr> +<tr> +<td><a href="#checkSslWithoutVersion">checkSslWithoutVersion</a></td> +<td>Function to check for SSL use with no version specified.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkInsecureSslDefaults" ID="checkInsecureSslDefaults"></a> +<h2>checkInsecureSslDefaults</h2> +<b>checkInsecureSslDefaults</b>(<i>reportError, context, config</i>) + +<p> + Function to check for SSL use with insecure defaults specified. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkInsecureSslProtocolVersion" ID="checkInsecureSslProtocolVersion"></a> +<h2>checkInsecureSslProtocolVersion</h2> +<b>checkInsecureSslProtocolVersion</b>(<i>reportError, context, config</i>) + +<p> + Function to check for use of insecure SSL protocol version. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkSslWithoutVersion" ID="checkSslWithoutVersion"></a> +<h2>checkSslWithoutVersion</h2> +<b>checkSslWithoutVersion</b>(<i>reportError, context, config</i>) + +<p> + Function to check for SSL use with no version specified. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates</h1> + +<p> +Module implementing a check for not auto escaping in jinja2. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkJinja2Autoescape">checkJinja2Autoescape</a></td> +<td>Function to check for not auto escaping in jinja2.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkJinja2Autoescape" ID="checkJinja2Autoescape"></a> +<h2>checkJinja2Autoescape</h2> +<b>checkJinja2Autoescape</b>(<i>reportError, context, config</i>) + +<p> + Function to check for not auto escaping in jinja2. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates</h1> + +<p> +Module implementing a check for use of mako templates. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkMakoTemplateUsage">checkMakoTemplateUsage</a></td> +<td>Function to check for use of mako templates.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkMakoTemplateUsage" ID="checkMakoTemplateUsage"></a> +<h2>checkMakoTemplateUsage</h2> +<b>checkMakoTemplateUsage</b>(<i>reportError, context, config</i>) + +<p> + Function to check for use of mako templates. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification</h1> + +<p> +Module implementing a check for use of mako templates. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkSshNoHostKeyVerification">checkSshNoHostKeyVerification</a></td> +<td>Function to check for use of mako templates.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkSshNoHostKeyVerification" ID="checkSshNoHostKeyVerification"></a> +<h2>checkSshNoHostKeyVerification</h2> +<b>checkSshNoHostKeyVerification</b>(<i>reportError, context, config</i>) + +<p> + Function to check for use of mako templates. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,129 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept</h1> + +<p> +Module implementing checks for insecure except blocks. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkTryExceptContinue">checkTryExceptContinue</a></td> +<td>Function to check for a continue in the except block.</td> +</tr> +<tr> +<td><a href="#checkTryExceptPass">checkTryExceptPass</a></td> +<td>Function to check for a pass in the except block.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkTryExceptContinue" ID="checkTryExceptContinue"></a> +<h2>checkTryExceptContinue</h2> +<b>checkTryExceptContinue</b>(<i>reportError, context, config</i>) + +<p> + Function to check for a continue in the except block. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkTryExceptPass" ID="checkTryExceptPass"></a> +<h2>checkTryExceptPass</h2> +<b>checkTryExceptPass</b>(<i>reportError, context, config</i>) + +<p> + Function to check for a pass in the except block. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,231 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey</h1> + +<p> +Module implementing checks for weak cryptographic key use. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#_classifyKeySize">_classifyKeySize</a></td> +<td>Function to classify a key and report an error if insufficient.</td> +</tr> +<tr> +<td><a href="#_weakCryptoKeySizeCryptography">_weakCryptoKeySizeCryptography</a></td> +<td>Function to check 'cryptography.hazmat' for weak key use.</td> +</tr> +<tr> +<td><a href="#_weakCryptoKeySizePycrypto">_weakCryptoKeySizePycrypto</a></td> +<td>Function to check 'pycrypto' for weak key use.</td> +</tr> +<tr> +<td><a href="#checkWeakCryptographicKey">checkWeakCryptographicKey</a></td> +<td>Function to check for weak cryptographic key use.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="_classifyKeySize" ID="_classifyKeySize"></a> +<h2>_classifyKeySize</h2> +<b>_classifyKeySize</b>(<i>reportError, config, keyType, keySize, node</i>) + +<p> + Function to classify a key and report an error if insufficient. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +<dt><i>keyType</i> (str)</dt> +<dd> +type of key to be classified ('DSA', 'RSA', 'EC') +</dd> +<dt><i>keySize</i> (int)</dt> +<dd> +size of the key to be classified +</dd> +<dt><i>node</i> (ast.Call)</dt> +<dd> +node the key was extracted from (needed for reporting) +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating an error was reported +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="_weakCryptoKeySizeCryptography" ID="_weakCryptoKeySizeCryptography"></a> +<h2>_weakCryptoKeySizeCryptography</h2> +<b>_weakCryptoKeySizeCryptography</b>(<i>reportError, context, config</i>) + +<p> + Function to check 'cryptography.hazmat' for weak key use. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating an error was reported +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="_weakCryptoKeySizePycrypto" ID="_weakCryptoKeySizePycrypto"></a> +<h2>_weakCryptoKeySizePycrypto</h2> +<b>_weakCryptoKeySizePycrypto</b>(<i>reportError, context, config</i>) + +<p> + Function to check 'pycrypto' for weak key use. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating an error was reported +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="checkWeakCryptographicKey" ID="checkWeakCryptographicKey"></a> +<h2>checkWeakCryptographicKey</h2> +<b>checkWeakCryptographicKey</b>(<i>reportError, context, config</i>) + +<p> + Function to check for weak cryptographic key use. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,100 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad</h1> + +<p> +Module implementing checks for the use of yaml load functions. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#checkYamlLoad">checkYamlLoad</a></td> +<td>Function to check for the use of of yaml load functions.</td> +</tr> +<tr> +<td><a href="#getChecks">getChecks</a></td> +<td>Public method to get a dictionary with checks handled by this module.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="checkYamlLoad" ID="checkYamlLoad"></a> +<h2>checkYamlLoad</h2> +<b>checkYamlLoad</b>(<i>reportError, context, config</i>) + +<p> + Function to check for the use of of yaml load functions. +</p> +<dl> + +<dt><i>reportError</i> (func)</dt> +<dd> +function to be used to report errors +</dd> +<dt><i>context</i> (SecurityContext)</dt> +<dd> +security context object +</dd> +<dt><i>config</i> (dict)</dt> +<dd> +dictionary with configuration data +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getChecks" ID="getChecks"></a> +<h2>getChecks</h2> +<b>getChecks</b>(<i></i>) + +<p> + Public method to get a dictionary with checks handled by this module. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing checker lists containing checker function and + list of codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,261 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker</h1> + +<p> +Module implementing the security checker. