--- a/eric6/Plugins/CheckerPlugins/CodeStyleChecker/CodeStyleChecker.py Tue Jun 09 20:10:59 2020 +0200
+++ b/eric6/Plugins/CheckerPlugins/CodeStyleChecker/CodeStyleChecker.py Wed Jun 10 17:52:53 2020 +0200
@@ -111,7 +111,9 @@
flags = [f.strip() for f in comment.split()
if (f.startswith("__") and f.endswith("__"))]
flags += [f.strip().lower() for f in comment.split()
- if f in ("noqa", "NOQA")]
+ if f in ("noqa", "NOQA",
+ "nosec", "NOSEC",
+ "secok", "SECOK")]
return flags
@@ -130,7 +132,8 @@
if (
"__IGNORE_WARNING__" in lineFlags or
- "noqa" in lineFlags
+ "noqa" in lineFlags or
+ "nosec" in lineFlags
):
# ignore all warning codes
return True
@@ -145,6 +148,23 @@
return False
+def securityOk(code, lineFlags):
+ """
+ Function to check, if the given code is an acknowledged security report.
+
+ @param code error code to be checked
+ @type str
+ @param lineFlags list of line flags to check against
+ @type list of str
+ @return flag indicating an acknowledged security report
+ @rtype bool
+ """
+ if lineFlags:
+ return "secok" in lineFlags
+
+ return False
+
+
def codeStyleCheck(filename, source, args):
"""
Do the code style check and/or fix found errors.
@@ -395,6 +415,15 @@
for lineno, errorsList in errorsDict.items():
errorsList.sort(key=lambda x: x[0], reverse=True)
for _, error in errorsList:
+ error.update({
+ "ignored": False,
+ "fixed": False,
+ "autofixing": False,
+ "fixcode": "",
+ "fixargs": [],
+ "securityOk": False,
+ })
+
if source:
code = error["code"]
lineFlags = extractLineFlags(source[lineno - 1].strip())
@@ -403,45 +432,25 @@
flagsLine=True)
except IndexError:
pass
- if not ignoreCode(code, lineFlags):
+
+ if securityOk(code, lineFlags):
+ error["securityOk"] = True
+
+ if ignoreCode(code, lineFlags):
+ error["ignored"] = True
+ else:
if fixer:
- pass
res, fixcode, fixargs, id_ = fixer.fixIssue(
lineno, error["offset"], code)
if res == -1:
deferredFixes[id_] = error
else:
error.update({
- "ignored": False,
"fixed": res == 1,
"autofixing": True,
"fixcode": fixcode,
"fixargs": fixargs,
})
- else:
- error.update({
- "ignored": False,
- "fixed": False,
- "autofixing": False,
- "fixcode": "",
- "fixargs": [],
- })
- else:
- error.update({
- "ignored": True,
- "fixed": False,
- "autofixing": False,
- "fixcode": "",
- "fixargs": [],
- })
- else:
- error.update({
- "ignored": False,
- "fixed": False,
- "autofixing": False,
- "fixcode": "",
- "fixargs": [],
- })
results.append(error)
