├── .github
    ├── CODEOWNERS
    ├── dependabot.yml
    └── workflows
    │   ├── dependency-review.yml
    │   ├── publish-to-pypi.yml
    │   ├── publish-to-test-pypi.yml
    │   ├── unit-test.yml
    │   └── upload-asset.yml
├── .gitignore
├── .pre-commit-config.yaml
├── .readthedocs.yaml
├── CODE_OF_CONDUCT.md
├── LICENSE
├── README.rst
├── SECURITY.md
├── custom
    ├── c_sharp
    │   ├── csharp-process-start-dynamic.yaml
    │   └── start.cs
    ├── cpp
    │   ├── cpp-system-call.yaml
    │   └── sysinput.cpp
    ├── css
    │   ├── css-important-usage.yaml
    │   └── important.css
    ├── go
    │   ├── exec.go
    │   └── go-exec-command.yaml
    ├── haskell
    │   ├── haskell-unsafe-perform-io.yaml
    │   └── unsafePerformIO.hs
    ├── java
    │   ├── Exec.java
    │   └── java-runtime-exec.yaml
    ├── javascript
    │   ├── js-eval-usage.yaml
    │   └── userinput.js
    ├── python
    │   ├── python-requests-insecure-verify.yaml
    │   └── requests_get_verify_false.py
    ├── ruby
    │   ├── eval.rb
    │   └── ruby-eval-usage.yaml
    └── scala
    │   ├── ExecutionContext.scala
    │   └── scala-global-executioncontext.yaml
├── docs
    ├── getting-started.md
    ├── index.md
    ├── javascripts
    │   └── tablesort.js
    ├── man
    │   └── precli.md
    ├── requirements.txt
    ├── rules.md
    ├── rules
    │   ├── go
    │   │   └── stdlib
    │   │   │   ├── crypto-unrestricted-bind.md
    │   │   │   ├── crypto-weak-cipher.md
    │   │   │   ├── crypto-weak-hash.md
    │   │   │   ├── crypto-weak-key.md
    │   │   │   ├── net-http-no-timeout.md
    │   │   │   ├── net-unrestricted-bind.md
    │   │   │   └── syscall-setuid-root.md
    │   ├── java
    │   │   └── stdlib
    │   │   │   ├── java-net-insecure-cookie.md
    │   │   │   ├── java-security-weak-hash.md
    │   │   │   ├── java-security-weak-key.md
    │   │   │   ├── java-security-weak-random.md
    │   │   │   ├── javax-crypto-weak-cipher.md
    │   │   │   └── javax-servlet-http-insecure-cookie.md
    │   └── python
    │   │   └── stdlib
    │   │       ├── argparse-sensitive-info.md
    │   │       ├── assert.md
    │   │       ├── crypt-weak-hash.md
    │   │       ├── ftplib-cleartext.md
    │   │       ├── ftplib-no-timeout.md
    │   │       ├── ftplib-unverified-context.md
    │   │       ├── hashlib-improper-prng.md
    │   │       ├── hashlib-weak-hash.md
    │   │       ├── hmac-timing-attack.md
    │   │       ├── hmac-weak-hash.md
    │   │       ├── hmac-weak-key.md
    │   │       ├── http-server-unrestricted-bind.md
    │   │       ├── http-url-secret.md
    │   │       ├── imaplib-cleartext.md
    │   │       ├── imaplib-no-timeout.md
    │   │       ├── imaplib-unverified-context.md
    │   │       ├── json-load.md
    │   │       ├── logging-insecure-listen-config.md
    │   │       ├── marshal-load.md
    │   │       ├── nntplib-cleartext.md
    │   │       ├── nntplib-no-timeout.md
    │   │       ├── nntplib-unverified-context.md
    │   │       ├── os-loose-file-perm.md
    │   │       ├── os-setuid-root.md
    │   │       ├── pathlib-loose-file-perm.md
    │   │       ├── pickle-load.md
    │   │       ├── poplib-cleartext.md
    │   │       ├── poplib-no-timeout.md
    │   │       ├── poplib-unverified-context.md
    │   │       ├── re-denial-of-service.md
    │   │       ├── secrets-weak-token.md
    │   │       ├── shelve-open.md
    │   │       ├── smtplib-cleartext.md
    │   │       ├── smtplib-no-timeout.md
    │   │       ├── smtplib-unverified-context.md
    │   │       ├── socket-no-timeout.md
    │   │       ├── socket-unrestricted-bind.md
    │   │       ├── socketserver-unrestricted-bind.md
    │   │       ├── ssl-context-weak-key.md
    │   │       ├── ssl-create-unverified-context.md
    │   │       ├── ssl-insecure-tls-version.md
    │   │       ├── ssl-no-timeout.md
    │   │       ├── telnetlib-cleartext.md
    │   │       ├── telnetlib-no-timeout.md
    │   │       ├── tempfile-mktemp-race-condition.md
    │   │       └── xmlrpc-server-unrestricted-bind.md
    └── stylesheets
    │   └── extra.css
├── images
    ├── example.cast
    ├── example.gif
    └── logo.png
├── mkdocs.yml
├── precli
    ├── __init__.py
    ├── __main__.py
    ├── cli
    │   ├── __init__.py
    │   ├── init.py
    │   └── main.py
    ├── core
    │   ├── __init__.py
    │   ├── argument.py
    │   ├── artifact.py
    │   ├── call.py
    │   ├── comparison.py
    │   ├── config.py
    │   ├── cwe.py
    │   ├── fix.py
    │   ├── kind.py
    │   ├── level.py
    │   ├── linecache.py
    │   ├── loader.py
    │   ├── location.py
    │   ├── metrics.py
    │   ├── redos.py
    │   ├── result.py
    │   ├── run.py
    │   ├── status.py
    │   ├── suppression.py
    │   ├── symtab.py
    │   ├── tool.py
    │   └── utils.py
    ├── i18n.py
    ├── locale
    │   ├── de
    │   │   └── LC_MESSAGES
    │   │   │   └── messages.po
    │   ├── en_GB
    │   │   └── LC_MESSAGES
    │   │   │   └── messages.po
    │   ├── es
    │   │   └── LC_MESSAGES
    │   │   │   └── messages.po
    │   ├── fr
    │   │   └── LC_MESSAGES
    │   │   │   └── messages.po
    │   ├── it
    │   │   └── LC_MESSAGES
    │   │   │   └── messages.po
    │   ├── ja
    │   │   └── LC_MESSAGES
    │   │   │   └── messages.po
    │   ├── ko
    │   │   └── LC_MESSAGES
    │   │   │   └── messages.po
    │   ├── pt_BR
    │   │   └── LC_MESSAGES
    │   │   │   └── messages.po
    │   ├── ru
    │   │   └── LC_MESSAGES
    │   │   │   └── messages.po
    │   ├── zh_CN
    │   │   └── LC_MESSAGES
    │   │   │   └── messages.po
    │   └── zh_TW
    │   │   └── LC_MESSAGES
    │   │       └── messages.po
    ├── parsers
    │   ├── __init__.py
    │   ├── basic.py
    │   ├── go.py
    │   ├── java.py
    │   ├── node_types.py
    │   └── python.py
    ├── renderers
    │   ├── __init__.py
    │   ├── detailed.py
    │   ├── json.py
    │   ├── markdown.py
    │   └── plain.py
    ├── rules
    │   ├── __init__.py
    │   ├── go
    │   │   ├── __init__.py
    │   │   └── stdlib
    │   │   │   ├── __init__.py
    │   │   │   ├── crypto_unrestricted_bind.py
    │   │   │   ├── crypto_weak_cipher.py
    │   │   │   ├── crypto_weak_hash.py
    │   │   │   ├── crypto_weak_key.py
    │   │   │   ├── net_http_no_timeout.py
    │   │   │   ├── net_unrestricted_bind.py
    │   │   │   └── syscall_setuid_root.py
    │   ├── java
    │   │   ├── __init__.py
    │   │   └── stdlib
    │   │   │   ├── __init__.py
    │   │   │   ├── java_net_insecure_cookie.py
    │   │   │   ├── java_security_weak_hash.py
    │   │   │   ├── java_security_weak_key.py
    │   │   │   ├── java_security_weak_random.py
    │   │   │   ├── javax_crypto_weak_cipher.py
    │   │   │   └── javax_servlet_http_insecure_cookie.py
    │   └── python
    │   │   ├── __init__.py
    │   │   └── stdlib
    │   │       ├── __init__.py
    │   │       ├── argparse_sensitive_info.py
    │   │       ├── assert.py
    │   │       ├── crypt_weak_hash.py
    │   │       ├── ftplib_cleartext.py
    │   │       ├── ftplib_no_timeout.py
    │   │       ├── ftplib_unverified_context.py
    │   │       ├── hashlib_improper_prng.py
    │   │       ├── hashlib_weak_hash.py
    │   │       ├── hmac_timing_attack.py
    │   │       ├── hmac_weak_hash.py
    │   │       ├── hmac_weak_key.py
    │   │       ├── http_server_unrestricted_bind.py
    │   │       ├── http_url_secret.py
    │   │       ├── imaplib_cleartext.py
    │   │       ├── imaplib_no_timeout.py
    │   │       ├── imaplib_unverified_context.py
    │   │       ├── json_load.py
    │   │       ├── logging_insecure_listen_config.py
    │   │       ├── marshal_load.py
    │   │       ├── nntplib_cleartext.py
    │   │       ├── nntplib_no_timeout.py
    │   │       ├── nntplib_unverified_context.py
    │   │       ├── os_loose_file_perm.py
    │   │       ├── os_setuid_root.py
    │   │       ├── pathlib_loose_file_perm.py
    │   │       ├── pickle_load.py
    │   │       ├── poplib_cleartext.py
    │   │       ├── poplib_no_timeout.py
    │   │       ├── poplib_unverified_context.py
    │   │       ├── re_denial_of_service.py
    │   │       ├── secrets_weak_token.py
    │   │       ├── shelve_open.py
    │   │       ├── smtplib_cleartext.py
    │   │       ├── smtplib_no_timeout.py
    │   │       ├── smtplib_unverified_context.py
    │   │       ├── socket_no_timeout.py
    │   │       ├── socket_unrestricted_bind.py
    │   │       ├── socketserver_unrestricted_bind.py
    │   │       ├── ssl_context_weak_key.py
    │   │       ├── ssl_create_unverified_context.py
    │   │       ├── ssl_insecure_tls_version.py
    │   │       ├── ssl_no_timeout.py
    │   │       ├── telnetlib_cleartext.py
    │   │       ├── telnetlib_no_timeout.py
    │   │       ├── tempfile_mktemp_race_condition.py
    │   │       └── xmlrpc_server_unrestricted_bind.py
    └── targets
    │   ├── __init__.py
    │   ├── file.py
    │   ├── github.py
    │   └── pypi.py
├── pylintrc
├── requirements.txt
├── setup.cfg
├── setup.py
├── test-requirements.txt
├── tests
    ├── __init__.py
    └── unit
    │   ├── __init__.py
    │   ├── cli
    │       ├── __init__.py
    │       ├── test_init.py
    │       └── test_main.py
    │   ├── core
    │       ├── __init__.py
    │       └── test_python.py
    │   ├── parsers
    │       ├── __init__.py
    │       ├── examples
    │       │   ├── bad_coding.py
    │       │   ├── expression_list_assignment.py
    │       │   ├── expression_list_assignment_uneven.py
    │       │   ├── importlib_import_module.py
    │       │   ├── pep3120.py
    │       │   ├── suppress.go
    │       │   ├── suppress.py
    │       │   ├── suppress_lowercase_rule.go
    │       │   ├── suppress_lowercase_rule.py
    │       │   ├── suppress_multiline.go
    │       │   ├── suppress_multiline.py
    │       │   ├── suppress_multiple_comments.go
    │       │   ├── suppress_multiple_comments.py
    │       │   ├── suppress_multiple_rules.go
    │       │   ├── suppress_multiple_rules.py
    │       │   ├── suppress_preceding.go
    │       │   ├── suppress_preceding.py
    │       │   ├── suppress_spaced_rules.go
    │       │   ├── suppress_spaced_rules.py
    │       │   ├── suppress_wrong_rule.go
    │       │   └── suppress_wrong_rule.py
    │       ├── test_go.py
    │       └── test_python.py
    │   └── rules
    │       ├── __init__.py
    │       ├── go
    │           ├── __init__.py
    │           └── stdlib
    │           │   ├── __init__.py
    │           │   ├── crypto
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── crypto_tls_listen_ipv4.go
    │           │       │   ├── crypto_tls_listen_ipv6.go
    │           │       │   ├── crypto_weak_cipher_aes.go
    │           │       │   ├── crypto_weak_cipher_des.go
    │           │       │   ├── crypto_weak_cipher_rc4.go
    │           │       │   ├── crypto_weak_hash_md5_new.go
    │           │       │   ├── crypto_weak_hash_md5_sum.go
    │           │       │   ├── crypto_weak_hash_sha1_new.go
    │           │       │   ├── crypto_weak_hash_sha1_sum.go
    │           │       │   ├── crypto_weak_hash_sha256_new.go
    │           │       │   ├── crypto_weak_hash_sha256_sum.go
    │           │       │   ├── crypto_weak_key_dsa_1024.go
    │           │       │   ├── crypto_weak_key_dsa_2048.go
    │           │       │   ├── crypto_weak_key_dsa_3072.go
    │           │       │   ├── crypto_weak_key_rsa_1024.go
    │           │       │   ├── crypto_weak_key_rsa_2048.go
    │           │       │   ├── crypto_weak_key_rsa_4096.go
    │           │       │   └── crypto_weak_key_rsa_bits_as_var.go
    │           │       ├── test_crypto_unrestricted_bind.py
    │           │       ├── test_crypto_weak_cipher.py
    │           │       ├── test_crypto_weak_hash.py
    │           │       └── test_crypto_weak_key.py
    │           │   ├── net
    │           │       ├── examples
    │           │       │   ├── net_http_listenandserve.go
    │           │       │   ├── net_http_listenandservetls.go
    │           │       │   ├── net_http_serve.go
    │           │       │   ├── net_http_servetls.go
    │           │       │   ├── net_listen_ipv4.go
    │           │       │   └── net_listen_ipv6.go
    │           │       ├── test_net_http_no_timeout.py
    │           │       └── test_net_unrestricted_bind.py
    │           │   └── syscall
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │           ├── syscall_setuid_0.go
    │           │           └── syscall_setuid_500.go
    │           │       └── test_syscall_setuid_root.py
    │       ├── java
    │           ├── __init__.py
    │           └── stdlib
    │           │   ├── __init__.py
    │           │   ├── java_net
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── HttpCookieSecureFalse.java
    │           │       │   └── HttpCookieSecureTrue.java
    │           │       └── test_insecure_cookie.py
    │           │   ├── java_security
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── JavaSecuritySecureRandomSHA1PRNG.java
    │           │       │   ├── KeyPairGeneratorDSA.java
    │           │       │   ├── KeyPairGeneratorRSA.java
    │           │       │   ├── MessageDigestMD2.java
    │           │       │   ├── MessageDigestMD5.java
    │           │       │   ├── MessageDigestMD5Property.java
    │           │       │   ├── MessageDigestSHA1.java
    │           │       │   ├── MessageDigestSHA256.java
    │           │       │   ├── SecureRandomDefault.java
    │           │       │   └── SecureRandomSHA1PRNG.java
    │           │       ├── test_weak_hash.py
    │           │       ├── test_weak_key.py
    │           │       └── test_weak_random.py
    │           │   ├── javax_crypto
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── Cipher3DESCBC.java
    │           │       │   ├── CipherAESCBC.java
    │           │       │   ├── CipherArcfour.java
    │           │       │   ├── CipherBlowfishCBC.java
    │           │       │   ├── CipherDESCBC.java
    │           │       │   ├── CipherRC2.java
    │           │       │   ├── CipherRC4.java
    │           │       │   └── CipherRC5.java
    │           │       └── test_weak_cipher.py
    │           │   └── javax_servlet_http
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │           ├── CookieSecureFalse.java