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> + +<tr> +<td><a href="#SecurityChecker">SecurityChecker</a></td> +<td>Class implementing a checker for security issues.</td> +</tr> +</table> +<h3>Functions</h3> + +<table> +<tr><td>None</td></tr> +</table> +<hr /> +<hr /> +<a NAME="SecurityChecker" ID="SecurityChecker"></a> +<h2>SecurityChecker</h2> + +<p> + Class implementing a checker for security issues. +</p> +<h3>Derived from</h3> +object +<h3>Class Attributes</h3> + +<table> +<tr><td>Codes</td></tr> +</table> +<h3>Class Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Methods</h3> + +<table> + +<tr> +<td><a href="#SecurityChecker.__init__">SecurityChecker</a></td> +<td>Constructor</td> +</tr> +<tr> +<td><a href="#SecurityChecker.__generateTree">__generateTree</a></td> +<td>Private method to generate an AST for our source.</td> +</tr> +<tr> +<td><a href="#SecurityChecker.__ignoreCode">__ignoreCode</a></td> +<td>Private method to check if the message code should be ignored.</td> +</tr> +<tr> +<td><a href="#SecurityChecker.__reportInvalidSyntax">__reportInvalidSyntax</a></td> +<td>Private method to report a syntax error.</td> +</tr> +<tr> +<td><a href="#SecurityChecker.getConfig">getConfig</a></td> +<td>Public method to get the configuration dictionary.</td> +</tr> +<tr> +<td><a href="#SecurityChecker.reportError">reportError</a></td> +<td>Public method to record an issue.</td> +</tr> +<tr> +<td><a href="#SecurityChecker.run">run</a></td> +<td>Public method to check the given source against security related conditions.</td> +</tr> +</table> +<h3>Static Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> + +<a NAME="SecurityChecker.__init__" ID="SecurityChecker.__init__"></a> +<h4>SecurityChecker (Constructor)</h4> +<b>SecurityChecker</b>(<i>source, filename, select, ignore, expected, repeat, args</i>) + +<p> + Constructor +</p> +<dl> + +<dt><i>source</i> (list of str)</dt> +<dd> +source code to be checked +</dd> +<dt><i>filename</i> (str)</dt> +<dd> +name of the source file +</dd> +<dt><i>select</i> (list of str)</dt> +<dd> +list of selected codes +</dd> +<dt><i>ignore</i> (list of str)</dt> +<dd> +list of codes to be ignored +</dd> +<dt><i>expected</i> (list of str)</dt> +<dd> +list of expected codes +</dd> +<dt><i>repeat</i> (bool)</dt> +<dd> +flag indicating to report each occurrence of a code +</dd> +<dt><i>args</i> (dict)</dt> +<dd> +dictionary of arguments for the security checks +</dd> +</dl> +<a NAME="SecurityChecker.__generateTree" ID="SecurityChecker.__generateTree"></a> +<h4>SecurityChecker.__generateTree</h4> +<b>__generateTree</b>(<i></i>) + +<p> + Private method to generate an AST for our source. +</p> +<dl> +<dt>Returns:</dt> +<dd> +generated AST +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +ast.AST +</dd> +</dl> +<a NAME="SecurityChecker.__ignoreCode" ID="SecurityChecker.__ignoreCode"></a> +<h4>SecurityChecker.__ignoreCode</h4> +<b>__ignoreCode</b>(<i>code</i>) + +<p> + Private method to check if the message code should be ignored. +</p> +<dl> + +<dt><i>code</i> (str)</dt> +<dd> +message code to check for +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating to ignore the given code +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<a NAME="SecurityChecker.__reportInvalidSyntax" ID="SecurityChecker.__reportInvalidSyntax"></a> +<h4>SecurityChecker.__reportInvalidSyntax</h4> +<b>__reportInvalidSyntax</b>(<i></i>) + +<p> + Private method to report a syntax error. +</p> +<a NAME="SecurityChecker.getConfig" ID="SecurityChecker.getConfig"></a> +<h4>SecurityChecker.getConfig</h4> +<b>getConfig</b>(<i></i>) + +<p> + Public method to get the configuration dictionary. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary containing the configuration +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<a NAME="SecurityChecker.reportError" ID="SecurityChecker.reportError"></a> +<h4>SecurityChecker.reportError</h4> +<b>reportError</b>(<i>lineNumber, offset, code, severity, confidence, *args</i>) + +<p> + Public method to record an issue. +</p> +<dl> + +<dt><i>lineNumber</i> (int)</dt> +<dd> +line number of the issue +</dd> +<dt><i>offset</i> (int)</dt> +<dd> +position within line of the issue +</dd> +<dt><i>code</i> (str)</dt> +<dd> +message code +</dd> +<dt><i>severity</i> (str)</dt> +<dd> +severity code (H = high, M = medium, L = low, + U = undefined) +</dd> +<dt><i>confidence</i> (str)</dt> +<dd> +confidence code (H = high, M = medium, L = low, + U = undefined) +</dd> +<dt><i>args</i> (list)</dt> +<dd> +arguments for the message +</dd> +</dl> +<a NAME="SecurityChecker.run" ID="SecurityChecker.run"></a> +<h4>SecurityChecker.run</h4> +<b>run</b>(<i></i>) + +<p> + Public method to check the given source against security related + conditions. +</p> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,670 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext</h1> + +<p> +Module implementing a context class for security related checks. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> + +<tr> +<td><a href="#SecurityContext">SecurityContext</a></td> +<td>Class implementing a context class for security related checks.</td> +</tr> +</table> +<h3>Functions</h3> + +<table> +<tr><td>None</td></tr> +</table> +<hr /> +<hr /> +<a NAME="SecurityContext" ID="SecurityContext"></a> +<h2>SecurityContext</h2> + +<p> + Class implementing a context class for security related checks. +</p> +<h3>Derived from</h3> +object +<h3>Class Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Class Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Methods</h3> + +<table> + +<tr> +<td><a href="#SecurityContext.__init__">SecurityContext</a></td> +<td>Constructor</td> +</tr> +<tr> +<td><a href="#SecurityContext.__getLiteralValue">__getLiteralValue</a></td> +<td>Private method to turn AST literals into native Python types.</td> +</tr> +<tr> +<td><a href="#SecurityContext.__repr__">__repr__</a></td> +<td>Special method to generate representation of object for printing or interactive use.</td> +</tr> +<tr> +<td><a href="#SecurityContext.bytesVal">bytesVal</a></td> +<td>Public method to get the value of a standalone bytes object.</td> +</tr> +<tr> +<td><a href="#SecurityContext.callArgs">callArgs</a></td> +<td>Public method to get a list of function args.</td> +</tr> +<tr> +<td><a href="#SecurityContext.callArgsCount">callArgsCount</a></td> +<td>Public method to get the number of args a function call has.</td> +</tr> +<tr> +<td><a href="#SecurityContext.callFunctionName">callFunctionName</a></td> +<td>Public method to get the name (not FQ) of a function call.</td> +</tr> +<tr> +<td><a href="#SecurityContext.callFunctionNameQual">callFunctionNameQual</a></td> +<td>Public method to get the FQ name of a function call.</td> +</tr> +<tr> +<td><a href="#SecurityContext.callKeywords">callKeywords</a></td> +<td>Public method to get a dictionary of keyword parameters.</td> +</tr> +<tr> +<td><a href="#SecurityContext.checkCallArgValue">checkCallArgValue</a></td> +<td>Public method to check for a value of a named argument in a function call.</td> +</tr> +<tr> +<td><a href="#SecurityContext.functionDefDefaultsQual">functionDefDefaultsQual</a></td> +<td>Public method to get a list of fully qualified default values in a function def.</td> +</tr> +<tr> +<td><a href="#SecurityContext.getCallArgAtPosition">getCallArgAtPosition</a></td> +<td>Public method to get a positional argument at the specified position (if it exists).</td> +</tr> +<tr> +<td><a href="#SecurityContext.getCallArgValue">getCallArgValue</a></td> +<td>Public method to get the value of a named argument in a function call.</td> +</tr> +<tr> +<td><a href="#SecurityContext.getLinenoForCallArg">getLinenoForCallArg</a></td> +<td>Public method to get the line number for a specific named argument.