diff -r ca1ce1e0fcff -r 382f89c11e27 eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityChecker.py
--- a/eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityChecker.py Mon Jun 08 08:17:14 2020 +0200
+++ b/eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityChecker.py Mon Jun 08 20:08:27 2020 +0200
@@ -19,6 +19,35 @@
"""
Class implementing a checker for security issues.
"""
+ Codes = [
+ # assert used
+ "S101",
+
+ # flask app
+ "S201",
+
+ # insecure function calls (blacklisted)
+ "S301", "S302", "S303", "S304", "S305", "S306", "S307", "S308", "S309",
+ "S310", "S311", "S312", "S313", "S314", "S315", "S316", "S317", "S318",
+ "S319", "S320", "S321", "S322", "S323", "S325",
+
+ # insecure imports (blacklisted)
+ "S401", "S402", "S403", "S404", "S405", "S406", "S407", "S408", "S409",
+ "S410", "S411", "S412", "S413",
+
+ # insecure certificate usage
+ "S501",
+
+ # Django SQL injection
+ "S610", "S611",
+
+ # Django XSS vulnerability
+ "S703",
+
+ # YAML load
+ "S506",
+ ]
+
def __init__(self, source, filename, select, ignore, expected, repeat,
args):
"""
@@ -77,7 +106,7 @@
def reportError(self, lineNumber, offset, code, severity, confidence,
*args):
"""
- Private method to record an issue.
+ Public method to record an issue.
@param lineNumber line number of the issue
@type int
@@ -88,7 +117,7 @@
@param severity severity code (H = high, M = medium, L = low,
U = undefined)
@type str
- @param configence confidence code (H = high, M = medium, L = low,
+ @param confidence confidence code (H = high, M = medium, L = low,
U = undefined)
@type str
@param args arguments for the message