    │           │           └── CookieSecureTrue.java
    │           │       └── test_insecure_cookie.py
    │       ├── python
    │           ├── __init__.py
    │           └── stdlib
    │           │   ├── __init__.py
    │           │   ├── argparse
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── argparse_add_argument_api_key.py
    │           │       │   ├── argparse_add_argument_default_action.py
    │           │       │   ├── argparse_add_argument_password.py
    │           │       │   ├── argparse_add_argument_password_file.py
    │           │       │   ├── argparse_add_argument_password_store_true.py
    │           │       │   └── argparse_add_argument_token.py
    │           │       └── test_argparse_sensitive_info.py
    │           │   ├── assert
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   └── assert.py
    │           │       └── test_assert.py
    │           │   ├── crypt
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── crypt_crypt.py
    │           │       │   ├── crypt_crypt_method_blowfish.py
    │           │       │   ├── crypt_crypt_method_crypt.py
    │           │       │   ├── crypt_crypt_method_md5.py
    │           │       │   ├── crypt_crypt_method_sha256.py
    │           │       │   ├── crypt_crypt_method_sha512.py
    │           │       │   ├── crypt_mksalt.py
    │           │       │   ├── crypt_mksalt_method_blowfish.py
    │           │       │   ├── crypt_mksalt_method_crypt.py
    │           │       │   ├── crypt_mksalt_method_md5.py
    │           │       │   ├── crypt_mksalt_method_sha256.py
    │           │       │   └── crypt_mksalt_method_sha512.py
    │           │       └── test_crypt_weak_hash.py
    │           │   ├── ftplib
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── ftp.py
    │           │       │   ├── ftp_context_mgr.py
    │           │       │   ├── ftp_login.py
    │           │       │   ├── ftp_tls.py
    │           │       │   ├── ftplib_ftp.py
    │           │       │   ├── ftplib_ftp_connect_timeout_none.py
    │           │       │   ├── ftplib_ftp_context_mgr.py
    │           │       │   ├── ftplib_ftp_login.py
    │           │       │   ├── ftplib_ftp_login_single_statement.py
    │           │       │   ├── ftplib_ftp_no_timeout.py
    │           │       │   ├── ftplib_ftp_timeout_global.py
    │           │       │   ├── ftplib_ftp_tls.py
    │           │       │   ├── ftplib_ftp_tls_context_as_var.py
    │           │       │   ├── ftplib_ftp_tls_context_none.py
    │           │       │   ├── ftplib_ftp_tls_context_unset.py
    │           │       │   ├── ftplib_ftp_tls_no_timeout.py
    │           │       │   ├── ftplib_ftp_tls_user_password.py
    │           │       │   └── ftplib_ftp_user_password.py
    │           │       ├── test_ftplib_cleartext.py
    │           │       ├── test_ftplib_no_timeout.py
    │           │       └── test_ftplib_unverified_context.py
    │           │   ├── hashlib
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── hashlib_blake2b.py
    │           │       │   ├── hashlib_blake2s.py
    │           │       │   ├── hashlib_improper_prng_blake2b.py
    │           │       │   ├── hashlib_improper_prng_blake2s.py
    │           │       │   ├── hashlib_improper_prng_pbkdf2_hmac.py
    │           │       │   ├── hashlib_improper_prng_scrypt.py
    │           │       │   ├── hashlib_md4.py
    │           │       │   ├── hashlib_md5.py
    │           │       │   ├── hashlib_md5_as_identifier.py
    │           │       │   ├── hashlib_md5_importlib.py
    │           │       │   ├── hashlib_md5_usedforsecurity_true.py
    │           │       │   ├── hashlib_new_blake2b.py
    │           │       │   ├── hashlib_new_blake2s.py
    │           │       │   ├── hashlib_new_md4.py
    │           │       │   ├── hashlib_new_md5.py
    │           │       │   ├── hashlib_new_md5_dict.py
    │           │       │   ├── hashlib_new_md5_sha1.py
    │           │       │   ├── hashlib_new_md5_tuple.py
    │           │       │   ├── hashlib_new_md5_usedforsecurity_true.py
    │           │       │   ├── hashlib_new_name_sha.py
    │           │       │   ├── hashlib_new_ripemd160.py
    │           │       │   ├── hashlib_new_sha.py
    │           │       │   ├── hashlib_new_sha1.py
    │           │       │   ├── hashlib_new_sha224.py
    │           │       │   ├── hashlib_new_sha256.py
    │           │       │   ├── hashlib_new_sha384.py
    │           │       │   ├── hashlib_new_sha3_224.py
    │           │       │   ├── hashlib_new_sha3_256.py
    │           │       │   ├── hashlib_new_sha3_384.py
    │           │       │   ├── hashlib_new_sha3_512.py
    │           │       │   ├── hashlib_new_sha512.py
    │           │       │   ├── hashlib_new_sha_usedforsecurity_false.py
    │           │       │   ├── hashlib_new_shake_128.py
    │           │       │   ├── hashlib_new_shake_256.py
    │           │       │   ├── hashlib_pbkdf2_hmac_md4.py
    │           │       │   ├── hashlib_pbkdf2_hmac_md5.py
    │           │       │   ├── hashlib_pbkdf2_hmac_ripemd160.py
    │           │       │   ├── hashlib_pbkdf2_hmac_sha.py
    │           │       │   ├── hashlib_pbkdf2_hmac_sha1.py
    │           │       │   ├── hashlib_pbkdf2_hmac_sha224.py
    │           │       │   ├── hashlib_pbkdf2_hmac_sha256.py
    │           │       │   ├── hashlib_pbkdf2_hmac_sha384.py
    │           │       │   ├── hashlib_pbkdf2_hmac_sha3_224.py
    │           │       │   ├── hashlib_pbkdf2_hmac_sha3_256.py
    │           │       │   ├── hashlib_pbkdf2_hmac_sha3_384.py
    │           │       │   ├── hashlib_pbkdf2_hmac_sha3_512.py
    │           │       │   ├── hashlib_pbkdf2_hmac_shake_128.py
    │           │       │   ├── hashlib_pbkdf2_hmac_shake_256.py
    │           │       │   ├── hashlib_ripemd160.py
    │           │       │   ├── hashlib_sha.py
    │           │       │   ├── hashlib_sha1.py
    │           │       │   ├── hashlib_sha224.py
    │           │       │   ├── hashlib_sha256.py
    │           │       │   ├── hashlib_sha384.py
    │           │       │   ├── hashlib_sha3_224.py
    │           │       │   ├── hashlib_sha3_256.py
    │           │       │   ├── hashlib_sha3_384.py
    │           │       │   ├── hashlib_sha3_512.py
    │           │       │   ├── hashlib_sha512.py
    │           │       │   ├── hashlib_sha_usedforsecurity_false.py
    │           │       │   ├── hashlib_shake_128.py
    │           │       │   └── hashlib_shake_256.py
    │           │       ├── test_hashlib_improper_prng.py
    │           │       └── test_hashlib_weak_hash.py
    │           │   ├── hmac
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── hmac_digest_blake2b.py
    │           │       │   ├── hmac_digest_blake2s.py
    │           │       │   ├── hmac_digest_hashlib_blake2b.py
    │           │       │   ├── hmac_digest_hashlib_blake2s.py
    │           │       │   ├── hmac_digest_hashlib_md4.py
    │           │       │   ├── hmac_digest_hashlib_md5.py
    │           │       │   ├── hmac_digest_hashlib_ripemd160.py
    │           │       │   ├── hmac_digest_hashlib_sha.py
    │           │       │   ├── hmac_digest_hashlib_sha1.py
    │           │       │   ├── hmac_digest_hashlib_sha224.py
    │           │       │   ├── hmac_digest_hashlib_sha256.py
    │           │       │   ├── hmac_digest_hashlib_sha384.py
    │           │       │   ├── hmac_digest_hashlib_sha3_224.py
    │           │       │   ├── hmac_digest_hashlib_sha3_256.py
    │           │       │   ├── hmac_digest_hashlib_sha3_384.py
    │           │       │   ├── hmac_digest_hashlib_sha3_512.py
    │           │       │   ├── hmac_digest_hashlib_sha512.py
    │           │       │   ├── hmac_digest_hashlib_shake_128.py
    │           │       │   ├── hmac_digest_hashlib_shake_256.py
    │           │       │   ├── hmac_digest_md4.py
    │           │       │   ├── hmac_digest_md5.py
    │           │       │   ├── hmac_digest_md5_sha1.py
    │           │       │   ├── hmac_digest_ripemd160.py
    │           │       │   ├── hmac_digest_sha.py
    │           │       │   ├── hmac_digest_sha1.py
    │           │       │   ├── hmac_digest_sha224.py
    │           │       │   ├── hmac_digest_sha256.py
    │           │       │   ├── hmac_digest_sha384.py
    │           │       │   ├── hmac_digest_sha3_224.py
    │           │       │   ├── hmac_digest_sha3_256.py
    │           │       │   ├── hmac_digest_sha3_384.py
    │           │       │   ├── hmac_digest_sha3_512.py
    │           │       │   ├── hmac_digest_sha512.py
    │           │       │   ├── hmac_digest_shake_128.py
    │           │       │   ├── hmac_digest_shake_256.py
    │           │       │   ├── hmac_digest_weak_key_hashlib_blake2b.py
    │           │       │   ├── hmac_digest_weak_key_hashlib_sha3_256.py
    │           │       │   ├── hmac_digest_weak_key_hashlib_sm3.py
    │           │       │   ├── hmac_digest_weak_key_sha224.py
    │           │       │   ├── hmac_digest_weak_key_sha256.py
    │           │       │   ├── hmac_digest_weak_key_sha512.py
    │           │       │   ├── hmac_new_digestmod_blake2b.py
    │           │       │   ├── hmac_new_digestmod_blake2s.py
    │           │       │   ├── hmac_new_digestmod_hashlib_blake2b.py
    │           │       │   ├── hmac_new_digestmod_hashlib_blake2s.py
    │           │       │   ├── hmac_new_digestmod_hashlib_md4.py
    │           │       │   ├── hmac_new_digestmod_hashlib_md5.py
    │           │       │   ├── hmac_new_digestmod_hashlib_ripemd160.py
    │           │       │   ├── hmac_new_digestmod_hashlib_sha.py
    │           │       │   ├── hmac_new_digestmod_hashlib_sha1.py
    │           │       │   ├── hmac_new_digestmod_hashlib_sha224.py
    │           │       │   ├── hmac_new_digestmod_hashlib_sha256.py
    │           │       │   ├── hmac_new_digestmod_hashlib_sha384.py
    │           │       │   ├── hmac_new_digestmod_hashlib_sha3_224.py
    │           │       │   ├── hmac_new_digestmod_hashlib_sha3_256.py
    │           │       │   ├── hmac_new_digestmod_hashlib_sha3_384.py
    │           │       │   ├── hmac_new_digestmod_hashlib_sha3_512.py
    │           │       │   ├── hmac_new_digestmod_hashlib_sha512.py
    │           │       │   ├── hmac_new_digestmod_hashlib_shake_128.py
    │           │       │   ├── hmac_new_digestmod_hashlib_shake_256.py
    │           │       │   ├── hmac_new_digestmod_md4.py
    │           │       │   ├── hmac_new_digestmod_md5.py
    │           │       │   ├── hmac_new_digestmod_md5_sha1.py
    │           │       │   ├── hmac_new_digestmod_ripemd160.py
    │           │       │   ├── hmac_new_digestmod_sha.py
    │           │       │   ├── hmac_new_digestmod_sha1.py
    │           │       │   ├── hmac_new_digestmod_sha224.py
    │           │       │   ├── hmac_new_digestmod_sha256.py
    │           │       │   ├── hmac_new_digestmod_sha384.py
    │           │       │   ├── hmac_new_digestmod_sha3_224.py
    │           │       │   ├── hmac_new_digestmod_sha3_256.py
    │           │       │   ├── hmac_new_digestmod_sha3_384.py
    │           │       │   ├── hmac_new_digestmod_sha3_512.py
    │           │       │   ├── hmac_new_digestmod_sha512.py
    │           │       │   ├── hmac_new_digestmod_shake_128.py
    │           │       │   ├── hmac_new_digestmod_shake_256.py
    │           │       │   ├── hmac_new_weak_key_blake2s.py
    │           │       │   ├── hmac_new_weak_key_hashlib_sha3_224.py
    │           │       │   ├── hmac_new_weak_key_hashlib_sha3_384.py
    │           │       │   ├── hmac_new_weak_key_hashlib_sha3_512.py
    │           │       │   ├── hmac_new_weak_key_sha384.py
    │           │       │   ├── hmac_new_weak_key_sha512_256.py
    │           │       │   ├── hmac_timing_attack.py
    │           │       │   ├── hmac_timing_attack_class.py
    │           │       │   ├── hmac_timing_attack_class_hexdigest.py
    │           │       │   └── hmac_timing_attack_compare_digest.py
    │           │       ├── test_hmac_timing_attack.py
    │           │       ├── test_hmac_weak_hash.py
    │           │       └── test_hmac_weak_key.py
    │           │   ├── http
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── http_server_http_server.py
    │           │       │   ├── http_server_threading_http_server.py
    │           │       │   ├── http_url_secret_apikey.py
    │           │       │   ├── http_url_secret_apikey_in_header.py
    │           │       │   ├── http_url_secret_basic_auth.py
    │           │       │   ├── http_url_secret_basic_auth_as_var.py
    │           │       │   ├── http_url_secret_password.py
    │           │       │   └── http_url_secret_username.py
    │           │       ├── test_http_server_unrestricted_bind.py
    │           │       └── test_http_url_secret.py
    │           │   ├── imaplib
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── imaplib_imap4_authenticate.py
    │           │       │   ├── imaplib_imap4_context_mgr.py
    │           │       │   ├── imaplib_imap4_login.py
    │           │       │   ├── imaplib_imap4_login_cram_md5.py
    │           │       │   ├── imaplib_imap4_no_timeout.py
    │           │       │   ├── imaplib_imap4_ssl.py
    │           │       │   ├── imaplib_imap4_ssl_context_as_var.py
    │           │       │   ├── imaplib_imap4_ssl_context_none.py
    │           │       │   ├── imaplib_imap4_ssl_context_unset.py
    │           │       │   ├── imaplib_imap4_ssl_timeout_none.py
    │           │       │   ├── imaplib_imap4_starttls.py
    │           │       │   ├── imaplib_imap4_starttls_context_as_var.py
    │           │       │   ├── imaplib_imap4_starttls_context_none.py
    │           │       │   ├── imaplib_imap4_starttls_context_unset.py
    │           │       │   ├── imaplib_imap4_stream.py
    │           │       │   ├── imaplib_imap4_timeout_5.py
    │           │       │   └── imaplib_imap4_timeout_global.py
    │           │       ├── test_imaplib_cleartext.py
    │           │       ├── test_imaplib_no_timeout.py
    │           │       └── test_imaplib_unverified_context.py
    │           │   ├── json
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── json_jsondecoder_decode.py
    │           │       │   ├── json_load.py
    │           │       │   └── json_loads.py