</td> +</tr> +<tr> +<td><a href="#SecurityContext.getOffsetForCallArg">getOffsetForCallArg</a></td> +<td>Public method to get the offset for a specific named argument.</td> +</tr> +<tr> +<td><a href="#SecurityContext.isModuleBeingImported">isModuleBeingImported</a></td> +<td>Public method to check for the given module is currently being imported.</td> +</tr> +<tr> +<td><a href="#SecurityContext.isModuleImportedExact">isModuleImportedExact</a></td> +<td>Public method to check if a given module has been imported; only exact matches.</td> +</tr> +<tr> +<td><a href="#SecurityContext.isModuleImportedLike">isModuleImportedLike</a></td> +<td>Public method to check if a given module has been imported; given module exists.</td> +</tr> +<tr> +<td><a href="#SecurityContext.node">node</a></td> +<td>Public method to get the raw AST node associated with the context.</td> +</tr> +<tr> +<td><a href="#SecurityContext.statement">statement</a></td> +<td>Public method to get the raw AST for the current statement.</td> +</tr> +<tr> +<td><a href="#SecurityContext.stringVal">stringVal</a></td> +<td>Public method to get the value of a standalone unicode or string object.</td> +</tr> +<tr> +<td><a href="#SecurityContext.stringValAsEscapedBytes">stringValAsEscapedBytes</a></td> +<td>Public method to get the escaped value of the object.</td> +</tr> +</table> +<h3>Static Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> + +<a NAME="SecurityContext.__init__" ID="SecurityContext.__init__"></a> +<h4>SecurityContext (Constructor)</h4> +<b>SecurityContext</b>(<i>contextObject=None</i>) + +<p> + Constructor +</p> +<p> + Initialize the class with a context dictionary or an empty + dictionary. +</p> +<dl> + +<dt><i>contextObject</i> (dict)</dt> +<dd> +context dictionary to be used to populate the + class +</dd> +</dl> +<a NAME="SecurityContext.__getLiteralValue" ID="SecurityContext.__getLiteralValue"></a> +<h4>SecurityContext.__getLiteralValue</h4> +<b>__getLiteralValue</b>(<i>literal</i>) + +<p> + Private method to turn AST literals into native Python types. +</p> +<dl> + +<dt><i>literal</i> (ast.AST)</dt> +<dd> +AST literal to be converted +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +converted Python object +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +Any +</dd> +</dl> +<a NAME="SecurityContext.__repr__" ID="SecurityContext.__repr__"></a> +<h4>SecurityContext.__repr__</h4> +<b>__repr__</b>(<i></i>) + +<p> + Special method to generate representation of object for printing or + interactive use. +</p> +<dl> +<dt>Returns:</dt> +<dd> +string representation of the object +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<a NAME="SecurityContext.bytesVal" ID="SecurityContext.bytesVal"></a> +<h4>SecurityContext.bytesVal</h4> +<b>bytesVal</b>(<i></i>) + +<p> + Public method to get the value of a standalone bytes object. +</p> +<dl> +<dt>Returns:</dt> +<dd> +value of a standalone bytes object +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bytes +</dd> +</dl> +<a NAME="SecurityContext.callArgs" ID="SecurityContext.callArgs"></a> +<h4>SecurityContext.callArgs</h4> +<b>callArgs</b>(<i></i>) + +<p> + Public method to get a list of function args. +</p> +<dl> +<dt>Returns:</dt> +<dd> +list of function args +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +list +</dd> +</dl> +<a NAME="SecurityContext.callArgsCount" ID="SecurityContext.callArgsCount"></a> +<h4>SecurityContext.callArgsCount</h4> +<b>callArgsCount</b>(<i></i>) + +<p> + Public method to get the number of args a function call has. +</p> +<dl> +<dt>Returns:</dt> +<dd> +number of args a function call has +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +int +</dd> +</dl> +<a NAME="SecurityContext.callFunctionName" ID="SecurityContext.callFunctionName"></a> +<h4>SecurityContext.callFunctionName</h4> +<b>callFunctionName</b>(<i></i>) + +<p> + Public method to get the name (not FQ) of a function call. +</p> +<dl> +<dt>Returns:</dt> +<dd> +name (not FQ) of a function call +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<a NAME="SecurityContext.callFunctionNameQual" ID="SecurityContext.callFunctionNameQual"></a> +<h4>SecurityContext.callFunctionNameQual</h4> +<b>callFunctionNameQual</b>(<i></i>) + +<p> + Public method to get the FQ name of a function call. +</p> +<dl> +<dt>Returns:</dt> +<dd> +FQ name of a function call +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<a NAME="SecurityContext.callKeywords" ID="SecurityContext.callKeywords"></a> +<h4>SecurityContext.callKeywords</h4> +<b>callKeywords</b>(<i></i>) + +<p> + Public method to get a dictionary of keyword parameters. +</p> +<dl> +<dt>Returns:</dt> +<dd> +dictionary of keyword parameters +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +dict +</dd> +</dl> +<a NAME="SecurityContext.checkCallArgValue" ID="SecurityContext.checkCallArgValue"></a> +<h4>SecurityContext.checkCallArgValue</h4> +<b>checkCallArgValue</b>(<i>argumentName, argumentValues=None</i>) + +<p> + Public method to check for a value of a named argument in a function + call. +</p> +<dl> + +<dt><i>argumentName</i> (str)</dt> +<dd> +name of the argument to be checked +</dd> +<dt><i>argumentValues</i> (Any or list of Any)</dt> +<dd> +value or list of values to test against +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +True if argument found and matched, False if found and not + matched, None if argument not found at all +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool or None +</dd> +</dl> +<a NAME="SecurityContext.functionDefDefaultsQual" ID="SecurityContext.functionDefDefaultsQual"></a> +<h4>SecurityContext.functionDefDefaultsQual</h4> +<b>functionDefDefaultsQual</b>(<i></i>) + +<p> + Public method to get a list of fully qualified default values in a + function def. +</p> +<dl> +<dt>Returns:</dt> +<dd> +list of fully qualified default values in a function def +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +list +</dd> +</dl> +<a NAME="SecurityContext.getCallArgAtPosition" ID="SecurityContext.getCallArgAtPosition"></a> +<h4>SecurityContext.getCallArgAtPosition</h4> +<b>getCallArgAtPosition</b>(<i>positionNum</i>) + +<p> + Public method to get a positional argument at the specified position + (if it exists). +</p> +<dl> + +<dt><i>positionNum</i> (int)</dt> +<dd> +index of the argument to get the value for +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +value of the argument at the specified position if it exists +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +Any or None +</dd> +</dl> +<a NAME="SecurityContext.getCallArgValue" ID="SecurityContext.getCallArgValue"></a> +<h4>SecurityContext.getCallArgValue</h4> +<b>getCallArgValue</b>(<i>argumentName</i>) + +<p> + Public method to get the value of a named argument in a function call. +</p> +<dl> + +<dt><i>argumentName</i> (str)</dt> +<dd> +name of the argument to get the value for +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +value of the named argument +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +Any +</dd> +</dl> +<a NAME="SecurityContext.getLinenoForCallArg" ID="SecurityContext.getLinenoForCallArg"></a> +<h4>SecurityContext.getLinenoForCallArg</h4> +<b>getLinenoForCallArg</b>(<i>argumentName</i>) + +<p> + Public method to get the line number for a specific named argument. +</p> +<dl> + +<dt><i>argumentName</i> (str)</dt> +<dd> +name of the argument to get the line number for +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +line number of the found argument or -1 +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +int +</dd> +</dl> +<a