eric: comparison eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/djangoSqlInjection.py

-:ffd1f00ca376
+:384e2aa5c073
 #
 # SPDX-License-Identifier: Apache-2.0
 #
 import ast
+import AstUtilities
 def getChecks():
 """
 Public method to get a dictionary with checks handled by this module.
 insecure = False
 for key in ['where', 'tables']:
 if key in kwargs:
 if isinstance(kwargs[key], ast.List):
 for val in kwargs[key].elts:
-if not isinstance(val, ast.Str):
+if not AstUtilities.isString(val):
 insecure = True
 break
 else:
 insecure = True
 break
 if not insecure and 'select' in kwargs:
 if isinstance(kwargs['select'], ast.Dict):
 for k in kwargs['select'].keys:
-if not isinstance(k, ast.Str):
+if not AstUtilities.isString(k):
 insecure = True
 break
 if not insecure:
 for v in kwargs['select'].values:
-if not isinstance(v, ast.Str):
+if not AstUtilities.isString(v):
 insecure = True
 break
 else:
 insecure = True
 @type dict
 """
 if context.isModuleImportedLike('django.db.models'):
 if context.callFunctionName == 'RawSQL':
 sql = context.node.args[0]
-if not isinstance(sql, ast.Str):
+if not AstUtilities.isString(sql):
 reportError(
 context.node.lineno - 1,
 context.node.col_offset,
 "S611",
 "M",

Mercurial Repositories > eric / file comparison