    │           │       └── test_json_load.py
    │           │   ├── logging
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── insecure_listen_config_empty_args.py
    │           │       │   ├── insecure_listen_config_port.py
    │           │       │   ├── insecure_listen_config_port_verify_as_var.py
    │           │       │   ├── insecure_listen_config_port_verify_none.py
    │           │       │   ├── insecure_listen_config_verify_none.py
    │           │       │   ├── insecure_listen_config_verify_none_port.py
    │           │       │   └── insecure_listen_config_verify_set.py
    │           │       └── test_logging_insecure_listen_config.py
    │           │   ├── marshal
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── marshal_load.py
    │           │       │   └── marshal_loads.py
    │           │       └── test_marshal_load.py
    │           │   ├── nntplib
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── nntplib_nntp_context_mgr.py
    │           │       │   ├── nntplib_nntp_login.py
    │           │       │   ├── nntplib_nntp_ssl.py
    │           │       │   ├── nntplib_nntp_ssl_context_as_var.py
    │           │       │   ├── nntplib_nntp_ssl_context_none.py
    │           │       │   ├── nntplib_nntp_ssl_context_unset.py
    │           │       │   ├── nntplib_nntp_ssl_no_timeout.py
    │           │       │   ├── nntplib_nntp_ssl_timeout_5.py
    │           │       │   ├── nntplib_nntp_starttls.py
    │           │       │   ├── nntplib_nntp_starttls_context_as_var.py
    │           │       │   ├── nntplib_nntp_starttls_context_none.py
    │           │       │   ├── nntplib_nntp_starttls_context_unset.py
    │           │       │   ├── nntplib_nntp_timeout_global.py
    │           │       │   └── nntplib_nntp_timeout_none.py
    │           │       ├── test_nntplib_cleartext.py
    │           │       ├── test_nntplib_no_timeout.py
    │           │       └── test_nntplib_unverified_context.py
    │           │   ├── os
    │           │       ├── examples
    │           │       │   ├── os_chmod_IXOTH.py
    │           │       │   ├── os_chmod_S_IXOTH.py
    │           │       │   ├── os_chmod_S_S_IXOTH.py
    │           │       │   ├── os_chmod_o111_binop_wildcard.py
    │           │       │   ├── os_chmod_o555_augmented.py
    │           │       │   ├── os_chmod_o555_binop.py
    │           │       │   ├── os_chmod_o644.py
    │           │       │   ├── os_chmod_o7.py
    │           │       │   ├── os_chmod_o755_binop_stat.py
    │           │       │   ├── os_chmod_o760.py
    │           │       │   ├── os_chmod_o770.py
    │           │       │   ├── os_chmod_o776.py
    │           │       │   ├── os_chmod_o777.py
    │           │       │   ├── os_chmod_stat_S_IXOTH.py
    │           │       │   ├── os_chmod_x1ff.py
    │           │       │   ├── os_fchmod_511.py
    │           │       │   ├── os_lchmod_o227.py
    │           │       │   ├── os_mkdir_default.py
    │           │       │   ├── os_mkdir_o750_binop.py
    │           │       │   ├── os_mkfifo_default.py
    │           │       │   ├── os_mkfifo_o644_binop.py
    │           │       │   ├── os_mknod_o666_binop.py
    │           │       │   ├── os_open_default.py
    │           │       │   ├── os_open_o655.py
    │           │       │   ├── os_setuid_0.py
    │           │       │   ├── os_setuid_1000.py
    │           │       │   └── os_setuid_root.py
    │           │       ├── test_os_loose_file_perm.py
    │           │       └── test_os_setuid_root.py
    │           │   ├── pathlib
    │           │       ├── examples
    │           │       │   ├── pathlib_chmod_IXOTH.py
    │           │       │   ├── pathlib_chmod_S_IXOTH.py
    │           │       │   ├── pathlib_chmod_S_S_IXOTH.py
    │           │       │   ├── pathlib_chmod_o111_binop_wildcard.py
    │           │       │   ├── pathlib_chmod_o644.py
    │           │       │   ├── pathlib_chmod_o7.py
    │           │       │   ├── pathlib_chmod_o755_binop_stat.py
    │           │       │   ├── pathlib_chmod_o760.py
    │           │       │   ├── pathlib_chmod_o770.py
    │           │       │   ├── pathlib_chmod_o776.py
    │           │       │   ├── pathlib_chmod_o777.py
    │           │       │   ├── pathlib_chmod_stat_S_IXOTH.py
    │           │       │   ├── pathlib_chmod_x1ff.py
    │           │       │   ├── pathlib_lchmod_o227.py
    │           │       │   ├── pathlib_mkdir_default.py
    │           │       │   ├── pathlib_mkdir_o750_binop.py
    │           │       │   ├── pathlib_touch_default.py
    │           │       │   └── pathlib_touch_o750_binop.py
    │           │       └── test_pathlib_loose_file_perm.py
    │           │   ├── pickle
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── pickle_load.py
    │           │       │   ├── pickle_loads.py
    │           │       │   └── pickle_unpickler.py
    │           │       └── test_pickle_load.py
    │           │   ├── poplib
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── poplib_pop3_apop.py
    │           │       │   ├── poplib_pop3_no_timeout.py
    │           │       │   ├── poplib_pop3_pass_.py
    │           │       │   ├── poplib_pop3_rpop.py
    │           │       │   ├── poplib_pop3_ssl.py
    │           │       │   ├── poplib_pop3_ssl_context_as_var.py
    │           │       │   ├── poplib_pop3_ssl_context_none.py
    │           │       │   ├── poplib_pop3_ssl_context_unset.py
    │           │       │   ├── poplib_pop3_stls.py
    │           │       │   ├── poplib_pop3_stls_context_as_var.py
    │           │       │   ├── poplib_pop3_stls_context_none.py
    │           │       │   ├── poplib_pop3_stls_context_unset.py
    │           │       │   ├── poplib_pop3_timeout_global.py
    │           │       │   ├── poplib_pop3_timeout_none.py
    │           │       │   └── poplib_pop3_user.py
    │           │       ├── test_poplib_cleartext.py
    │           │       ├── test_poplib_no_timeout.py
    │           │       └── test_poplib_unverified_context.py
    │           │   ├── re
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── re_compile.py
    │           │       │   ├── re_compile_good.py
    │           │       │   ├── re_findall.py
    │           │       │   ├── re_finditer.py
    │           │       │   ├── re_fullmatch.py
    │           │       │   ├── re_match.py
    │           │       │   ├── re_search.py
    │           │       │   ├── re_search_good.py
    │           │       │   ├── re_split.py
    │           │       │   ├── re_sub.py
    │           │       │   └── re_subn.py
    │           │       └── test_re_denial_of_service.py
    │           │   ├── secrets
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── secrets_token_bytes.py
    │           │       │   ├── secrets_token_bytes_default.py
    │           │       │   ├── secrets_token_bytes_size_var.py
    │           │       │   ├── secrets_token_hex.py
    │           │       │   ├── secrets_token_hex_nbytes_unknown.py
    │           │       │   └── secrets_token_urlsafe.py
    │           │       └── test_secrets_weak_token.py
    │           │   ├── shelve
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── shelve_dbfilenameshelf.py
    │           │       │   ├── shelve_open.py
    │           │       │   └── shelve_open_context_mgr.py
    │           │       └── test_shelve_open.py
    │           │   ├── smtplib
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── smtplib_lmtp_timeout_none.py
    │           │       │   ├── smtplib_smtp_auth.py
    │           │       │   ├── smtplib_smtp_context_mgr.py
    │           │       │   ├── smtplib_smtp_login.py
    │           │       │   ├── smtplib_smtp_no_timeout.py
    │           │       │   ├── smtplib_smtp_ssl.py
    │           │       │   ├── smtplib_smtp_ssl_context_as_var.py
    │           │       │   ├── smtplib_smtp_ssl_context_none.py
    │           │       │   ├── smtplib_smtp_ssl_context_unset.py
    │           │       │   ├── smtplib_smtp_ssl_no_timeout.py
    │           │       │   ├── smtplib_smtp_starttls.py
    │           │       │   ├── smtplib_smtp_starttls_context_as_var.py
    │           │       │   ├── smtplib_smtp_starttls_context_none.py
    │           │       │   ├── smtplib_smtp_starttls_context_unset.py
    │           │       │   ├── smtplib_smtp_timeout_5.py
    │           │       │   └── smtplib_smtp_timeout_global.py
    │           │       ├── test_smtplib_cleartext.py
    │           │       ├── test_smtplib_no_timeout.py
    │           │       └── test_smtplib_unverified_context.py
    │           │   ├── socket
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── socket_create_connection.py
    │           │       │   ├── socket_create_connection_timeout_5.py
    │           │       │   ├── socket_create_connection_timeout_global.py
    │           │       │   ├── socket_create_connection_timeout_none.py
    │           │       │   ├── socket_create_server.py
    │           │       │   ├── socket_socket_bind.py
    │           │       │   ├── socket_socket_bind_as_var.py
    │           │       │   └── socket_socket_bind_as_vars.py
    │           │       ├── test_socket_no_timeout.py
    │           │       └── test_socket_unrestricted_bind.py
    │           │   ├── socketserver
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── socketserver_forking_tcp_server.py
    │           │       │   ├── socketserver_forking_udp_server.py
    │           │       │   ├── socketserver_tcp_server.py
    │           │       │   ├── socketserver_threading_tcp_server.py
    │           │       │   ├── socketserver_threading_udp_server.py
    │           │       │   └── socketserver_udp_server.py
    │           │       └── test_socketserver_unrestricted_bind.py
    │           │   ├── ssl
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── create_default_context.py
    │           │       │   ├── create_unverified_context.py
    │           │       │   ├── get_server_certificate_no_timeout.py
    │           │       │   ├── get_server_certificate_sslv2.py
    │           │       │   ├── get_server_certificate_sslv23.py
    │           │       │   ├── get_server_certificate_sslv3.py
    │           │       │   ├── get_server_certificate_timeout_5.py
    │           │       │   ├── get_server_certificate_timeout_global.py
    │           │       │   ├── get_server_certificate_timeout_none.py
    │           │       │   ├── get_server_certificate_tlsv1.py
    │           │       │   ├── get_server_certificate_tlsv11.py
    │           │       │   ├── get_server_certificate_tlsv12.py
    │           │       │   ├── ssl_context_set_ecdh_curve_brainpoolP256r1.py
    │           │       │   ├── ssl_context_set_ecdh_curve_brainpoolP384r1.py
    │           │       │   ├── ssl_context_set_ecdh_curve_brainpoolP384r1tls13.py
    │           │       │   ├── ssl_context_set_ecdh_curve_brainpoolP512r1.py
    │           │       │   ├── ssl_context_set_ecdh_curve_default_context.py
    │           │       │   ├── ssl_context_set_ecdh_curve_ffdhe2048.py
    │           │       │   ├── ssl_context_set_ecdh_curve_prime192v1.py
    │           │       │   ├── ssl_context_set_ecdh_curve_prime256v1.py
    │           │       │   ├── ssl_context_set_ecdh_curve_secp160r2.py
    │           │       │   ├── ssl_context_set_ecdh_curve_secp256r1.py
    │           │       │   ├── ssl_context_set_ecdh_curve_sect163k1.py
    │           │       │   ├── ssl_context_set_ecdh_curve_sect571k1.py
    │           │       │   ├── ssl_context_set_ecdh_curve_typed_default_param.py
    │           │       │   ├── ssl_context_set_ecdh_curve_typed_param.py
    │           │       │   ├── ssl_context_set_ecdh_curve_unverified_context.py
    │           │       │   ├── ssl_context_sslv2.py
    │           │       │   ├── ssl_context_sslv23.py
    │           │       │   ├── ssl_context_sslv3.py
    │           │       │   ├── ssl_context_tlsv1.py
    │           │       │   ├── ssl_context_tlsv11.py
    │           │       │   ├── ssl_context_tlsv12.py
    │           │       │   ├── wrap_socket_sslv2.py
    │           │       │   ├── wrap_socket_sslv23.py
    │           │       │   ├── wrap_socket_sslv2_server_side_true.py
    │           │       │   ├── wrap_socket_sslv3.py
    │           │       │   ├── wrap_socket_tlsv1.py
    │           │       │   ├── wrap_socket_tlsv11.py
    │           │       │   └── wrap_socket_tlsv12.py
    │           │       ├── test_ssl_context_tls_version.py
    │           │       ├── test_ssl_context_weak_key.py
    │           │       ├── test_ssl_create_context.py
    │           │       ├── test_ssl_get_server_certificate_tls_version.py
    │           │       ├── test_ssl_no_timeout.py
    │           │       └── test_ssl_wrap_socket_tls_version.py
    │           │   ├── telnetlib
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── telnet.py
    │           │       │   ├── telnetlib_telnet.py
    │           │       │   ├── telnetlib_telnet_context_mgr.py
    │           │       │   ├── telnetlib_telnet_no_timeout.py
    │           │       │   ├── telnetlib_telnet_open_timeout_none.py
    │           │       │   ├── telnetlib_telnet_timeout_5.py
    │           │       │   └── telnetlib_telnet_timeout_global.py
    │           │       ├── test_telnetlib_cleartext.py
    │           │       └── test_telnetlib_no_timeout.py
    │           │   ├── tempfile
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │       │   ├── tempfile_mktemp.py
    │           │       │   ├── tempfile_mktemp_args_open.py
    │           │       │   ├── tempfile_mktemp_args_with_open_args.py
    │           │       │   ├── tempfile_mktemp_open.py
    │           │       │   ├── tempfile_mktemp_walrus_open.py
    │           │       │   ├── tempfile_mktemp_with_open.py
    │           │       │   └── tempfile_mktemp_with_open_multiline.py
    │           │       └── test_tempfile_mktemp_race_condition.py
    │           │   └── xmlrpc
    │           │       ├── __init__.py
    │           │       ├── examples
    │           │           ├── xmlrpc_server_doc_xml_rpc_server.py
    │           │           └── xmlrpc_server_simple_xml_rpc_server.py
    │           │       └── test_xmlrpc_server_unrestricted_bind.py
    │       └── test_case.py
└── tox.ini