NAME="SecurityContext.getOffsetForCallArg" ID="SecurityContext.getOffsetForCallArg"></a> +<h4>SecurityContext.getOffsetForCallArg</h4> +<b>getOffsetForCallArg</b>(<i>argumentName</i>) + +<p> + Public method to get the offset for a specific named argument. +</p> +<dl> + +<dt><i>argumentName</i> (str)</dt> +<dd> +name of the argument to get the line number for +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +offset of the found argument or -1 +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +int +</dd> +</dl> +<a NAME="SecurityContext.isModuleBeingImported" ID="SecurityContext.isModuleBeingImported"></a> +<h4>SecurityContext.isModuleBeingImported</h4> +<b>isModuleBeingImported</b>(<i>module</i>) + +<p> + Public method to check for the given module is currently being + imported. +</p> +<dl> + +<dt><i>module</i> (str)</dt> +<dd> +module name to look for +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating the given module was found +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<a NAME="SecurityContext.isModuleImportedExact" ID="SecurityContext.isModuleImportedExact"></a> +<h4>SecurityContext.isModuleImportedExact</h4> +<b>isModuleImportedExact</b>(<i>module</i>) + +<p> + Public method to check if a given module has been imported; only exact + matches. +</p> +<dl> + +<dt><i>module</i> (str)</dt> +<dd> +module name to look for +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating the given module was found +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<a NAME="SecurityContext.isModuleImportedLike" ID="SecurityContext.isModuleImportedLike"></a> +<h4>SecurityContext.isModuleImportedLike</h4> +<b>isModuleImportedLike</b>(<i>module</i>) + +<p> + Public method to check if a given module has been imported; given + module exists. +</p> +<dl> + +<dt><i>module</i> (str)</dt> +<dd> +module name to look for +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating the given module was found +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<a NAME="SecurityContext.node" ID="SecurityContext.node"></a> +<h4>SecurityContext.node</h4> +<b>node</b>(<i></i>) + +<p> + Public method to get the raw AST node associated with the context. +</p> +<dl> +<dt>Returns:</dt> +<dd> +raw AST node associated with the context +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +ast.AST +</dd> +</dl> +<a NAME="SecurityContext.statement" ID="SecurityContext.statement"></a> +<h4>SecurityContext.statement</h4> +<b>statement</b>(<i></i>) + +<p> + Public method to get the raw AST for the current statement. +</p> +<dl> +<dt>Returns:</dt> +<dd> +raw AST for the current statement +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +ast.AST +</dd> +</dl> +<a NAME="SecurityContext.stringVal" ID="SecurityContext.stringVal"></a> +<h4>SecurityContext.stringVal</h4> +<b>stringVal</b>(<i></i>) + +<p> + Public method to get the value of a standalone unicode or string + object. +</p> +<dl> +<dt>Returns:</dt> +<dd> +value of a standalone unicode or string object +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<a NAME="SecurityContext.stringValAsEscapedBytes" ID="SecurityContext.stringValAsEscapedBytes"></a> +<h4>SecurityContext.stringValAsEscapedBytes</h4> +<b>stringValAsEscapedBytes</b>(<i></i>) + +<p> + Public method to get the escaped value of the object. +</p> +<p> + Turn the value of a string or bytes object into a byte sequence with + unknown, control, and \\ characters escaped. +</p> +<p> + This function should be used when looking for a known sequence in a + potentially badly encoded string in the code. +</p> +<dl> +<dt>Returns:</dt> +<dd> +sequence of printable ascii bytes representing original string +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityDefaults.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,44 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityDefaults</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityDefaults</h1> + +<p> +Module implementing the default values for some check modules. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>SecurityDefaults</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> +<tr><td>None</td></tr> +</table> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,380 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor</h1> + +<p> +Module implementing an AST node visitor for security checks. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> + +<tr> +<td><a href="#SecurityNodeVisitor">SecurityNodeVisitor</a></td> +<td>Class implementing an AST node visitor for security checks.</td> +</tr> +</table> +<h3>Functions</h3> + +<table> +<tr><td>None</td></tr> +</table> +<hr /> +<hr /> +<a NAME="SecurityNodeVisitor" ID="SecurityNodeVisitor"></a> +<h2>SecurityNodeVisitor</h2> + +<p> + Class implementing an AST node visitor for security checks. +</p> +<h3>Derived from</h3> +object +<h3>Class Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Class Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Methods</h3> + +<table> + +<tr> +<td><a href="#SecurityNodeVisitor.__init__">SecurityNodeVisitor</a></td> +<td>Constructor</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.__postVisit">__postVisit</a></td> +<td>Private method to clean up after a node was visited.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.__preVisit">__preVisit</a></td> +<td>Private method to set up a context for the visit method.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.__runChecks">__runChecks</a></td> +<td>Private method to run all enabled checks for a given check type.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.generic_visit">generic_visit</a></td> +<td>Public method to drive the node visitor.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.visit">visit</a></td> +<td>Public method to inspected an AST node.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.visit_Bytes">visit_Bytes</a></td> +<td>Public method defining a visitor for Bytes nodes.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.visit_Call">visit_Call</a></td> +<td>Public method defining a visitor for AST Call nodes.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.visit_ClassDef">visit_ClassDef</a></td> +<td>Public method defining a visitor for AST ClassDef nodes.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.visit_Constant">visit_Constant</a></td> +<td>Public method defining a visitor for Constant nodes.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.visit_FunctionDef">visit_FunctionDef</a></td> +<td>Public method defining a visitor for AST FunctionDef nodes.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.visit_Import">visit_Import</a></td> +<td>Public method defining a visitor for AST Import nodes.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.visit_ImportFrom">visit_ImportFrom</a></td> +<td>Public method defining a visitor for AST Import nodes.</td> +</tr> +<tr> +<td><a href="#SecurityNodeVisitor.visit_Str">visit_Str</a></td> +<td>Public method defining a visitor for String nodes.</td> +</tr> +</table> +<h3>Static Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> + +<a NAME="SecurityNodeVisitor.__init__" ID="SecurityNodeVisitor.__init__"></a> +<h4>SecurityNodeVisitor (Constructor)</h4> +<b>SecurityNodeVisitor</b>(<i>checker, secCheckers, filename</i>) + +<p> + Constructor +</p> +<dl> + +<dt><i>checker</i> (SecurityChecker)</dt> +<dd> +reference to the main security checker object +</dd> +<dt><i>secCheckers</i> (dict)</dt> +<dd> +dictionary containing the available checker routines +</dd> +<dt><i>filename</i> (str)</dt> +<dd> +name of the checked file +</dd> +</dl> +<a NAME="SecurityNodeVisitor.__postVisit" ID="SecurityNodeVisitor.__postVisit"></a> +<h4>SecurityNodeVisitor.