Mercurial Repositories > eric / file comparison
comparison: eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py
eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py
- changeset 7619
- ef2b5af23ce7
- parent 7616
- 01d646569115
- child 7622
- 384e2aa5c073
equal
deleted
inserted
replaced
| 7618:cba5c14bcd5e | 7619:ef2b5af23ce7 |
|---|---|
| 164 "By default, Python will create a secure, verified SSL context for" | 164 "By default, Python will create a secure, verified SSL context for" |
| 165 " use in such classes as HTTPSConnection. However, it still allows" | 165 " use in such classes as HTTPSConnection. However, it still allows" |
| 166 " using an insecure context via the _create_unverified_context that" | 166 " using an insecure context via the _create_unverified_context that" |
| 167 " reverts to the previous behavior that does not validate" | 167 " reverts to the previous behavior that does not validate" |
| 168 " certificates or perform hostname checks."), | 168 " certificates or perform hostname checks."), |
| 169 "S325": QCoreApplication.translate( | 169 "S324": QCoreApplication.translate( |
| 170 "Security", | 170 "Security", |
| 171 "Use of os.tempnam() and os.tmpnam() is vulnerable to symlink" | 171 "Use of os.tempnam() and os.tmpnam() is vulnerable to symlink" |
| 172 " attacks. Consider using tmpfile() instead."), | 172 " attacks. Consider using tmpfile() instead."), |
| 173 | 173 |
| 174 # hashlib.new | 174 # hashlib.new |
| 175 "S324": QCoreApplication.translate( | 175 "S331": QCoreApplication.translate( |
| 176 "Security", | 176 "Security", |
| 177 "Use of insecure {0} hash function."), | 177 "Use of insecure {0} hash function."), |
| 178 | 178 |
| 179 # blacklisted imports | 179 # blacklisted imports |
| 180 "S401": QCoreApplication.translate( | 180 "S401": QCoreApplication.translate( |
| 185 "Security", | 185 "Security", |
| 186 "A FTP-related module is being imported. FTP is considered" | 186 "A FTP-related module is being imported. FTP is considered" |
| 187 " insecure. Use SSH/SFTP/SCP or some other encrypted protocol."), | 187 " insecure. Use SSH/SFTP/SCP or some other encrypted protocol."), |
| 188 "S403": QCoreApplication.translate( | 188 "S403": QCoreApplication.translate( |
| 189 "Security", | 189 "Security", |
| 190 "Consider possible security implications associated with '{0}'" | 190 "Consider possible security implications associated with the '{0}'" |
| 191 " module."), | 191 " module."), |
| 192 "S404": QCoreApplication.translate( | 192 "S404": QCoreApplication.translate( |
| 193 "Security", | 193 "Security", |
| 194 "Consider possible security implications associated with '{0}'" | 194 "Consider possible security implications associated with the '{0}'" |
| 195 " module."), | 195 " module."), |
| 196 "S405": QCoreApplication.translate( | 196 "S405": QCoreApplication.translate( |
| 197 "Security", | 197 "Security", |
| 198 "Using '{0}' to parse untrusted XML data is known to be vulnerable" | 198 "Using '{0}' to parse untrusted XML data is known to be vulnerable" |
| 199 " to XML attacks. Replace '{0}' with the equivalent defusedxml" | 199 " to XML attacks. Replace '{0}' with the equivalent defusedxml" |
| 382 "S317": ["xml.sax.parse"], | 382 "S317": ["xml.sax.parse"], |
| 383 "S318": ["xml.dom.minidom.parse"], | 383 "S318": ["xml.dom.minidom.parse"], |
| 384 "S319": ["xml.dom.pulldom.parse"], | 384 "S319": ["xml.dom.pulldom.parse"], |
| 385 "S320": ["lxml.etree.parse"], | 385 "S320": ["lxml.etree.parse"], |
| 386 | 386 |
| 387 "S324": ["MD5"], | 387 "S331": ["MD5"], |
| 388 | 388 |
| 389 "S403": ["pickle"], | 389 "S403": ["pickle"], |
| 390 "S404": ["subprocess"], | 390 "S404": ["subprocess"], |
| 391 "S405": ["xml.etree.ElementTree"], | 391 "S405": ["xml.etree.ElementTree"], |
| 392 "S406": ["xml.sax"], | 392 "S406": ["xml.sax"], |