/.github/CODEOWNERS:
--------------------------------------------------------------------------------
1 | *       @ericwb
2 | 


--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
 1 | version: 2
 2 | updates:
 3 |   - package-ecosystem: "github-actions"
 4 |     directory: "/"
 5 |     schedule:
 6 |       interval: "daily"
 7 | 
 8 |   - package-ecosystem: "pip"
 9 |     directory: "/"
10 |     schedule:
11 |       interval: "daily"
12 | 


--------------------------------------------------------------------------------
/.readthedocs.yaml:
--------------------------------------------------------------------------------
 1 | # Copyright 2024 Secure Sauce LLC
 2 | # SPDX-License-Identifier: BUSL-1.1
 3 | version: 2
 4 | 
 5 | build:
 6 |   os: ubuntu-lts-latest
 7 |   tools:
 8 |     python: latest
 9 | 
10 | mkdocs:
11 |   configuration: mkdocs.yml
12 | 
13 | python:
14 |   install:
15 |     - requirements: requirements.txt
16 |     - requirements: docs/requirements.txt
17 |     - method: pip
18 |       path: .
19 | 


--------------------------------------------------------------------------------
/custom/c_sharp/start.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Diagnostics;
 3 | 
 4 | class Program {
 5 |     static void Main() {
 6 |         string cmd = Console.ReadLine();
 7 |         Process.Start(cmd); // 🚨 flagged: highlights `cmd`
 8 |     }
 9 | }
10 | 


--------------------------------------------------------------------------------
/custom/cpp/sysinput.cpp:
--------------------------------------------------------------------------------
 1 | #include <cstdlib>
 2 | #include <iostream>
 3 | #include <string>
 4 | 
 5 | int main() {
 6 |     std::string user_input;
 7 |     std::cout << "Enter command: ";
 8 |     std::getline(std::cin, user_input);
 9 | 
10 |     // Dangerous: user input passed directly to system()
11 |     system(user_input.c_str());
12 | 
13 |     return 0;
14 | }
15 | 


--------------------------------------------------------------------------------
/custom/css/important.css:
--------------------------------------------------------------------------------
1 | body {
2 |   display: none !important;
3 | }
4 | 


--------------------------------------------------------------------------------
/custom/go/exec.go:
--------------------------------------------------------------------------------
1 | import "os/exec"
2 | 
3 | func run(cmd string) {
4 |     exec.Command(cmd)
5 | }
6 | 


--------------------------------------------------------------------------------
/custom/haskell/unsafePerformIO.hs:
--------------------------------------------------------------------------------
1 | import System.IO.Unsafe
2 | 
3 | value :: String
4 | value = unsafePerformIO $ readFile "/etc/passwd"
5 | 


--------------------------------------------------------------------------------
/custom/java/Exec.java:
--------------------------------------------------------------------------------
 1 | public class Bad {
 2 |     public void run(String cmd) {
 3 |         try {
 4 |             Runtime.getRuntime().exec(cmd);
 5 |         } catch (IOException e) {
 6 |             // ignore
 7 |         }
 8 |     }
 9 | }
10 | 


--------------------------------------------------------------------------------
/custom/javascript/userinput.js:
--------------------------------------------------------------------------------
1 | let userInput = prompt("Enter code:");
2 | eval(userInput);
3 | 


--------------------------------------------------------------------------------
/custom/python/requests_get_verify_false.py:
--------------------------------------------------------------------------------
1 | import requests
2 | 
3 | 
4 | requests.get("https://localhost", verify=False)
5 | 


--------------------------------------------------------------------------------
/custom/ruby/eval.rb:
--------------------------------------------------------------------------------
1 | # Simulated user input
2 | user_code = gets.chomp
3 | 
4 | # Dangerous: evaluates user-supplied input as Ruby code
5 | eval(user_code)
6 | 


--------------------------------------------------------------------------------
/custom/scala/ExecutionContext.scala:
--------------------------------------------------------------------------------
1 | import scala.concurrent.ExecutionContext
2 | 
3 | val ec = ExecutionContext.global
4 | 


--------------------------------------------------------------------------------
/docs/javascripts/tablesort.js:
--------------------------------------------------------------------------------
1 | document$.subscribe(function() {
2 |   var tables = document.querySelectorAll("article table:not([class])")
3 |   tables.forEach(function(table) {
4 |     new Tablesort(table)
5 |   })
6 | })
7 | 


--------------------------------------------------------------------------------
/docs/requirements.txt:
--------------------------------------------------------------------------------
1 | # Copyright 2024 Secure Sauce LLC
2 | # SPDX-License-Identifier: BUSL-1.1
3 | mkdocs
4 | mkdocs-macros-plugin
5 | mkdocs-material
6 | mkdocs-git-revision-date-localized-plugin
7 | mkdocstrings[python]
8 | 


--------------------------------------------------------------------------------
/docs/rules/go/stdlib/crypto-unrestricted-bind.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: GO005
 3 | title: crypto — unrestricted bind
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/GO005
 8 | ---
 9 | 
10 | ::: precli.rules.go.stdlib.crypto_unrestricted_bind
11 | 


--------------------------------------------------------------------------------
/docs/rules/go/stdlib/crypto-weak-cipher.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: GO001
 3 | title: crypto — weak cipher
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/GO001
 8 | ---
 9 | 
10 | ::: precli.rules.go.stdlib.crypto_weak_cipher
11 | 


--------------------------------------------------------------------------------
/docs/rules/go/stdlib/crypto-weak-hash.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: GO002
 3 | title: crypto — weak hash
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/GO002
 8 | ---
 9 | 
10 | ::: precli.rules.go.stdlib.crypto_weak_hash
11 | 


--------------------------------------------------------------------------------
/docs/rules/go/stdlib/crypto-weak-key.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: GO003
 3 | title: crypto — weak key
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/GO003
 8 | ---
 9 | 
10 | ::: precli.rules.go.stdlib.crypto_weak_key
11 | 


--------------------------------------------------------------------------------
/docs/rules/go/stdlib/net-http-no-timeout.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: GO007
 3 | title: net/http — no timeout
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/GO007
 8 | ---
 9 | 
10 | ::: precli.rules.go.stdlib.net_http_no_timeout
11 | 


--------------------------------------------------------------------------------
/docs/rules/go/stdlib/net-unrestricted-bind.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: GO006
 3 | title: net — unrestricted bind
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/GO006
 8 | ---
 9 | 
10 | ::: precli.rules.go.stdlib.net_unrestricted_bind
11 | 


--------------------------------------------------------------------------------
/docs/rules/go/stdlib/syscall-setuid-root.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: GO004
 3 | title: syscall — unnecessary privileges
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/GO004
 8 | ---
 9 | 
10 | ::: precli.rules.go.stdlib.syscall_setuid_root
11 | 


--------------------------------------------------------------------------------
/docs/rules/java/stdlib/java-net-insecure-cookie.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: JAV006
 3 | title: java.net — insecure cookie
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/JAV006
 8 | ---
 9 | 
10 | ::: precli.rules.java.stdlib.java_net_insecure_cookie
11 | 


--------------------------------------------------------------------------------
/docs/rules/java/stdlib/java-security-weak-hash.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: JAV002
 3 | title: java.security — weak hash
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/JAV002
 8 | ---
 9 | 
10 | ::: precli.rules.java.stdlib.java_security_weak_hash
11 | 


--------------------------------------------------------------------------------
/docs/rules/java/stdlib/java-security-weak-key.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: JAV003
 3 | title: java.security — weak key
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/JAV003
 8 | ---
 9 | 
10 | ::: precli.rules.java.stdlib.java_security_weak_key
11 | 


--------------------------------------------------------------------------------
/docs/rules/java/stdlib/java-security-weak-random.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: JAV004
 3 | title: java.security — weak random
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/JAV004
 8 | ---
 9 | 
10 | ::: precli.rules.java.stdlib.java_security_weak_random
11 | 


--------------------------------------------------------------------------------
/docs/rules/java/stdlib/javax-crypto-weak-cipher.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: JAV001
 3 | title: javax.crypto — weak cipher
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/JAV001
 8 | ---
 9 | 
10 | ::: precli.rules.java.stdlib.javax_crypto_weak_cipher
11 | 


--------------------------------------------------------------------------------
/docs/rules/java/stdlib/javax-servlet-http-insecure-cookie.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: JAV005
 3 | title: javax.servlet.http — insecure cookie
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/JAV005
 8 | ---
 9 | 
10 | ::: precli.rules.java.stdlib.javax_servlet_http_insecure_cookie
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/argparse-sensitive-info.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY027
 3 | title: argparse — sensitive info
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY027
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.argparse_sensitive_info
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/assert.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY001
 3 | title: assert
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY001
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.assert
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/crypt-weak-hash.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY017
 3 | title: ssl — create unverified context
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY017
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.crypt_weak_hash
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/ftplib-cleartext.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY003
 3 | title: ftplib — cleartext
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY003
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.ftplib_cleartext
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/ftplib-no-timeout.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY045
 3 | title: ftplib — no timeout
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY045
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.ftplib_no_timeout
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/ftplib-unverified-context.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY022
 3 | title: ftplib — unverified context
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY022
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.ftplib_unverified_context
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/hashlib-improper-prng.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY035
 3 | title: hashlib — improper prng
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY035
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.hashlib_improper_prng
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/hashlib-weak-hash.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY004
 3 | title: hashlib — weak hash
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY004
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.hashlib_weak_hash
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/hmac-timing-attack.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY005
 3 | title: hmac — timing attack
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY005
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.hmac_timing_attack
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/hmac-weak-hash.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY006
 3 | title: hmac — weak hash
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY006
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.hmac_weak_hash
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/hmac-weak-key.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY034
 3 | title: hmac — weak key
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY034
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.hmac_weak_key
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/http-server-unrestricted-bind.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY031
 3 | title: http — unrestricted bind
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY031
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.http_server_unrestricted_bind
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/http-url-secret.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY007
 3 | title: http — url secret
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY007
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.http_url_secret
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/imaplib-cleartext.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY008
 3 | title: imaplib — cleartext
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY008
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.imaplib_cleartext
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/imaplib-no-timeout.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY041
 3 | title: imaplib — no timeout
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY041
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.imaplib_no_timeout
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/imaplib-unverified-context.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY023
 3 | title: imaplib — unverified context
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY023
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.imaplib_unverified_context
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/json-load.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY009
 3 | title: json — load
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY009
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.json_load
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/logging-insecure-listen-config.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY010
 3 | title: logging — insecure listen config
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY010
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.logging_insecure_listen_config
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/marshal-load.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY011
 3 | title: marshal — load
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY011
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.marshal_load
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/nntplib-cleartext.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY012
 3 | title: nntplib — cleartext
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY012
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.nntplib_cleartext
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/nntplib-no-timeout.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY042
 3 | title: nntplib — no timeout
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY042
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.nntplib_no_timeout
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/nntplib-unverified-context.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY024
 3 | title: nntplib — unverified context
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY024
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.nntplib_unverified_context
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/os-loose-file-perm.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY036
 3 | title: os — incorrect permission
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY036
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.os_loose_file_perm
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/os-setuid-root.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY038
 3 | title: os — unnecessary privileges
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY038
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.os_setuid_root
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/pathlib-loose-file-perm.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY037
 3 | title: pathlib — incorrect permission
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY037
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.pathlib_loose_file_perm
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/pickle-load.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY013
 3 | title: pickle — load
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY013
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.pickle_load
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/poplib-cleartext.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY014
 3 | title: poplib — cleartext
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY014
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.poplib_cleartext
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/poplib-no-timeout.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY043
 3 | title: poplib — no timeout
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY043
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.poplib_no_timeout
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/poplib-unverified-context.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY025
 3 | title: poplib — unverified context
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY025
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.poplib_unverified_context
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/re-denial-of-service.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY033
 3 | title: re — denial of service
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY033
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.re_denial_of_service
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/secrets-weak-token.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY028
 3 | title: secrets — weak token
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY028
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.secrets_weak_token
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/shelve-open.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY015
 3 | title: shelve — open
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY015
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.shelve_open
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/smtplib-cleartext.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY016
 3 | title: smtplib — cleartext
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY016
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.smtplib_cleartext
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/smtplib-no-timeout.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY040
 3 | title: smtplib — no timeout
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY040
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.smtplib_no_timeout
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/smtplib-unverified-context.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY026
 3 | title: smtplib — unverified context
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY026
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.smtplib_unverified_context
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/socket-no-timeout.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY039
 3 | title: socket — no timeout
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY039
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.socket_no_timeout
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/socket-unrestricted-bind.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY029
 3 | title: socket — unrestricted bind
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY029
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.socket_unrestricted_bind
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/socketserver-unrestricted-bind.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY030
 3 | title: socketserver — unrestricted bind
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY030
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.socketserver_unrestricted_bind
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/ssl-context-weak-key.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY019
 3 | title: ssl — weak key
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY019
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.ssl_context_weak_key
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/ssl-create-unverified-context.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY017
 3 | title: ssl — unverified context
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY017
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.ssl_create_unverified_context
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/ssl-insecure-tls-version.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY018
 3 | title: ssl — insecure tls version
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY018
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.ssl_insecure_tls_version
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/ssl-no-timeout.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY046
 3 | title: ssl — no timeout
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY046
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.ssl_no_timeout
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/telnetlib-cleartext.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY020
 3 | title: telnetlib — cleartext
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY020
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.telnetlib_cleartext
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/telnetlib-no-timeout.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY044
 3 | title: telnetlib — no timeout
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY044
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.telnetlib_no_timeout
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/tempfile-mktemp-race-condition.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY021
 3 | title: tempfile — mktemp race condition
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY021
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.tempfile_mktemp_race_condition
11 | 


--------------------------------------------------------------------------------
/docs/rules/python/stdlib/xmlrpc-server-unrestricted-bind.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | id: PY032
 3 | title: xmlrpc — unrestricted bind
 4 | hide_title: true
 5 | pagination_prev: null
 6 | pagination_next: null
 7 | slug: /rules/PY032
 8 | ---
 9 | 
10 | ::: precli.rules.python.stdlib.xmlrpc_server_unrestricted_bind
11 | 


--------------------------------------------------------------------------------
/docs/stylesheets/extra.css:
--------------------------------------------------------------------------------
 1 | :root {
 2 |   --md-tooltip-width: 600px;
 3 | }
 4 | 
 5 | .md-typeset .admonition,
 6 | .md-typeset details {
 7 |   border-width: 0;
 8 |   border-left-width: 4px;
 9 | }
10 | 


--------------------------------------------------------------------------------
/images/example.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/images/example.gif


--------------------------------------------------------------------------------
/images/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/images/logo.png


--------------------------------------------------------------------------------
/precli/__init__.py:
--------------------------------------------------------------------------------
 1 | # Copyright 2024 Secure Sauce LLC
 2 | # SPDX-License-Identifier: BUSL-1.1
 3 | from datetime import datetime
 4 | from importlib import metadata
 5 | 
 6 | 
 7 | __author__ = metadata.metadata("precli")["Author"]
 8 | __summary__ = metadata.metadata("precli")["Summary"]
 9 | __copyright__ = f"Copyright {datetime.now():%Y} Secure Sauce LLC"
10 | __download_url__ = metadata.metadata("precli")["Download-URL"]
11 | __url__ = metadata.metadata("precli")["Home-page"]
12 | __version__ = metadata.version("precli")
13 | 


--------------------------------------------------------------------------------
/precli/__main__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # Copyright 2024 Secure Sauce LLC
3 | # SPDX-License-Identifier: BUSL-1.1
4 | from precli.cli import main
5 | 
6 | 
7 | main.main()
8 | 


--------------------------------------------------------------------------------
/precli/cli/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/precli/cli/__init__.py


--------------------------------------------------------------------------------
/precli/core/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/precli/core/__init__.py