__postVisit</h4> +<b>__postVisit</b>(<i>node</i>) + +<p> + Private method to clean up after a node was visited. +</p> +<dl> + +<dt><i>node</i> (ast.AST)</dt> +<dd> +AST node that was visited +</dd> +</dl> +<a NAME="SecurityNodeVisitor.__preVisit" ID="SecurityNodeVisitor.__preVisit"></a> +<h4>SecurityNodeVisitor.__preVisit</h4> +<b>__preVisit</b>(<i>node</i>) + +<p> + Private method to set up a context for the visit method. +</p> +<dl> + +<dt><i>node</i> (ast.AST)</dt> +<dd> +node to base the context on +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +flag indicating to visit the node +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bool +</dd> +</dl> +<a NAME="SecurityNodeVisitor.__runChecks" ID="SecurityNodeVisitor.__runChecks"></a> +<h4>SecurityNodeVisitor.__runChecks</h4> +<b>__runChecks</b>(<i>checkType</i>) + +<p> + Private method to run all enabled checks for a given check type. +</p> +<dl> + +<dt><i>checkType</i> (str)</dt> +<dd> +type of checks to be run +</dd> +</dl> +<a NAME="SecurityNodeVisitor.generic_visit" ID="SecurityNodeVisitor.generic_visit"></a> +<h4>SecurityNodeVisitor.generic_visit</h4> +<b>generic_visit</b>(<i>node</i>) + +<p> + Public method to drive the node visitor. +</p> +<dl> + +<dt><i>node</i> (ast.AST)</dt> +<dd> +node to be inspected +</dd> +</dl> +<a NAME="SecurityNodeVisitor.visit" ID="SecurityNodeVisitor.visit"></a> +<h4>SecurityNodeVisitor.visit</h4> +<b>visit</b>(<i>node</i>) + +<p> + Public method to inspected an AST node. +</p> +<dl> + +<dt><i>node</i> (ast.AST)</dt> +<dd> +AST node to be inspected +</dd> +</dl> +<a NAME="SecurityNodeVisitor.visit_Bytes" ID="SecurityNodeVisitor.visit_Bytes"></a> +<h4>SecurityNodeVisitor.visit_Bytes</h4> +<b>visit_Bytes</b>(<i>node</i>) + +<p> + Public method defining a visitor for Bytes nodes. +</p> +<p> + This adds relevant information about node to + the context for use in tests which inspect strings. +</p> +<dl> + +<dt><i>node</i> (ast.Bytes)</dt> +<dd> +reference to the node being inspected +</dd> +</dl> +<a NAME="SecurityNodeVisitor.visit_Call" ID="SecurityNodeVisitor.visit_Call"></a> +<h4>SecurityNodeVisitor.visit_Call</h4> +<b>visit_Call</b>(<i>node</i>) + +<p> + Public method defining a visitor for AST Call nodes. +</p> +<p> + Add relevant information about the node to the context for use in tests + which inspect function calls. +</p> +<dl> + +<dt><i>node</i> (ast.Call)</dt> +<dd> +reference to the node being inspected +</dd> +</dl> +<a NAME="SecurityNodeVisitor.visit_ClassDef" ID="SecurityNodeVisitor.visit_ClassDef"></a> +<h4>SecurityNodeVisitor.visit_ClassDef</h4> +<b>visit_ClassDef</b>(<i>node</i>) + +<p> + Public method defining a visitor for AST ClassDef nodes. +</p> +<p> + Add class name to current namespace for all descendants. +</p> +<dl> + +<dt><i>node</i> (ast.ClassDef)</dt> +<dd> +reference to the node being inspected +</dd> +</dl> +<a NAME="SecurityNodeVisitor.visit_Constant" ID="SecurityNodeVisitor.visit_Constant"></a> +<h4>SecurityNodeVisitor.visit_Constant</h4> +<b>visit_Constant</b>(<i>node</i>) + +<p> + Public method defining a visitor for Constant nodes. +</p> +<p> + This calls the appropriate method for the node type. + It maintains compatibility with <3.6 and 3.8+ +</p> +<dl> + +<dt><i>node</i> (ast.Constant)</dt> +<dd> +reference to the node being inspected +</dd> +</dl> +<a NAME="SecurityNodeVisitor.visit_FunctionDef" ID="SecurityNodeVisitor.visit_FunctionDef"></a> +<h4>SecurityNodeVisitor.visit_FunctionDef</h4> +<b>visit_FunctionDef</b>(<i>node</i>) + +<p> + Public method defining a visitor for AST FunctionDef nodes. +</p> +<p> + Add relevant information about the node to the context for use in tests + which inspect function definitions. Add the function name to the + current namespace for all descendants. +</p> +<dl> + +<dt><i>node</i> (ast.FunctionDef)</dt> +<dd> +reference to the node being inspected +</dd> +</dl> +<a NAME="SecurityNodeVisitor.visit_Import" ID="SecurityNodeVisitor.visit_Import"></a> +<h4>SecurityNodeVisitor.visit_Import</h4> +<b>visit_Import</b>(<i>node</i>) + +<p> + Public method defining a visitor for AST Import nodes. +</p> +<dl> + +<dt><i>node</i> (ast.Import)</dt> +<dd> +reference to the node being inspected +</dd> +</dl> +<a NAME="SecurityNodeVisitor.visit_ImportFrom" ID="SecurityNodeVisitor.visit_ImportFrom"></a> +<h4>SecurityNodeVisitor.visit_ImportFrom</h4> +<b>visit_ImportFrom</b>(<i>node</i>) + +<p> + Public method defining a visitor for AST Import nodes. +</p> +<p> + This adds relevant information about the node to + the context for use in tests which inspect imports. +</p> +<dl> + +<dt><i>node</i> (ast.ImportFrom)</dt> +<dd> +reference to the node being inspected +</dd> +</dl> +<a NAME="SecurityNodeVisitor.visit_Str" ID="SecurityNodeVisitor.visit_Str"></a> +<h4>SecurityNodeVisitor.visit_Str</h4> +<b>visit_Str</b>(<i>node</i>) + +<p> + Public method defining a visitor for String nodes. +</p> +<p> + This adds relevant information about node to + the context for use in tests which inspect strings. +</p> +<dl> + +<dt><i>node</i> (ast.Str)</dt> +<dd> +reference to the node being inspected +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,565 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils</h1> + +<p> +Module implementing utility functions used by the security checks. +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Classes</h3> + +<table> + +<tr> +<td><a href="#InvalidModulePath">InvalidModulePath</a></td> +<td>Class defining an exception for invalid module paths.</td> +</tr> +</table> +<h3>Functions</h3> + +<table> + +<tr> +<td><a href="#_get">_get</a></td> +<td></td> +</tr> +<tr> +<td><a href="#concatString">concatString</a></td> +<td>Function to build a string from an ast.BinOp chain.</td> +</tr> +<tr> +<td><a href="#deepgetattr">deepgetattr</a></td> +<td>Function to recurs through an attribute chain to get the ultimate value.</td> +</tr> +<tr> +<td><a href="#escapedBytesRepresentation">escapedBytesRepresentation</a></td> +<td>Function to escape bytes for comparison with other strings.</td> +</tr> +<tr> +<td><a href="#getAttrQualName">getAttrQualName</a></td> +<td>Function to get a the full name for the attribute node.</td> +</tr> +<tr> +<td><a href="#getCallName">getCallName</a></td> +<td>Function to extract the call name from an ast.Call node.</td> +</tr> +<tr> +<td><a href="#getCalledName">getCalledName</a></td> +<td>Function to get the function name from an ast.Call node.</td> +</tr> +<tr> +<td><a href="#getModuleQualnameFromPath">getModuleQualnameFromPath</a></td> +<td>Function to get the module's qualified name by analysis of the path.</td> +</tr> +<tr> +<td><a href="#getQualAttr">getQualAttr</a></td> +<td>Function to extract the qualified name from an ast.Attribute node.</td> +</tr> +<tr> +<td><a href="#linerange">linerange</a></td> +<td>Function to get line number range from a node.</td> +</tr> +<tr> +<td><a href="#linerange_fix">linerange_fix</a></td> +<td>Function to get a line number range working around a known Python bug with multi-line strings.</td> +</tr> +<tr> +<td><a href="#namespacePathJoin">namespacePathJoin</a></td> +<td>Function to extend a given namespace path.</td> +</tr> +<tr> +<td><a href="#namespacePathSplit">namespacePathSplit</a></td> +<td>Function to split a namespace path into a head and tail.