--------------------------------------------------------------------------------
/precli/renderers/__init__.py:
--------------------------------------------------------------------------------
 1 | # Copyright 2024 Secure Sauce LLC
 2 | from abc import ABC
 3 | from abc import abstractmethod
 4 | 
 5 | from rich.console import Console
 6 | 
 7 | from precli.core.run import Run
 8 | 
 9 | 
10 | class Renderer(ABC):
11 |     def __init__(self, console: Console, quiet: bool):
12 |         self.console = console
13 |         self.quiet = quiet
14 | 
15 |     @abstractmethod
16 |     def file_extension(self) -> str:
17 |         pass
18 | 
19 |     @abstractmethod
20 |     def render(self, run: Run):
21 |         pass
22 | 


--------------------------------------------------------------------------------
/precli/rules/go/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/precli/rules/go/__init__.py


--------------------------------------------------------------------------------
/precli/rules/go/stdlib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/precli/rules/go/stdlib/__init__.py


--------------------------------------------------------------------------------
/precli/rules/java/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/precli/rules/java/__init__.py


--------------------------------------------------------------------------------
/precli/rules/java/stdlib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/precli/rules/java/stdlib/__init__.py


--------------------------------------------------------------------------------
/precli/rules/python/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/precli/rules/python/__init__.py


--------------------------------------------------------------------------------
/precli/rules/python/stdlib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/precli/rules/python/stdlib/__init__.py


--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
 1 | # Copyright 2025 Secure Sauce LLC
 2 | # SPDX-License-Identifier: BUSL-1.1
 3 | typing-extensions==4.13.2;python_version<"3.11"
 4 | tomli==2.2.1; python_version<"3.11"
 5 | tomli_w==1.2.0
 6 | rich==14.0.0
 7 | tree-sitter==0.24.0
 8 | ignorelib==0.3.0
 9 | requests==2.32.4
10 | sarif-om==1.0.4
11 | jschema-to-python==1.2.3
12 | tree-sitter-go==0.23.4
13 | tree-sitter-java==0.23.5
14 | tree-sitter-python==0.23.6
15 | pyyaml==6.0.2
16 | 


--------------------------------------------------------------------------------
/setup.py:
--------------------------------------------------------------------------------
 1 | # Copyright 2025 Secure Sauce LLC
 2 | # SPDX-License-Identifier: BUSL-1.1
 3 | import setuptools
 4 | 
 5 | 
 6 | setuptools.setup(
 7 |     python_requires=">=3.10",
 8 |     setup_requires=["pbr>=2.0.0"],
 9 |     pbr=True,
10 |     package_data={
11 |         "precli": ["locale/*/LC_MESSAGES/*.mo"],
12 |     },
13 | )
14 | 


--------------------------------------------------------------------------------
/test-requirements.txt:
--------------------------------------------------------------------------------
1 | # Copyright 2024 Secure Sauce LLC
2 | # SPDX-License-Identifier: BUSL-1.1
3 | flake8>=4.0.0 # Apache-2.0
4 | pytest>=8.2.0 # MIT
5 | pylint>=1.9.4 # GPLv2
6 | 


--------------------------------------------------------------------------------
/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/__init__.py


--------------------------------------------------------------------------------
/tests/unit/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/__init__.py


--------------------------------------------------------------------------------
/tests/unit/cli/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/cli/__init__.py


--------------------------------------------------------------------------------
/tests/unit/core/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/core/__init__.py


--------------------------------------------------------------------------------
/tests/unit/core/test_python.py:
--------------------------------------------------------------------------------
 1 | # Copyright 2023 Secure Sauce LLC
 2 | # SPDX-License-Identifier: BUSL-1.1
 3 | from precli.parsers import python
 4 | 
 5 | 
 6 | class TestPython:
 7 |     @classmethod
 8 |     def setup_class(cls):
 9 |         cls.parser = python.Python(skip_tests=False)
10 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/parsers/__init__.py


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/bad_coding.py:
--------------------------------------------------------------------------------
1 | # -*- coding: uft-8 -*-
2 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/expression_list_assignment.py:
--------------------------------------------------------------------------------
1 | import ssl
2 | 
3 | 
4 | ssl_ctx1, ssl_ctx2 = ssl.SSLContext(), ssl.SSLContext()
5 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/expression_list_assignment_uneven.py:
--------------------------------------------------------------------------------
1 | import torch
2 | 
3 | 
4 | torch.tensor([[0.1, 1.2], [2.2, 3.1], [4.9, 5.2]])
5 | x = torch.tensor([[0.1, 1.2], [2.2, 3.1], [4.9, 5.2]])
6 | b, *_, device = *x.shape, x.device
7 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/importlib_import_module.py:
--------------------------------------------------------------------------------
1 | import importlib
2 | 
3 | 
4 | query = "worker:run"
5 | module_name, _, func_name = query.partition(":")
6 | module = importlib.import_module(module_name, package="base_package")
7 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/pep3120.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/parsers/examples/pep3120.py


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 |     "crypto/md5"
 5 | )
 6 | 
 7 | func main() {
 8 |     h := md5.New() // suppress: GO002
 9 | }
10 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress.py:
--------------------------------------------------------------------------------
1 | import hashlib
2 | 
3 | 
4 | hashlib.md5()  # suppress: PY004
5 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_lowercase_rule.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 |     "crypto/md5"
 5 | )
 6 | 
 7 | func main() {
 8 |     h := md5.New() // suppress: go002
 9 | }
10 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_lowercase_rule.py:
--------------------------------------------------------------------------------
1 | import hashlib
2 | 
3 | 
4 | hashlib.md5()  # suppress: py004
5 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_multiline.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 |     "crypto/md5"
 5 | )
 6 | 
 7 | func main() {
 8 |     h := md5.New() // suppress: GO002
 9 | }
10 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_multiline.py:
--------------------------------------------------------------------------------
1 | import hashlib
2 | 
3 | 
4 | hashlib.md5()  # suppress: PY004
5 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_multiple_comments.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 |     "crypto/md5"
 5 | )
 6 | 
 7 | func main() {
 8 |     h := md5.New() // type: ... // suppress: GO002 // noqa: E501 ; nolint:lll
 9 | }
10 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_multiple_comments.py:
--------------------------------------------------------------------------------
1 | import hashlib
2 | 
3 | 
4 | hashlib.md5()  # type: ... # suppress: PY004 # noqa: E501 ; pylint: disable=line-too-long
5 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_multiple_rules.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 |     "crypto/md5"
 5 | )
 6 | 
 7 | func main() {
 8 |     h := md5.New() // suppress: GO001, GO002, GO003
 9 | }
10 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_multiple_rules.py:
--------------------------------------------------------------------------------
1 | import hashlib
2 | 
3 | 
4 | hashlib.md5()  # suppress: PY001, PY002, PY003, PY004, PY005
5 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_preceding.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 |     "crypto/md5"
 5 | )
 6 | 
 7 | func main() {
 8 |     // suppress: GO002
 9 |     h := md5.New()
10 | }
11 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_preceding.py:
--------------------------------------------------------------------------------
1 | import hashlib
2 | 
3 | 
4 | # suppress: PY004
5 | hashlib.md5()
6 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_spaced_rules.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 |     "crypto/md5"
 5 | )
 6 | 
 7 | func main() {
 8 |     h := md5.New() // suppress: GO001 GO002 GO003
 9 | }
10 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_spaced_rules.py:
--------------------------------------------------------------------------------
1 | import hashlib
2 | 
3 | 
4 | hashlib.md5()  # suppress: PY003 PY004
5 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_wrong_rule.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 |     "crypto/md5"
 5 | )
 6 | 
 7 | func main() {
 8 |     h := md5.New() // suppress: GO003
 9 | }
10 | 


--------------------------------------------------------------------------------
/tests/unit/parsers/examples/suppress_wrong_rule.py:
--------------------------------------------------------------------------------
1 | import hashlib
2 | 
3 | 
4 | hashlib.md5()  # suppress: PY005
5 | 


--------------------------------------------------------------------------------
/tests/unit/rules/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/go/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/go/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/go/stdlib/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/crypto/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/go/stdlib/crypto/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/crypto/examples/crypto_weak_cipher_aes.go:
--------------------------------------------------------------------------------
 1 | // level: NONE
 2 | package main
 3 | 
 4 | import (
 5 |     "crypto/aes"
 6 | )
 7 | 
 8 | func main() {
 9 |     aesKey := []byte("example key 1234")
10 | 
11 |     _, err := aes.NewCipher(aesKey)
12 |     if err != nil {
13 |         panic(err)
14 |     }
15 | }
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/crypto/examples/crypto_weak_hash_md5_new.go:
--------------------------------------------------------------------------------
 1 | // level: ERROR
 2 | // start_line: 14
 3 | // end_line: 14
 4 | // start_column: 9
 5 | // end_column: 16
 6 | package main
 7 | 
 8 | import (
 9 |     "crypto/md5"
10 |     "fmt"
11 | )
12 | 
13 | func main() {
14 |     h := md5.New()
15 |     h.Write([]byte("hello world\n"))
16 |     fmt.Printf("%x", h.Sum(nil))
17 | }
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/crypto/examples/crypto_weak_hash_md5_sum.go:
--------------------------------------------------------------------------------
 1 | // level: ERROR
 2 | // start_line: 15
 3 | // end_line: 15
 4 | // start_column: 21
 5 | // end_column: 28
 6 | package main
 7 | 
 8 | import (
 9 |     "crypto/md5"
10 |     "fmt"
11 | )
12 | 
13 | func main() {
14 |     data := []byte("These pretzels are making me thirsty.")
15 |     fmt.Printf("%x", md5.Sum(data))
16 | }
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/crypto/examples/crypto_weak_hash_sha1_new.go:
--------------------------------------------------------------------------------
 1 | // level: ERROR
 2 | // start_line: 14
 3 | // end_line: 14
 4 | // start_column: 9
 5 | // end_column: 17
 6 | package main
 7 | 
 8 | import (
 9 |     "crypto/sha1"
10 |     "fmt"
11 | )
12 | 
13 | func main() {
14 |     h := sha1.New()
15 |     h.Write([]byte("hello world\n"))
16 |     fmt.Printf("%x", h.Sum(nil))
17 | }
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/crypto/examples/crypto_weak_hash_sha1_sum.go:
--------------------------------------------------------------------------------
 1 | // level: ERROR
 2 | // start_line: 15
 3 | // end_line: 15
 4 | // start_column: 22
 5 | // end_column: 30
 6 | package main
 7 | 
 8 | import (
 9 |     "crypto/sha1"
10 |     "fmt"
11 | )
12 | 
13 | func main() {
14 |     data := []byte("This page intentionally left blank.")
15 |     fmt.Printf("% x", sha1.Sum(data))
16 | }
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/crypto/examples/crypto_weak_hash_sha256_new.go:
--------------------------------------------------------------------------------
 1 | // level: NONE
 2 | package main
 3 | 
 4 | import (
 5 |     "crypto/sha256"
 6 |     "fmt"
 7 | )
 8 | 
 9 | func main() {
10 |     h := sha256.New()
11 |     h.Write([]byte("hello world\n"))
12 |     fmt.Printf("%x", h.Sum(nil))
13 | }
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/crypto/examples/crypto_weak_hash_sha256_sum.go:
--------------------------------------------------------------------------------
 1 | // level: NONE
 2 | package main
 3 | 
 4 | import (
 5 |     "crypto/sha256"
 6 |     "fmt"
 7 | )
 8 | 
 9 | func main() {
10 |     sum := sha256.Sum256([]byte("hello world\n"))
11 |     fmt.Printf("%x", sum)
12 | }
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/net/examples/net_http_listenandserve.go:
--------------------------------------------------------------------------------
 1 | // level: WARNING
 2 | // start_line: 20
 3 | // end_line: 20
 4 | // start_column: 14
 5 | // end_column: 33
 6 | package main
 7 | 
 8 | import (
 9 |     "io"
10 |     "log"
11 |     "net/http"
12 | )
13 | 
14 | func main() {
15 |     helloHandler := func(w http.ResponseWriter, req *http.Request) {
16 |         io.WriteString(w, "Hello, world!\n")
17 |     }
18 | 
19 |     http.HandleFunc("/hello", helloHandler)
20 |     log.Fatal(http.ListenAndServe(":8080", nil))
21 | }
22 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/net/examples/net_listen_ipv4.go:
--------------------------------------------------------------------------------
 1 | // level: WARNING
 2 | // start_line: 14
 3 | // end_line: 14
 4 | // start_column: 33
 5 | // end_column: 47
 6 | package main
 7 | 
 8 | import (
 9 |     "log"
10 |     "net"
11 | )
12 | 
13 | func main() {
14 |     ln, err := net.Listen("tcp", "0.0.0.0:8443")
15 |     if err != nil {
16 |         log.Fatalf("net.Listen failed on %s: %v", "0.0.0.0", err)
17 |     }
18 |     defer ln.Close()
19 | }
20 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/net/examples/net_listen_ipv6.go:
--------------------------------------------------------------------------------
 1 | // level: WARNING
 2 | // start_line: 14
 3 | // end_line: 14
 4 | // start_column: 33
 5 | // end_column: 44
 6 | package main
 7 | 
 8 | import (
 9 |     "log"
10 |     "net"
11 | )
12 | 
13 | func main() {
14 |     ln, err := net.Listen("tcp", "[::]:8443")
15 |     if err != nil {
16 |         log.Fatalf("net.Listen failed on %s: %v", "[::]", err)
17 |     }
18 |     defer ln.Close()
19 | }
20 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/syscall/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/go/stdlib/syscall/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/syscall/examples/syscall_setuid_0.go:
--------------------------------------------------------------------------------
 1 | // level: ERROR
 2 | // start_line: 16
 3 | // end_line: 16
 4 | // start_column: 29
 5 | // end_column: 30
 6 | package main
 7 | 
 8 | import (
 9 |     "fmt"
10 |     "log"
11 |     "os"
12 |     "syscall"
13 | )
14 | 
15 | func main() {
16 |     if err := syscall.Setuid(0); err != nil {
17 |         log.Fatalf("Failed to set UID: %v", err)
18 |     }
19 | 
20 |     fmt.Printf("Running as UID: %d\n", os.Getuid())
21 | }
22 | 


--------------------------------------------------------------------------------
/tests/unit/rules/go/stdlib/syscall/examples/syscall_setuid_500.go:
--------------------------------------------------------------------------------
 1 | // level: NONE
 2 | package main
 3 | 
 4 | import (
 5 |     "fmt"
 6 |     "log"
 7 |     "os"
 8 |     "syscall"
 9 | )
10 | 
11 | func main() {
12 |     if err := syscall.Setuid(500); err != nil {
13 |         log.Fatalf("Failed to set UID: %v", err)
14 |     }
15 | 
16 |     fmt.Printf("Running as UID: %d\n", os.Getuid())
17 | }
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/java/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/java/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/java/stdlib/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/java_net/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/java/stdlib/java_net/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/java_net/examples/HttpCookieSecureFalse.java:
--------------------------------------------------------------------------------
 1 | // level: WARNING
 2 | // start_line: 13
 3 | // end_line: 13
 4 | // start_column: 25
 5 | // end_column: 30
 6 | import java.net.*;
 7 | 
 8 | 
 9 | public class HttpCookieSecureFalse {
10 |     public static void main(String[] args) {
11 |         HttpCookie cookie = new HttpCookie("cookieName", "cookieValue");
12 |         cookie.setHttpOnly(true);
13 |         cookie.setSecure(false);
14 |     }
15 | }
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/java_net/examples/HttpCookieSecureTrue.java:
--------------------------------------------------------------------------------
 1 | // level: NONE
 2 | import java.net.*;
 3 | 
 4 | 
 5 | public class HttpCookieSecureTrue {
 6 |     public static void main(String[] args) {
 7 |         HttpCookie cookie = new HttpCookie("cookieName", "cookieValue");
 8 |         cookie.setHttpOnly(true);
 9 |         cookie.setSecure(true);
10 |     }
11 | }
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/java_security/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/java/stdlib/java_security/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/java_security/examples/MessageDigestMD5.java:
--------------------------------------------------------------------------------
 1 | // level: ERROR
 2 | // start_line: 12
 3 | // end_line: 12
 4 | // start_column: 57
 5 | // end_column: 62
 6 | import java.security.*;
 7 | 
 8 | 
 9 | public class MessageDigestMD5 {
10 |     public static void main(String[] args) {
11 |         try {
12 |             MessageDigest md = MessageDigest.getInstance("MD5");
13 |         } catch (NoSuchAlgorithmException e) {
14 |             System.err.println("MD5 hashing algorithm not available.");
15 |         }
16 |     }
17 | }
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/java_security/examples/MessageDigestSHA256.java:
--------------------------------------------------------------------------------
 1 | // level: NONE
 2 | import java.security.*;
 3 | 
 4 | 
 5 | public class MessageDigestSHA256 {
 6 |     public static void main(String[] args) {
 7 |         try {
 8 |             MessageDigest md = MessageDigest.getInstance("SHA256");
 9 |         } catch (NoSuchAlgorithmException e) {
10 |             System.err.println("SHA256 hashing algorithm not available.");
11 |         }
12 |     }
13 | }
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/java_security/examples/SecureRandomDefault.java:
--------------------------------------------------------------------------------
 1 | // level: NONE
 2 | import java.security.*;
 3 | 
 4 | 
 5 | public class SecureRandomDefault {
 6 |     public static void main(String[] args) {
 7 |         SecureRandom sr = new SecureRandom();
 8 |     }
 9 | }
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/javax_crypto/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/java/stdlib/javax_crypto/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/javax_servlet_http/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/java/stdlib/javax_servlet_http/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/javax_servlet_http/examples/CookieSecureFalse.java:
--------------------------------------------------------------------------------
 1 | // level: WARNING
 2 | // start_line: 13
 3 | // end_line: 13
 4 | // start_column: 25
 5 | // end_column: 30
 6 | import javax.servlet.http.Cookie;
 7 | 
 8 | 
 9 | public class CookieSecureFalse {
10 |     public static void main(String[] args) {
11 |         Cookie cookie = new Cookie("cookieName", "cookieValue");
12 |         cookie.setHttpOnly(true);
13 |         cookie.setSecure(false);
14 |     }
15 | }
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/java/stdlib/javax_servlet_http/examples/CookieSecureTrue.java:
--------------------------------------------------------------------------------
 1 | // level: NONE
 2 | import javax.servlet.http.Cookie;
 3 | 
 4 | 
 5 | public class CookieSecureTrue {
 6 |     public static void main(String[] args) {
 7 |         Cookie cookie = new Cookie("cookieName", "cookieValue");
 8 |         cookie.setHttpOnly(true);
 9 |         cookie.setSecure(true);
10 |     }
11 | }
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/argparse/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/argparse/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/argparse/examples/argparse_add_argument_api_key.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 13
 3 | # end_line: 18
 4 | # start_column: 0
 5 | # end_column: 1
 6 | import argparse
 7 | 
 8 | 
 9 | parser = argparse.ArgumentParser(
10 |     prog="ProgramName",
11 |     description="What the program does",
12 | )
13 | parser.add_argument(
14 |     "--api-key",
15 |     dest="api_key",
16 |     action="store",
17 |     help="API key to connect to the server",
18 | )
19 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/argparse/examples/argparse_add_argument_default_action.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 13
 3 | # end_line: 17
 4 | # start_column: 0
 5 | # end_column: 1
 6 | import argparse
 7 | 
 8 | 
 9 | parser = argparse.ArgumentParser(
10 |     prog="ProgramName",
11 |     description="What the program does",
12 | )
13 | parser.add_argument(
14 |     "--api-key",
15 |     dest="api_key",
16 |     help="API key to connect to the server",
17 | )
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/argparse/examples/argparse_add_argument_token.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 13
 3 | # end_line: 18
 4 | # start_column: 0
 5 | # end_column: 1
 6 | from argparse import *
 7 | 
 8 | 
 9 | parser = ArgumentParser(
10 |     prog="ProgramName",
11 |     description="What the program does",
12 | )
13 | parser.add_argument(
14 |     "--token",
15 |     dest="api_key",
16 |     action="store",
17 |     help="Token to connect to the server",
18 | )
19 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/assert/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/assert/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/assert/examples/assert.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 7
 3 | # end_line: 7
 4 | # start_column: 4
 5 | # end_column: 10
 6 | def foobar(a: str = None):
 7 |     assert a is not None
 8 |     return f"Hello {a}"
 9 | 
10 | 
11 | foobar(None)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/crypt/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_crypt.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import crypt
3 | 
4 | 
5 | crypt.crypt("asdfasdfasdfasdf")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_crypt_method_blowfish.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import crypt
3 | 
4 | 
5 | crypt.crypt("asdfasdfasdfasdf", salt=crypt.METHOD_BLOWFISH)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_crypt_method_crypt.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 0
 5 | # end_column: 11
 6 | import crypt
 7 | 
 8 | 
 9 | crypt.crypt("asdfasdfasdfasdf", salt=crypt.METHOD_CRYPT)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_crypt_method_md5.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 0
 5 | # end_column: 11
 6 | import crypt
 7 | 
 8 | 
 9 | crypt.crypt("password", salt=crypt.METHOD_MD5)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_crypt_method_sha256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import crypt
3 | 
4 | 
5 | crypt.crypt("asdfasdfasdfasdf", salt=crypt.METHOD_SHA256)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_crypt_method_sha512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import crypt
3 | 
4 | 
5 | crypt.crypt("asdfasdfasdfasdf", salt=crypt.METHOD_SHA512)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_mksalt.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import crypt
3 | 
4 | 
5 | crypt.mksalt()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_mksalt_method_blowfish.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import crypt
3 | 
4 | 
5 | crypt.mksalt(crypt.METHOD_BLOWFISH)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_mksalt_method_crypt.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 0
 5 | # end_column: 12
 6 | import crypt
 7 | 
 8 | 
 9 | crypt.mksalt(crypt.METHOD_CRYPT)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_mksalt_method_md5.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 0
 5 | # end_column: 12
 6 | import crypt
 7 | 
 8 | 
 9 | crypt.mksalt(crypt.METHOD_MD5)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_mksalt_method_sha256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import crypt
3 | 
4 | 
5 | crypt.mksalt(crypt.METHOD_SHA256)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/crypt/examples/crypt_mksalt_method_sha512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import crypt
3 | 
4 | 
5 | crypt.mksalt(crypt.METHOD_SHA512)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/ftplib/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftp.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 6
 5 | # end_column: 9
 6 | from ftplib import FTP
 7 | 
 8 | 
 9 | ftp = FTP("ftp.us.debian.org")
10 | ftp.login()
11 | 
12 | ftp.cwd("debian")
13 | ftp.retrlines("LIST")
14 | 
15 | ftp.quit()
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftp_context_mgr.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 5
 5 | # end_column: 8
 6 | from ftplib import FTP
 7 | 
 8 | 
 9 | with FTP("ftp.us.debian.org"):
10 |     print("FTP protocol available")
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftp_login.py:
--------------------------------------------------------------------------------
 1 | from ftplib import FTP
 2 | 
 3 | 
 4 | ftp = FTP("ftp.us.debian.org")
 5 | ftp.login("user", "password")
 6 | 
 7 | ftp.cwd("debian")
 8 | ftp.retrlines("LIST")
 9 | 
10 | ftp.quit()
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftp_tls.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | from ftplib import FTP
 3 | 
 4 | 
 5 | ftp = FTP_TLS("ftp.us.debian.org")
 6 | ftp.login()
 7 | 
 8 | ftp.cwd("debian")
 9 | ftp.retrlines("LIST")
10 | 
11 | ftp.quit()
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 6
 5 | # end_column: 16
 6 | import ftplib
 7 | 
 8 | 
 9 | ftp = ftplib.FTP("ftp.us.debian.org")
10 | ftp.login()
11 | 
12 | ftp.cwd("debian")
13 | ftp.retrlines("LIST")
14 | 
15 | ftp.quit()
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_connect_timeout_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 46
 5 | # end_column: 50
 6 | import ftplib
 7 | 
 8 | 
 9 | ftp_server = ftplib.FTP()
10 | ftp_server.connect("ftp.example.com", timeout=None)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_context_mgr.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 5
 5 | # end_column: 15
 6 | import ftplib
 7 | 
 8 | 
 9 | with ftplib.FTP("ftp.us.debian.org") as ftp:
10 |     ftp.cwd("debian")
11 |     ftp.retrlines("LIST")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_login.py:
--------------------------------------------------------------------------------
 1 | import ftplib
 2 | 
 3 | 
 4 | ftp = ftplib.FTP("ftp.us.debian.org")
 5 | ftp.login("user", "password")
 6 | 
 7 | ftp.cwd("debian")
 8 | ftp.retrlines("LIST")
 9 | 
10 | ftp.quit()
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_login_single_statement.py:
--------------------------------------------------------------------------------
1 | import ftplib
2 | 
3 | 
4 | ftplib.FTP("ftp.us.debian.org").login("user", "password").quit()
5 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_no_timeout.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 23
 5 | # end_column: 42
 6 | import ftplib
 7 | 
 8 | 
 9 | ftp_server = ftplib.FTP("ftp.example.com")
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_timeout_global.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ftplib
3 | import socket
4 | 
5 | 
6 | socket.setdefaulttimeout(5.0)
7 | ftp_server = ftplib.FTP("ftp.example.com")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import ftplib
 3 | import ssl
 4 | 
 5 | 
 6 | ftp = ftplib.FTP_TLS(
 7 |     "ftp.us.debian.org",
 8 |     context=ssl.create_default_context(),
 9 | )
10 | ftp.login()
11 | 
12 | ftp.cwd("debian")
13 | ftp.retrlines("LIST")
14 | 
15 | ftp.quit()
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls_context_as_var.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 12
 5 | # end_column: 19
 6 | import ftplib
 7 | 
 8 | 
 9 | context = None
10 | ftp = ftplib.FTP_TLS(
11 |     "ftp.us.debian.org",
12 |     context=context,
13 |     encoding="utf-8",
14 | )
15 | ftp.login()
16 | 
17 | ftp.cwd("debian")
18 | ftp.retrlines("LIST")
19 | 
20 | ftp.quit()
21 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls_context_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 12
 5 | # end_column: 16
 6 | import ftplib
 7 | 
 8 | 
 9 | ftp = ftplib.FTP_TLS(
10 |     "ftp.us.debian.org",
11 |     context=None,
12 |     encoding="utf-8",
13 | )
14 | ftp.login()
15 | 
16 | ftp.cwd("debian")
17 | ftp.retrlines("LIST")
18 | 
19 | ftp.quit()
20 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls_context_unset.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 6
 5 | # end_column: 20
 6 | import ftplib
 7 | 
 8 | 
 9 | ftp = ftplib.FTP_TLS("ftp.us.debian.org")
10 | ftp.login()
11 | 
12 | ftp.cwd("debian")
13 | ftp.retrlines("LIST")
14 | 
15 | ftp.quit()
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls_no_timeout.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 27
 5 | # end_column: 46
 6 | import ftplib
 7 | 
 8 | 
 9 | ftp_server = ftplib.FTP_TLS("ftp.example.com")
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls_user_password.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import ftplib
 3 | import ssl
 4 | 
 5 | 
 6 | ftp = ftplib.FTP_TLS(
 7 |     "ftp.us.debian.org",
 8 |     "user",
 9 |     "password",
10 |     context=ssl.create_default_context(),
11 | )
12 | ftp.login()
13 | 
14 | ftp.cwd("debian")
15 | ftp.retrlines("LIST")
16 | 
17 | ftp.quit()
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_user_password.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 6
 5 | # end_column: 16
 6 | import ftplib
 7 | 
 8 | 
 9 | ftp = ftplib.FTP("ftp.us.debian.org", "user", "password")
10 | ftp.login()
11 | 
12 | ftp.cwd("debian")
13 | ftp.retrlines("LIST")
14 | 
15 | ftp.quit()
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/hashlib/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_blake2b.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.blake2b()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_blake2s.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.blake2s()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_improper_prng_blake2b.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 27
 5 | # end_column: 31
 6 | import hashlib
 7 | import ssl
 8 | 
 9 | 
10 | data = b"super-secret-data"
11 | salt = ssl.RAND_bytes(16)
12 | hashlib.blake2b(data, salt=salt)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_improper_prng_blake2s.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 27
 5 | # end_column: 31
 6 | import hashlib
 7 | from random import randbytes
 8 | 
 9 | 
10 | data = b"super-secret-data"
11 | salt = randbytes(16)
12 | hashlib.blake2s(data, salt=salt)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_improper_prng_pbkdf2_hmac.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 13
 3 | # end_line: 13
 4 | # start_column: 58
 5 | # end_column: 62
 6 | import hashlib
 7 | import ssl
 8 | 
 9 | 
10 | password = b"my_secure_password"
11 | salt = ssl.RAND_bytes(16)
12 | our_app_iters = 500_000
13 | hashed_password = hashlib.pbkdf2_hmac("sha256", password, salt, our_app_iters)
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_improper_prng_scrypt.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 48
 5 | # end_column: 52
 6 | import hashlib
 7 | import random
 8 | 
 9 | 
10 | password = b"my_secure_password"
11 | salt = random.randbytes(16)
12 | hashed_password = hashlib.scrypt(password, salt=salt, n=16384, r=8, p=1)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_md4.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 8
 5 | # end_column: 11
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.md4()
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_md5.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 8
 5 | # end_column: 11
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.md5()
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_md5_as_identifier.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | hashlib = "hashlib"
3 | hashlib.md5()
4 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_md5_importlib.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 8
 5 | # end_column: 11
 6 | import importlib
 7 | 
 8 | 
 9 | hashlib = importlib.import_module("hashlib")
10 | hashlib.md5()
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_md5_usedforsecurity_true.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 8
 5 | # end_column: 11
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.md5(usedforsecurity=True)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_blake2b.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("blake2b")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_blake2s.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("blake2s")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_md4.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 12
 5 | # end_column: 17
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.new("md4")
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_md5.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 12
 5 | # end_column: 17
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.new("md5")
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_md5_dict.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 17
 3 | # end_line: 17
 4 | # start_column: 12
 5 | # end_column: 51
 6 | import hashlib
 7 | 
 8 | 
 9 | algorithms = {
10 |     "weak": {
11 |         "weaker": {
12 |             "weakest": "md5",
13 |         },
14 |     },
15 |     "secure": "sha256",
16 | }
17 | hashlib.new(algorithms["weak"]["weaker"]["weakest"])
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_md5_sha1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 12
 5 | # end_column: 22
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.new("md5-sha1")
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_md5_tuple.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 12
 5 | # end_column: 23
 6 | import hashlib
 7 | 
 8 | 
 9 | test_tup = (0, None, "blah", "md5")
10 | hashlib.new(test_tup[3])
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_md5_usedforsecurity_true.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 12
 5 | # end_column: 17
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.new("md5", usedforsecurity=True)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_name_sha.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 17
 5 | # end_column: 22
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.new(name="sha")
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_ripemd160.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 12
 5 | # end_column: 23
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.new("ripemd160")
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 12
 5 | # end_column: 17
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.new("sha")
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 12
 5 | # end_column: 18
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.new("sha1")