</td> +</tr> +</table> +<hr /> +<hr /> +<a NAME="InvalidModulePath" ID="InvalidModulePath"></a> +<h2>InvalidModulePath</h2> + +<p> + Class defining an exception for invalid module paths. +</p> +<h3>Derived from</h3> +Exception +<h3>Class Attributes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Class Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Static Methods</h3> + +<table> +<tr><td>None</td></tr> +</table> + +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="_get" ID="_get"></a> +<h2>_get</h2> +<b>_get</b>(<i>node, bits, stop=None</i>) + +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="concatString" ID="concatString"></a> +<h2>concatString</h2> +<b>concatString</b>(<i>node, stop=None</i>) + +<p> + Function to build a string from an ast.BinOp chain. +</p> +<p> + This will build a string from a series of ast.Str/ast.Constant nodes + wrapped in ast.BinOp nodes. Something like "a" + "b" + "c" or "a %s" % val + etc. The provided node can be any participant in the BinOp chain. +</p> +<dl> + +<dt><i>node</i> (ast.BinOp or ast.Str/ast.Constant)</dt> +<dd> +node to be processed +</dd> +<dt><i>stop</i> (ast.BinOp or ast.Str/ast.Constant)</dt> +<dd> +base node to stop at +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +tuple containing the root node of the expression and the string + value +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +tuple of (ast.AST, str) +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="deepgetattr" ID="deepgetattr"></a> +<h2>deepgetattr</h2> +<b>deepgetattr</b>(<i>obj, attr</i>) + +<p> + Function to recurs through an attribute chain to get the ultimate value. +</p> +<dl> + +<dt><i>obj</i> (ast.Name or ast.Attribute)</dt> +<dd> +reference to the object to be recursed +</dd> +<dt><i>attr</i> (ast.Attribute)</dt> +<dd> +attribute chain to be parsed +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +ultimate value +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +ast.AST +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="escapedBytesRepresentation" ID="escapedBytesRepresentation"></a> +<h2>escapedBytesRepresentation</h2> +<b>escapedBytesRepresentation</b>(<i>b</i>) + +<p> + Function to escape bytes for comparison with other strings. +</p> +<p> + In practice it turns control characters into acceptable codepoints then + encodes them into bytes again to turn unprintable bytes into printable + escape sequences. +</p> +<p> + This is safe to do for the whole range 0..255 and result matches + unicode_escape on a unicode string. +</p> +<dl> + +<dt><i>b</i> (bytes)</dt> +<dd> +bytes object to be escaped +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +escaped bytes object +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +bytes +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getAttrQualName" ID="getAttrQualName"></a> +<h2>getAttrQualName</h2> +<b>getAttrQualName</b>(<i>node, aliases</i>) + +<p> + Function to get a the full name for the attribute node. +</p> +<p> + This will resolve a pseudo-qualified name for the attribute + rooted at node as long as all the deeper nodes are Names or + Attributes. This will give you how the code referenced the name but + will not tell you what the name actually refers to. If we + encounter a node without a static name we punt with an + empty string. If this encounters something more complex, such as + foo.mylist[0](a,b) we just return empty string. +</p> +<dl> + +<dt><i>node</i> (ast.Attribute)</dt> +<dd> +attribute node to be treated +</dd> +<dt><i>aliases</i> (dict)</dt> +<dd> +dictionary of import aliases +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +qualified name of the attribute +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getCallName" ID="getCallName"></a> +<h2>getCallName</h2> +<b>getCallName</b>(<i>node, aliases</i>) + +<p> + Function to extract the call name from an ast.Call node. +</p> +<dl> + +<dt><i>node</i> (ast.Call)</dt> +<dd> +node to extract information from +</dd> +<dt><i>aliases</i> (dict)</dt> +<dd> +dictionary of import aliases +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +name of the ast.Call node +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getCalledName" ID="getCalledName"></a> +<h2>getCalledName</h2> +<b>getCalledName</b>(<i>node</i>) + +<p> + Function to get the function name from an ast.Call node. +</p> +<p> + An ast.Call node representing a method call will present differently to one + wrapping a function call: thing.call() vs call(). This helper will grab the + unqualified call name correctly in either case. +</p> +<dl> + +<dt><i>node</i> (ast.Call)</dt> +<dd> +reference to the call node +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +function name of the node +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getModuleQualnameFromPath" ID="getModuleQualnameFromPath"></a> +<h2>getModuleQualnameFromPath</h2> +<b>getModuleQualnameFromPath</b>(<i>path</i>) + +<p> + Function to get the module's qualified name by analysis of the + path. +</p> +<p> + Resolve the absolute pathname and eliminate symlinks. This could result + in an incorrect name if symlinks are used to restructure the python lib + directory. +</p> +<p> + Starting from the right-most directory component look for __init__.py + in the directory component. If it exists then the directory name is + part of the module name. Move left to the subsequent directory + components until a directory is found without __init__.py. +</p> +<dl> + +<dt><i>path</i> (str)</dt> +<dd> +path of the module to be analyzed +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +qualified name of the module +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<dl> + +<dt>Raises <b>InvalidModulePath</b>:</dt> +<dd> +raised to indicate an invalid module path +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="getQualAttr" ID="getQualAttr"></a> +<h2>getQualAttr</h2> +<b>getQualAttr</b>(<i>node, aliases</i>) + +<p> + Function to extract the qualified name from an ast.Attribute node. +</p> +<dl> + +<dt><i>node</i> (ast.Attribute)</dt> +<dd> +node to extract information from +</dd> +<dt><i>aliases</i> (dict)</dt> +<dd> +dictionary of import aliases +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +qualified attribute name +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="linerange" ID="linerange"></a> +<h2>linerange</h2> +<b>linerange</b>(<i>node</i>) + +<p> + Function to get line number range from a node. +</p> +<dl> + +<dt><i>node</i> (ast.AST)</dt> +<dd> +node to extract a line range from +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +list containing the line number range +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +list of int +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="linerange_fix" ID="linerange_fix"></a> +<h2>linerange_fix</h2> +<b>linerange_fix</b>(<i>node</i>) + +<p> + Function to get a line number range working around a known Python bug + with multi-line strings. +</p> +<dl> + +<dt><i>node</i> (ast.AST)</dt> +<dd> +node to extract a line range from +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +list containing the line number range +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +list of int +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="namespacePathJoin" ID="namespacePathJoin"></a> +<h2>namespacePathJoin</h2> +<b>namespacePathJoin</b>(<i>namespace, name</i>) + +<p> + Function to extend a given namespace path. +</p> +<dl> + +<dt><i>namespace</i> (str)</dt> +<dd> +namespace to be extended +</dd> +<dt><i>name</i> (str)</dt> +<dd> +node name to be appended +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +extended namespace +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +str +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> +<a NAME="namespacePathSplit" ID="namespacePathSplit"></a> +<h2>namespacePathSplit</h2> +<b>namespacePathSplit</b>(<i>path</i>) + +<p> + Function to split a namespace path into a head and tail. +</p> +<p> + Tail will be the last namespace path component and head will + be everything leading up to that in the path. This is similar to + os.path.split. +</p> +<dl> + +<dt><i>path</i> (str)</dt> +<dd> +namespace path to be split +</dd> +</dl> +<dl> +<dt>Returns:</dt> +<dd> +tuple containing the namespace path head and tail +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +tuple of (str, str) +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.translations.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,45 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.translations</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<a NAME="top" ID="top"></a> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.translations</h1> + +<p> +Module implementing message translations for the code style plugin messages +(security part). +</p> +<h3>Global Attributes</h3> + +<table> +<tr><td>_securityMessages</td></tr><tr><td>_securityMessagesSampleArgs</td></tr> +</table> +<h3>Classes</h3> + +<table> +<tr><td>None</td></tr> +</table> +<h3>Functions</h3> + +<table> +<tr><td>None</td></tr> +</table> +<hr /> +</body></html> \ No newline at end of file