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("sha224")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("sha256")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha384.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("sha384")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha3_224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("sha3_224")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha3_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("sha3_256")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha3_384.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("sha3_384")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha3_512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("sha3_512")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("sha512")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_sha_usedforsecurity_false.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("sha", usedforsecurity=False)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_shake_128.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("shake_128")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_new_shake_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.new("shake_256")
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_md4.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 20
 5 | # end_column: 25
 6 | import hashlib
 7 | 
 8 | 
 9 | our_app_iters = 500_000
10 | hashlib.pbkdf2_hmac("md4", b"password", b"bad salt" * 2, our_app_iters)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_md5.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 20
 5 | # end_column: 25
 6 | import hashlib
 7 | 
 8 | 
 9 | our_app_iters = 500_000
10 | hashlib.pbkdf2_hmac("md5", b"password", b"bad salt" * 2, our_app_iters)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_ripemd160.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 20
 5 | # end_column: 31
 6 | import hashlib
 7 | 
 8 | 
 9 | our_app_iters = 500_000
10 | hashlib.pbkdf2_hmac("ripemd160", b"password", b"bad salt" * 2, our_app_iters)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_sha.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 20
 5 | # end_column: 25
 6 | import hashlib
 7 | 
 8 | 
 9 | our_app_iters = 500_000
10 | hashlib.pbkdf2_hmac("sha", b"password", b"bad salt" * 2, our_app_iters)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_sha1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 20
 5 | # end_column: 26
 6 | import hashlib
 7 | 
 8 | 
 9 | our_app_iters = 500_000
10 | hashlib.pbkdf2_hmac("sha1", b"password", b"bad salt" * 2, our_app_iters)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_sha224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | our_app_iters = 500_000
6 | hashlib.pbkdf2_hmac("sha224", b"password", b"bad salt" * 2, our_app_iters)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_sha256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | our_app_iters = 500_000
6 | hashlib.pbkdf2_hmac("sha256", b"password", b"bad salt" * 2, our_app_iters)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_sha384.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | our_app_iters = 500_000
6 | hashlib.pbkdf2_hmac("sha384", b"password", b"bad salt" * 2, our_app_iters)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_sha3_224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | our_app_iters = 500_000
6 | hashlib.pbkdf2_hmac("sha3_224", b"password", b"bad salt" * 2, our_app_iters)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_sha3_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | our_app_iters = 500_000
6 | hashlib.pbkdf2_hmac("sha3_256", b"password", b"bad salt" * 2, our_app_iters)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_sha3_384.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | our_app_iters = 500_000
6 | hashlib.pbkdf2_hmac("sha3_384", b"password", b"bad salt" * 2, our_app_iters)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_sha3_512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | our_app_iters = 500_000
6 | hashlib.pbkdf2_hmac("sha3_512", b"password", b"bad salt" * 2, our_app_iters)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_shake_128.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | our_app_iters = 500_000
6 | hashlib.pbkdf2_hmac("shake_128", b"password", b"bad salt" * 2, our_app_iters)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_pbkdf2_hmac_shake_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | our_app_iters = 500_000
6 | hashlib.pbkdf2_hmac("shake_256", b"password", b"bad salt" * 2, our_app_iters)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_ripemd160.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 8
 5 | # end_column: 17
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.ripemd160()
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 8
 5 | # end_column: 11
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.sha()
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 8
 5 | # end_column: 12
 6 | import hashlib
 7 | 
 8 | 
 9 | hashlib.sha1()
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.sha224()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.sha256()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha384.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.sha384()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha3_224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.sha3_224()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha3_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.sha3_256()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha3_384.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.sha3_384()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha3_512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.sha3_512()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.sha512()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_sha_usedforsecurity_false.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.sha(usedforsecurity=False)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_shake_128.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.shake_128()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hashlib/examples/hashlib_shake_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | 
4 | 
5 | hashlib.shake_256()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/hmac/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_blake2b.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | import secrets
4 | 
5 | 
6 | key = secrets.token_bytes(64)
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest="blake2b")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_blake2s.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-super-duper-secret-key-string"
6 | message = b"Hello, world!"
7 | hmac.digest(key, message, digest="blake2s")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_blake2b.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hashlib
 3 | import hmac
 4 | import secrets
 5 | 
 6 | 
 7 | key = secrets.token_bytes(64)
 8 | message = b"Hello, world!"
 9 | hmac.digest(key, message, digest=hashlib.blake2b)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_blake2s.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-super-duper-secret-key-string"
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest=hashlib.blake2s)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_md4.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 33
 5 | # end_column: 44
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-secret-key"
11 | message = b"Hello, world!"
12 | hmac.digest(key, message, digest=hashlib.md4)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_md5.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 33
 5 | # end_column: 44
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-secret-key"
11 | message = b"Hello, world!"
12 | hmac.digest(key, message, digest=hashlib.md5)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_ripemd160.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 33
 5 | # end_column: 50
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-secret-key"
11 | message = b"Hello, world!"
12 | hmac.digest(key, message, digest=hashlib.ripemd160)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_sha.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 33
 5 | # end_column: 44
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-secret-key"
11 | message = b"Hello, world!"
12 | hmac.digest(key, message, digest=hashlib.sha)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_sha1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 33
 5 | # end_column: 45
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-secret-key"
11 | message = b"Hello, world!"
12 | hmac.digest(key, message, digest=hashlib.sha1)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_sha224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-super-duper-secret-key-string"
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest=hashlib.sha224)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_sha256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-super-duper-secret-key-string"
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest=hashlib.sha256)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_sha384.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hashlib
 3 | import hmac
 4 | from secrets import token_bytes
 5 | 
 6 | 
 7 | key = token_bytes(nbytes=48)
 8 | message = b"Hello, world!"
 9 | hmac.digest(key, message, digest=hashlib.sha384)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_sha3_224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-super-duper-secret-key-string"
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest=hashlib.sha3_224)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_sha3_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-super-duper-secret-key-string"
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest=hashlib.sha3_256)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_sha3_384.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hashlib
 3 | import hmac
 4 | import secrets
 5 | 
 6 | 
 7 | key = secrets.token_bytes(nbytes=48)
 8 | message = b"Hello, world!"
 9 | hmac.digest(key, message, digest=hashlib.sha3_384)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_sha3_512.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hashlib
 3 | import hmac
 4 | import secrets
 5 | 
 6 | 
 7 | key = secrets.token_bytes(64)
 8 | message = b"Hello, world!"
 9 | hmac.digest(key, message, digest=hashlib.sha3_512)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_sha512.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hashlib
 3 | import hmac
 4 | import secrets
 5 | 
 6 | 
 7 | key = secrets.token_bytes(64)
 8 | message = b"Hello, world!"
 9 | hmac.digest(key, message, digest=hashlib.sha512)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_shake_128.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-secret-key"
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest=hashlib.shake_128)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_hashlib_shake_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-secret-key"
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest=hashlib.shake_256)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_md4.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 33
 5 | # end_column: 38
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.digest(key, message, digest="md4")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_md5.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 33
 5 | # end_column: 38
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.digest(key, message, digest="md5")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_md5_sha1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 33
 5 | # end_column: 43
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.digest(key, message, digest="md5-sha1")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_ripemd160.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 33
 5 | # end_column: 44
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.digest(key, message, digest="ripemd160")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_sha.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 33
 5 | # end_column: 38
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.digest(key, message, digest="sha")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_sha1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 33
 5 | # end_column: 39
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.digest(key, message, digest="sha1")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_sha224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-super-duper-secret-key-string"
6 | message = b"Hello, world!"
7 | hmac.digest(key, message, digest="sha224")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_sha256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-super-duper-secret-key-string"
6 | message = b"Hello, world!"
7 | hmac.digest(key, message, digest="sha256")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_sha384.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | from secrets import token_bytes
4 | 
5 | 
6 | key = token_bytes(nbytes=48)
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest="sha384")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_sha3_224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-super-duper-secret-key-string"
6 | message = b"Hello, world!"
7 | hmac.digest(key, message, digest="sha3_224")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_sha3_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | import secrets
4 | 
5 | 
6 | key = secrets.token_bytes()
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest="sha3_256")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_sha3_384.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | import secrets
4 | 
5 | 
6 | key = secrets.token_bytes(nbytes=48)
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest="sha3_384")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_sha3_512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | import secrets
4 | 
5 | 
6 | key = secrets.token_bytes(64)
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest="sha3_512")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_sha512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | import secrets
4 | 
5 | 
6 | key = secrets.token_bytes(nbytes=64)
7 | message = b"Hello, world!"
8 | hmac.digest(key, message, digest="sha512")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_shake_128.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-secret-key"
6 | message = b"Hello, world!"
7 | hmac.digest(key, message, digest="shake_128")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_shake_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-secret-key"
6 | message = b"Hello, world!"
7 | hmac.digest(key, message, digest="shake_256")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_weak_key_hashlib_blake2b.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 13
 3 | # end_line: 13
 4 | # start_column: 12
 5 | # end_column: 15
 6 | import hashlib
 7 | import hmac
 8 | import secrets
 9 | 
10 | 
11 | key = secrets.token_hex()
12 | message = b"Hello, world!"
13 | hmac.digest(key, message, digest=hashlib.blake2b())
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_weak_key_hashlib_sha3_256.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 13
 3 | # end_line: 13
 4 | # start_column: 12
 5 | # end_column: 15
 6 | import hashlib
 7 | import hmac
 8 | import secrets
 9 | 
10 | 
11 | key = secrets.token_urlsafe(16)  # suppress: PY028
12 | message = b"Hello, world!"
13 | hmac.digest(key, message, digest=hashlib.sha3_256)
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_weak_key_hashlib_sm3.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 12
 5 | # end_column: 15
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"abcdefghijklmnop"
11 | message = b"Hello, world!"
12 | hmac.digest(key, message, digest=hashlib.sm3)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_weak_key_sha224.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 13
 3 | # end_line: 13
 4 | # start_column: 12
 5 | # end_column: 15
 6 | import hmac
 7 | import secrets
 8 | 
 9 | 
10 | key_size = 16
11 | key = secrets.token_bytes(nbytes=key_size)  # suppress: PY028
12 | message = b"Hello, world!"
13 | hmac.digest(key, message, digest="sha224")
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_weak_key_sha256.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 12
 5 | # end_column: 15
 6 | import hmac
 7 | import secrets
 8 | 
 9 | 
10 | key = secrets.token_bytes(nbytes=28)  # suppress: PY028
11 | message = b"Hello, world!"
12 | hmac.digest(key, message, digest="sha256")
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_digest_weak_key_sha512.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 12
 5 | # end_column: 15
 6 | import hmac
 7 | from secrets import token_bytes
 8 | 
 9 | 
10 | key = token_bytes(nbytes=None)
11 | message = b"Hello, world!"
12 | hmac.digest(key, message, digest="sha512")
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_blake2b.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | import secrets
4 | 
5 | 
6 | key = secrets.token_bytes(64)
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod="blake2b")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_blake2s.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-super-duper-secret-key-string"
6 | message = b"Hello, world!"
7 | hmac.new(key, msg=message, digestmod="blake2s")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_blake2b.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hashlib
 3 | import hmac
 4 | import secrets
 5 | 
 6 | 
 7 | key = secrets.token_bytes(64)
 8 | message = b"Hello, world!"
 9 | hmac.new(key, msg=message, digestmod=hashlib.blake2b)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_blake2s.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-super-duper-secret-key-string"
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod=hashlib.blake2s)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_md4.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 37
 5 | # end_column: 48
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-secret-key"
11 | message = b"Hello, world!"
12 | hmac.new(key, msg=message, digestmod=hashlib.md4)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_md5.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 37
 5 | # end_column: 48
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-secret-key"
11 | message = b"Hello, world!"
12 | hmac.new(key, msg=message, digestmod=hashlib.md5)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_ripemd160.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 37
 5 | # end_column: 54
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-secret-key"
11 | message = b"Hello, world!"
12 | hmac.new(key, msg=message, digestmod=hashlib.ripemd160)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_sha.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 37
 5 | # end_column: 48
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-secret-key"
11 | message = b"Hello, world!"
12 | hmac.new(key, msg=message, digestmod=hashlib.sha)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_sha1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 37
 5 | # end_column: 49
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-secret-key"
11 | message = b"Hello, world!"
12 | hmac.new(key, msg=message, digestmod=hashlib.sha1)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_sha224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-super-duper-secret-key-string"
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod=hashlib.sha224)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_sha256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-super-duper-secret-key-string"
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod=hashlib.sha256)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_sha384.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hashlib
 3 | import hmac
 4 | from secrets import token_bytes
 5 | 
 6 | 
 7 | key = token_bytes(nbytes=48)
 8 | message = b"Hello, world!"
 9 | hmac.new(key, msg=message, digestmod=hashlib.sha384)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_sha3_224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-super-duper-secret-key-string"
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod=hashlib.sha3_224)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_sha3_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-super-duper-secret-key-string"