--- a/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html Tue Jun 16 20:01:18 2020 +0200 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.pycodestyle.html Tue Jun 16 20:02:20 2020 +0200 @@ -25,7 +25,7 @@ <h3>Global Attributes</h3> <table> -<tr><td>ARITHMETIC_OP</td></tr><tr><td>BENCHMARK_KEYS</td></tr><tr><td>BLANK_LINES_CONFIG</td></tr><tr><td>COMPARE_NEGATIVE_REGEX</td></tr><tr><td>COMPARE_SINGLETON_REGEX</td></tr><tr><td>COMPARE_TYPE_REGEX</td></tr><tr><td>DEFAULT_EXCLUDE</td></tr><tr><td>DEFAULT_IGNORE</td></tr><tr><td>DOCSTRING_REGEX</td></tr><tr><td>DUNDER_REGEX</td></tr><tr><td>ERRORCODE_REGEX</td></tr><tr><td>EXTRANEOUS_WHITESPACE_REGEX</td></tr><tr><td>FUNCTION_RETURN_ANNOTATION_OP</td></tr><tr><td>HUNK_REGEX</td></tr><tr><td>INDENT_REGEX</td></tr><tr><td>KEYWORDS</td></tr><tr><td>KEYWORD_REGEX</td></tr><tr><td>LAMBDA_REGEX</td></tr><tr><td>MAX_DOC_LENGTH</td></tr><tr><td>MAX_LINE_LENGTH</td></tr><tr><td>NEWLINE</td></tr><tr><td>OPERATOR_REGEX</td></tr><tr><td>PROJECT_CONFIG</td></tr><tr><td>PyCF_ONLY_AST</td></tr><tr><td>RAISE_COMMA_REGEX</td></tr><tr><td>REPORT_FORMAT</td></tr><tr><td>RERAISE_COMMA_REGEX</td></tr><tr><td>SINGLETONS</td></tr><tr><td>SKIP_COMMENTS</td></tr><tr><td>SKIP_TOKENS</td></tr><tr><td>STARTSWITH_DEF_REGEX</td></tr><tr><td>STARTSWITH_INDENT_STATEMENT_REGEX</td></tr><tr><td>STARTSWITH_TOP_LEVEL_REGEX</td></tr><tr><td>TESTSUITE_PATH</td></tr><tr><td>UNARY_OPERATORS</td></tr><tr><td>WHITESPACE</td></tr><tr><td>WHITESPACE_AFTER_COMMA_REGEX</td></tr><tr><td>WS_NEEDED_OPERATORS</td></tr><tr><td>WS_OPTIONAL_OPERATORS</td></tr><tr><td>__version__</td></tr><tr><td>_checks</td></tr><tr><td>noqa</td></tr> +<tr><td>ARITHMETIC_OP</td></tr><tr><td>ASSIGNMENT_EXPRESSION_OP</td></tr><tr><td>BENCHMARK_KEYS</td></tr><tr><td>BLANK_LINES_CONFIG</td></tr><tr><td>COMPARE_NEGATIVE_REGEX</td></tr><tr><td>COMPARE_SINGLETON_REGEX</td></tr><tr><td>COMPARE_TYPE_REGEX</td></tr><tr><td>DEFAULT_EXCLUDE</td></tr><tr><td>DEFAULT_IGNORE</td></tr><tr><td>DOCSTRING_REGEX</td></tr><tr><td>DUNDER_REGEX</td></tr><tr><td>ERRORCODE_REGEX</td></tr><tr><td>EXTRANEOUS_WHITESPACE_REGEX</td></tr><tr><td>FUNCTION_RETURN_ANNOTATION_OP</td></tr><tr><td>HUNK_REGEX</td></tr><tr><td>INDENT_REGEX</td></tr><tr><td>KEYWORDS</td></tr><tr><td>KEYWORD_REGEX</td></tr><tr><td>LAMBDA_REGEX</td></tr><tr><td>MAX_DOC_LENGTH</td></tr><tr><td>MAX_LINE_LENGTH</td></tr><tr><td>NEWLINE</td></tr><tr><td>OPERATOR_REGEX</td></tr><tr><td>PROJECT_CONFIG</td></tr><tr><td>PyCF_ONLY_AST</td></tr><tr><td>RAISE_COMMA_REGEX</td></tr><tr><td>REPORT_FORMAT</td></tr><tr><td>RERAISE_COMMA_REGEX</td></tr><tr><td>SINGLETONS</td></tr><tr><td>SKIP_COMMENTS</td></tr><tr><td>SKIP_TOKENS</td></tr><tr><td>STARTSWITH_DEF_REGEX</td></tr><tr><td>STARTSWITH_INDENT_STATEMENT_REGEX</td></tr><tr><td>STARTSWITH_TOP_LEVEL_REGEX</td></tr><tr><td>TESTSUITE_PATH</td></tr><tr><td>UNARY_OPERATORS</td></tr><tr><td>WHITESPACE</td></tr><tr><td>WHITESPACE_AFTER_COMMA_REGEX</td></tr><tr><td>WS_NEEDED_OPERATORS</td></tr><tr><td>WS_OPTIONAL_OPERATORS</td></tr><tr><td>_SYMBOLIC_OPS</td></tr><tr><td>__version__</td></tr><tr><td>_checks</td></tr><tr><td>noqa</td></tr> </table> <h3>Classes</h3> @@ -81,6 +81,10 @@ <td></td> </tr> <tr> +<td><a href="#_is_one_liner">_is_one_liner</a></td> +<td></td> +</tr> +<tr> <td><a href="#_main">_main</a></td> <td>Parse options and run checks on Python source.</td> </tr> @@ -959,6 +963,13 @@ <div align="right"><a href="#top">Up</a></div> <hr /> <hr /> +<a NAME="_is_one_liner" ID="_is_one_liner"></a> +<h2>_is_one_liner</h2> +<b>_is_one_liner</b>(<i>logical_line, indent_level, lines, line_number</i>) + +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> <a NAME="_main" ID="_main"></a> <h2>_main</h2> <b>_main</b>(<i></i>) @@ -1011,15 +1022,22 @@ <p> Variables can be bound in several other contexts, including class and function definitions, 'global' and 'nonlocal' statements, - exception handlers, and 'with' statements. + exception handlers, and 'with' and 'for' statements. + In addition, we have a special handling for function parameters. </p> <p> Okay: except AttributeError as o: Okay: with lock as L: + Okay: foo(l=12) + Okay: for a in foo(l=12): E741: except AttributeError as O: E741: with lock as l: E741: global I E741: nonlocal l + E741: def foo(l): + E741: def foo(l=12): + E741: l = foo(l=12) + E741: for l in range(10): E742: class I(object): E743: def l(x): </p> @@ -1075,6 +1093,7 @@ E302: def a():\n pass\n\ndef b(n):\n pass E302: def a():\n pass\n\nasync def b(n):\n pass E303: def a():\n pass\n\n\n\ndef b(n):\n pass + E303: def a():\n\n\n\n pass E304: @decorator\n\ndef a():\n pass E305: def a():\n pass\na() E306: def a():\n def b():\n pass\n def c():\n pass @@ -1568,6 +1587,7 @@ E225: submitted +=1 E225: x = x /2 - 1 E225: z = x **y + E225: z = 1and 1 E226: c = (a+b) * (a-b) E226: hypot2 = x*x + y*y E227: c = a|b @@ -1592,12 +1612,10 @@ Okay: # this is a comment\nimport os Okay: '''this is a module docstring'''\nimport os Okay: r'''this is a module docstring'''\nimport os - Okay: + Okay: try:\n\timport x\nexcept ImportError:\n\tpass\nelse:\n\tpass\nimport y - Okay: + Okay: try:\n\timport x\nexcept ImportError:\n\tpass\nfinally:\n\tpass\nimport y -</p> -<p> E402: a=1\nimport os E402: 'One string'\n"Two string"\nimport os E402: a=1\nfrom sys import x
--- a/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations.html Tue Jun 16 20:01:18 2020 +0200 +++ b/eric6/Documentation/Source/eric6.Plugins.CheckerPlugins.CodeStyleChecker.translations.html Tue Jun 16 20:02:20 2020 +0200 @@ -28,7 +28,7 @@ <h3>Global Attributes</h3> <table> -<tr><td>__all__</td></tr><tr><td>_messages</td></tr><tr><td>_messages_sample_args</td></tr> +<tr><td>_messages</td></tr><tr><td>_messages_sample_args</td></tr><tr><td>messageCatalogs</td></tr><tr><td>messageSampleArgsCatalog</td></tr> </table> <h3>Classes</h3> @@ -40,15 +40,41 @@ <table> <tr> +<td><a href="#getMessageCodes">getMessageCodes</a></td> +<td>Module function to get a list of known message codes.</td> +</tr> +<tr> <td><a href="#getTranslatedMessage">getTranslatedMessage</a></td> <td>Module function to get a translated and formatted message for a given message ID.</td> </tr> </table> <hr /> <hr /> +<a NAME="getMessageCodes" ID="getMessageCodes"></a> +<h2>getMessageCodes</h2> +<b>getMessageCodes</b>(<i></i>) + +<p> + Module function to get a list of known message codes. +</p> +<dl> +<dt>Returns:</dt> +<dd> +list of known message codes +</dd> +</dl> +<dl> +<dt>Return Type:</dt> +<dd> +set of str +</dd> +</dl> +<div align="right"><a href="#top">Up</a></div> +<hr /> +<hr /> <a NAME="getTranslatedMessage" ID="getTranslatedMessage"></a> <h2>getTranslatedMessage</h2> -<b>getTranslatedMessage</b>(<i>messageCode, messageArgs</i>) +<b>getTranslatedMessage</b>(<i>messageCode, messageArgs, example=False</i>) <p> Module function to get a translated and formatted message for a @@ -65,6 +91,11 @@ list of arguments or a single integer value to format the message </dd> +<dt><i>example</i> (bool)</dt> +<dd> +flag indicating a translated message filled with example + data is requested (messageArgs is ignored if given) +</dd> </dl> <dl> <dt>Returns:</dt>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,137 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks</h1> + +<p> +Package containing the various security checker modules. +</p> + + +<h3>Modules</h3> +<table> + +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.__init__.html">Checks</a></td> +<td>Package containing the various security checker modules.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.assert.html">assert</a></td> +<td>Module implementing a check for the use of 'assert'.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.awsHardcodedPassword.html">awsHardcodedPassword</a></td> +<td>Module implementing checks for potentially hardcoded AWS passwords.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListCalls.html">blackListCalls</a></td> +<td>Module implementing checks for blacklisted methods and functions.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.blackListImports.html">blackListImports</a></td> +<td>Module implementing checks for blacklisted imports.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.certificateValidation.html">certificateValidation</a></td> +<td>Module implementing checks for switched off certificate validation.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoSqlInjection.html">djangoSqlInjection</a></td> +<td>Module implementing checks for potential SQL injections risks.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html">djangoXssVulnerability</a></td> +<td>Module implementing checks for potential XSS vulnerability.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.exec.html">exec</a></td> +<td>Module implementing a check for the use of 'exec'.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.flaskDebug.html">flaskDebug</a></td> +<td>Module implementing checks for running a flask application with enabled debug.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalBindAllInterfaces.html">generalBindAllInterfaces</a></td> +<td>Module implementing a check for binding to all interfaces.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalFilePermissions.html">generalFilePermissions</a></td> +<td>Module implementing a check for setting too permissive file permissions.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedPassword.html">generalHardcodedPassword</a></td> +<td>Module implementing checks for potentially hardcoded passwords.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.generalHardcodedTmp.html">generalHardcodedTmp</a></td> +<td>Module implementing a check for insecure usage of tmp file/directory.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionParamiko.html">injectionParamiko</a></td> +<td>Module implementing a check for shell injection within Paramiko.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html">injectionShell</a></td> +<td>Module implementing a check for shell injection.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionSql.html">injectionSql</a></td> +<td>Module implementing a check for SQL injection.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionWildcard.html">injectionWildcard</a></td> +<td>Module implementing a check for use of wildcard injection.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureHashlibNew.html">insecureHashlibNew</a></td> +<td>Module implementing a check for use of insecure md4, md5, or sha1 hash functions in hashlib.new().</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.insecureSslTls.html">insecureSslTls</a></td> +<td>Module implementing a check for use of SSL/TLS with insecure protocols.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.jinja2Templates.html">jinja2Templates</a></td> +<td>Module implementing a check for not auto escaping in jinja2.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.makoTemplates.html">makoTemplates</a></td> +<td>Module implementing a check for use of mako templates.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.sshNoHostKeyVerification.html">sshNoHostKeyVerification</a></td> +<td>Module implementing a check for use of mako templates.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.tryExcept.html">tryExcept</a></td> +<td>Module implementing checks for insecure except blocks.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.weakCryptographicKey.html">weakCryptographicKey</a></td> +<td>Module implementing checks for weak cryptographic key use.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.yamlLoad.html">yamlLoad</a></td> +<td>Module implementing checks for the use of yaml load functions.</td> +</tr> +</table> +</body></html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/eric6/Documentation/Source/index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.html Tue Jun 16 20:02:20 2020 +0200 @@ -0,0 +1,65 @@ +<!DOCTYPE html> +<html><head> +<title>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security</title> +<meta charset="UTF-8"> +<style> +body { + background: #EDECE6; + margin: 0em 1em 10em 1em; + color: black; +} + +h1 { color: white; background: #85774A; } +h2 { color: white; background: #85774A; } +h3 { color: white; background: #9D936E; } +h4 { color: white; background: #9D936E; } + +a { color: #BA6D36; } + +</style> +</head> +<body> +<h1>eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security</h1> + +<p> +Package implementing the security checker. +</p> + +<h3>Packages</h3> +<table> + +<tr> +<td><a href="index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.html">Checks</a></td> +<td>Package containing the various security checker modules.</td> +</tr> +</table> + +<h3>Modules</h3> +<table> + +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityChecker.html">SecurityChecker</a></td> +<td>Module implementing the security checker.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityContext.html">SecurityContext</a></td> +<td>Module implementing a context class for security related checks.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityDefaults.html">SecurityDefaults</a></td> +<td>Module implementing the default values for some check modules.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityNodeVisitor.html">SecurityNodeVisitor</a></td> +<td>Module implementing an AST node visitor for security checks.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.SecurityUtils.html">SecurityUtils</a></td> +<td>Module implementing utility functions used by the security checks.</td> +</tr> +<tr> +<td><a href="eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.translations.html">translations</a></td> +<td>Module implementing message translations for the code style plugin messages (security part).</td> +</tr> +</table> +</body></html> \ No newline at end of file
--- a/eric6/Documentation/Source/index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.html Tue Jun 16 20:01:18 2020 +0200 +++ b/eric6/Documentation/Source/index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.html Tue Jun 16 20:02:20 2020 +0200 @@ -25,6 +25,14 @@ Package containing the code style checker and fixer plug-in. </p> +<h3>Packages</h3> +<table> + +<tr> +<td><a href="index-eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.html">Security</a></td> +<td>Package implementing the security checker.</td> +</tr> +</table> <h3>Modules</h3> <table>