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod=hashlib.sha3_256)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_sha3_384.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hashlib
 3 | import hmac
 4 | import secrets
 5 | 
 6 | 
 7 | key = secrets.token_bytes(nbytes=48)
 8 | message = b"Hello, world!"
 9 | hmac.new(key, msg=message, digestmod=hashlib.sha3_384)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_sha3_512.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hashlib
 3 | import hmac
 4 | import secrets
 5 | 
 6 | 
 7 | key = secrets.token_bytes(64)
 8 | message = b"Hello, world!"
 9 | hmac.new(key, msg=message, digestmod=hashlib.sha3_512)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_sha512.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hashlib
 3 | import hmac
 4 | import secrets
 5 | 
 6 | 
 7 | key = secrets.token_bytes(64)
 8 | message = b"Hello, world!"
 9 | hmac.new(key, msg=message, digestmod=hashlib.sha512)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_shake_128.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-secret-key"
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod=hashlib.shake_128)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_hashlib_shake_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hashlib
3 | import hmac
4 | 
5 | 
6 | key = b"my-secret-key"
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod=hashlib.shake_256)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_md4.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 37
 5 | # end_column: 42
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.new(key, msg=message, digestmod="md4")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_md5.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 37
 5 | # end_column: 42
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.new(key, msg=message, digestmod="md5")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_md5_sha1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 37
 5 | # end_column: 47
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.new(key, msg=message, digestmod="md5-sha1")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_ripemd160.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 37
 5 | # end_column: 48
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.new(key, msg=message, digestmod="ripemd160")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_sha.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 37
 5 | # end_column: 42
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.new(key, msg=message, digestmod="sha")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_sha1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 37
 5 | # end_column: 43
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-secret-key"
10 | message = b"Hello, world!"
11 | hmac.new(key, msg=message, digestmod="sha1")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_sha224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-super-duper-secret-key-string"
6 | message = b"Hello, world!"
7 | hmac.new(key, msg=message, digestmod="sha224")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_sha256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-super-duper-secret-key-string"
6 | message = b"Hello, world!"
7 | hmac.new(key, msg=message, digestmod="sha256")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_sha384.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | from secrets import token_bytes
4 | 
5 | 
6 | key = token_bytes(nbytes=48)
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod="sha384")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_sha3_224.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-super-duper-secret-key-string"
6 | message = b"Hello, world!"
7 | hmac.new(key, msg=message, digestmod="sha3_224")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_sha3_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-super-duper-secret-key-string"
6 | message = b"Hello, world!"
7 | hmac.new(key, msg=message, digestmod="sha3_256")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_sha3_384.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | import secrets
4 | 
5 | 
6 | key = secrets.token_bytes(nbytes=48)
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod="sha3_384")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_sha3_512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | import secrets
4 | 
5 | 
6 | key = secrets.token_bytes(64)
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod="sha3_512")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_sha512.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | import secrets
4 | 
5 | 
6 | key = secrets.token_bytes(nbytes=64)
7 | message = b"Hello, world!"
8 | hmac.new(key, msg=message, digestmod="sha512")
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_shake_128.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-secret-key"
6 | message = b"Hello, world!"
7 | hmac.new(key, msg=message, digestmod="shake_128")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_digestmod_shake_256.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import hmac
3 | 
4 | 
5 | key = b"my-secret-key"
6 | message = b"Hello, world!"
7 | hmac.new(key, msg=message, digestmod="shake_256")
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_weak_key_blake2s.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 9
 5 | # end_column: 12
 6 | import hmac
 7 | 
 8 | 
 9 | key = b"my-super-duper-secret-key"
10 | message = b"Hello, world!"
11 | hmac.new(key, msg=message, digestmod="blake2s")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_weak_key_hashlib_sha3_224.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 9
 5 | # end_column: 12
 6 | import hashlib
 7 | import hmac
 8 | 
 9 | 
10 | key = b"my-super-duper-secret"
11 | message = b"Hello, world!"
12 | hmac.new(key, msg=message, digestmod=hashlib.sha3_224)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_weak_key_hashlib_sha3_384.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 13
 3 | # end_line: 13
 4 | # start_column: 9
 5 | # end_column: 12
 6 | import hashlib
 7 | import hmac
 8 | import secrets
 9 | 
10 | 
11 | key = secrets.token_bytes(None)
12 | message = b"Hello, world!"
13 | hmac.new(key, msg=message, digestmod=hashlib.sha3_384)
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_weak_key_hashlib_sha3_512.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 13
 3 | # end_line: 13
 4 | # start_column: 9
 5 | # end_column: 12
 6 | import hashlib
 7 | import hmac
 8 | import secrets
 9 | 
10 | 
11 | key = secrets.token_bytes(nbytes=16)  # suppress: PY028
12 | message = b"Hello, world!"
13 | hmac.new(key, msg=message, digestmod=hashlib.sha3_512)
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_weak_key_sha384.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 9
 5 | # end_column: 12
 6 | import hmac
 7 | from secrets import token_bytes
 8 | 
 9 | 
10 | key = token_bytes(nbytes=None)
11 | message = b"Hello, world!"
12 | hmac.new(key, msg=message, digestmod="sha384")
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_new_weak_key_sha512_256.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 9
 5 | # end_column: 12
 6 | import hmac
 7 | import secrets
 8 | 
 9 | 
10 | key = secrets.token_bytes(nbytes=16)  # suppress: PY028
11 | message = b"Hello, world!"
12 | hmac.new(key, msg=message, digestmod="sha512_256")
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_timing_attack.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 18
 3 | # end_line: 18
 4 | # start_column: 13
 5 | # end_column: 15
 6 | import hmac
 7 | 
 8 | 
 9 | received_digest = (
10 |     b"\xe2\x93\x08\x19T8\xdc\x80\xef\x87\x90m\x1f\x9d\xf7\xf2"
11 |     b"\xf5\x10>\xdbf\xa2\xaf\xf7x\xcdX\xdf"
12 | )
13 | 
14 | key = b"my-super-duper-secret-key-string"
15 | password = b"pass"
16 | digest = hmac.digest(key, password, digest="sha224")
17 | 
18 | print(digest == received_digest)
19 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_timing_attack_class.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 19
 3 | # end_line: 19
 4 | # start_column: 13
 5 | # end_column: 15
 6 | import hmac
 7 | 
 8 | 
 9 | received_digest = (
10 |     b"\xe2\x93\x08\x19T8\xdc\x80\xef\x87\x90m\x1f\x9d\xf7\xf2"
11 |     b"\xf5\x10>\xdbf\xa2\xaf\xf7x\xcdX\xdf"
12 | )
13 | 
14 | key = b"my-secret-key"
15 | password = b"pass"
16 | h = hmac.HMAC(key, msg=password, digestmod="sha224")
17 | digest = h.digest()
18 | 
19 | print(digest == received_digest)
20 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_timing_attack_class_hexdigest.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 16
 3 | # end_line: 16
 4 | # start_column: 13
 5 | # end_column: 15
 6 | import hmac
 7 | 
 8 | 
 9 | received_digest = "e29308195438dc80ef87906d1f9df7f2f5103edb66a2aff778cd58df"
10 | 
11 | key = b"my-secret-key"
12 | password = b"pass"
13 | h = hmac.HMAC(key, msg=password, digestmod="sha224")
14 | digest = h.hexdigest()
15 | 
16 | print(digest == received_digest)
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/hmac/examples/hmac_timing_attack_compare_digest.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import hmac
 3 | 
 4 | 
 5 | received_digest = (
 6 |     b"\xe2\x93\x08\x19T8\xdc\x80\xef\x87\x90m\x1f\x9d\xf7\xf2"
 7 |     b"\xf5\x10>\xdbf\xa2\xaf\xf7x\xcdX\xdf"
 8 | )
 9 | 
10 | key = b"my-super-duper-secret-key-string"
11 | password = b"pass"
12 | digest = hmac.digest(key, password, digest="sha224")
13 | 
14 | print(hmac.compare_digest(digest, received_digest))
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/http/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/http/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/http/examples/http_server_http_server.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 25
 5 | # end_column: 39
 6 | from http.server import HTTPServer
 7 | 
 8 | 
 9 | def run(server_class: HTTPServer):
10 |     server_address = ("", 8000)
11 |     httpd = server_class(server_address, allow_none=True)
12 |     httpd.serve_forever()
13 | 
14 | 
15 | if __name__ == "__main__":
16 |     run(HTTPServer)
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/http/examples/http_server_threading_http_server.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 25
 5 | # end_column: 39
 6 | from http.server import ThreadingHTTPServer
 7 | 
 8 | 
 9 | def run(server_class: ThreadingHTTPServer):
10 |     server_address = ("", 8000)
11 |     httpd = server_class(server_address, allow_none=True)
12 |     httpd.serve_forever()
13 | 
14 | 
15 | if __name__ == "__main__":
16 |     run(ThreadingHTTPServer)
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/http/examples/http_url_secret_apikey.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 11
 5 | # end_column: 46
 6 | import http.client
 7 | 
 8 | 
 9 | host = "example.com"
10 | conn = http.client.HTTPSConnection(host)
11 | conn.request(
12 |     "GET", "/path?apiKey=value&otherParam=123", headers={"Host": host}
13 | )
14 | response = conn.getresponse()
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/http/examples/http_url_secret_apikey_in_header.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import http.client
 3 | 
 4 | 
 5 | host = "example.com"
 6 | headers = {"X-FullContact-APIKey": "value"}
 7 | conn = http.client.HTTPSConnection(host)
 8 | conn.request("GET", "/path?otherParam=123", headers=headers)
 9 | response = conn.getresponse()
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/http/examples/http_url_secret_basic_auth.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 13
 3 | # end_line: 13
 4 | # start_column: 4
 5 | # end_column: 76
 6 | import http.client
 7 | 
 8 | 
 9 | host = "example.com"
10 | conn = http.client.HTTPSConnection(host)
11 | conn.request(
12 |     "GET",
13 |     "https://user:pass@example.com:443/path/to/resource?query=value#section",
14 |     headers={"Host": host},
15 | )
16 | response = conn.getresponse()
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/http/examples/http_url_secret_basic_auth_as_var.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 20
 5 | # end_column: 23
 6 | import http.client
 7 | 
 8 | 
 9 | host = "example.com"
10 | conn = http.client.HTTPSConnection(host)
11 | url = "https://user:pass@example.com:443/path/to/resource?query=value#section"
12 | conn.request("GET", url, headers={"Host": host})
13 | response = conn.getresponse()
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/http/examples/http_url_secret_password.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 11
 5 | # end_column: 49
 6 | import http.client
 7 | 
 8 | 
 9 | host = "example.com"
10 | conn = http.client.HTTPSConnection(host)
11 | conn.request(
12 |     "GET", "/path?password=abc123&otherParam=123", headers={"Host": host}
13 | )
14 | response = conn.getresponse()
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/http/examples/http_url_secret_username.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 11
 5 | # end_column: 46
 6 | import http.client
 7 | 
 8 | 
 9 | host = "example.com"
10 | conn = http.client.HTTPSConnection(host)
11 | conn.request(
12 |     "GET", "/path?username=bob&otherParam=123", headers={"Host": host}
13 | )
14 | response = conn.getresponse()
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/imaplib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/imaplib/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_context_mgr.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 10
 5 | # end_column: 15
 6 | import imaplib
 7 | 
 8 | 
 9 | with imaplib.IMAP4("domain.org", timeout=5) as imap4:
10 |     imap4.noop()
11 |     imap4.login("user", "password")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_login.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 6
 5 | # end_column: 11
 6 | import getpass
 7 | import imaplib
 8 | 
 9 | 
10 | imap4 = imaplib.IMAP4(timeout=5)
11 | imap4.login(getpass.getuser(), getpass.getpass())
12 | imap4.select()
13 | typ, data = imap4.search(None, "ALL")
14 | for num in data[0].split():
15 |     typ, data = imap4.fetch(num, "(RFC822)")
16 |     print(f"Message {num}\n{data[0][1]}\n")
17 | imap4.close()
18 | imap4.logout()
19 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_no_timeout.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 20
 5 | # end_column: 40
 6 | import imaplib
 7 | import ssl
 8 | 
 9 | 
10 | imap = imaplib.IMAP4("imap.example.com")
11 | imap.starttls(ssl.create_default_context())
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_ssl.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import getpass
 3 | import imaplib
 4 | import ssl
 5 | 
 6 | 
 7 | imap4 = imaplib.IMAP4_SSL(ssl_context=ssl.create_default_context(), timeout=5)
 8 | imap4.login(getpass.getuser(), getpass.getpass())
 9 | imap4.select()
10 | typ, data = imap4.search(None, "ALL")
11 | for num in data[0].split():
12 |     typ, data = imap4.fetch(num, "(RFC822)")
13 |     print(f"Message {num}\n{data[0][1]}\n")
14 | imap4.close()
15 | imap4.logout()
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_starttls.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import getpass
 3 | import imaplib
 4 | import ssl
 5 | 
 6 | 
 7 | imap4 = imaplib.IMAP4(timeout=5)
 8 | imap4.starttls(ssl_context=ssl.create_default_context())
 9 | imap4.login(getpass.getuser(), getpass.getpass())
10 | imap4.select()
11 | typ, data = imap4.search(None, "ALL")
12 | for num in data[0].split():
13 |     typ, data = imap4.fetch(num, "(RFC822)")
14 |     print(f"Message {num}\n{data[0][1]}\n")
15 | imap4.close()
16 | imap4.logout()
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_stream.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import getpass
 3 | import imaplib
 4 | 
 5 | 
 6 | command = "ls"
 7 | imap4 = imaplib.IMAP4_stream(command)
 8 | imap4.select()
 9 | typ, data = imap4.search(None, "ALL")
10 | for num in data[0].split():
11 |     typ, data = imap4.fetch(num, "(RFC822)")
12 |     print(f"Message {num}\n{data[0][1]}\n")
13 | imap4.close()
14 | imap4.logout()
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_timeout_5.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import imaplib
3 | import ssl
4 | 
5 | 
6 | imap = imaplib.IMAP4("imap.example.com", timeout=5)
7 | imap.starttls(ssl.create_default_context())
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_timeout_global.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import imaplib
 3 | import socket
 4 | import ssl
 5 | 
 6 | 
 7 | socket.setdefaulttimeout(5.0)
 8 | imap = imaplib.IMAP4("imap.example.com")
 9 | imap.starttls(ssl.create_default_context())
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/json/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/json/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/json/examples/json_jsondecoder_decode.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 0
 5 | # end_column: 14
 6 | import json
 7 | 
 8 | 
 9 | decoder = json.JSONDecoder()
10 | decoder.decode('["foo", {"bar":["baz", null, 1.0, 2]}]')
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/json/examples/json_load.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 0
 5 | # end_column: 9
 6 | import json
 7 | from io import StringIO
 8 | 
 9 | 
10 | io = StringIO('["streaming API"]')
11 | json.load(io)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/json/examples/json_loads.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 0
 5 | # end_column: 10
 6 | import json
 7 | 
 8 | 
 9 | json.loads('["foo", {"bar":["baz", null, 1.0, 2]}]')
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/logging/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/logging/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/logging/examples/insecure_listen_config_empty_args.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 9
 5 | # end_column: 30
 6 | import logging.config
 7 | 
 8 | 
 9 | thread = logging.config.listen()
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/logging/examples/insecure_listen_config_port.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 9
 5 | # end_column: 30
 6 | import logging.config
 7 | 
 8 | 
 9 | thread = logging.config.listen(1111)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/logging/examples/insecure_listen_config_port_verify_as_var.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 9
 5 | # end_column: 30
 6 | import logging.config
 7 | 
 8 | 
 9 | verify = None
10 | thread = logging.config.listen(port=1111, verify=verify)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/logging/examples/insecure_listen_config_port_verify_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 9
 5 | # end_column: 30
 6 | import logging.config
 7 | 
 8 | 
 9 | thread = logging.config.listen(port=1111, verify=None)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/logging/examples/insecure_listen_config_verify_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 9
 5 | # end_column: 30
 6 | import logging.config
 7 | 
 8 | 
 9 | thread = logging.config.listen(verify=None)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/logging/examples/insecure_listen_config_verify_none_port.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 9
 5 | # end_column: 30
 6 | import logging.config
 7 | 
 8 | 
 9 | thread = logging.config.listen(verify=None, port=1111)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/logging/examples/insecure_listen_config_verify_set.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import logging.config
 3 | 
 4 | 
 5 | def validate(recv: bytes):
 6 |     return recv
 7 | 
 8 | 
 9 | thread = logging.config.listen(verify=validate)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/marshal/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/marshal/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/marshal/examples/marshal_load.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 15
 3 | # end_line: 15
 4 | # start_column: 18
 5 | # end_column: 30
 6 | import marshal
 7 | 
 8 | 
 9 | data = {"name": "John Doe", "age": 30}
10 | 
11 | with open("data.dat", "wb") as f:
12 |     marshal.dump(data, f)
13 | 
14 | with open("data.dat", "rb") as f:
15 |     loaded_data = marshal.load(f)
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/marshal/examples/marshal_loads.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 0
 5 | # end_column: 13
 6 | import marshal
 7 | 
 8 | 
 9 | b"\xa9\x02\xe9\n\x00\x00\x00z\rHello, world!"
10 | marshal.loads(data)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/nntplib/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_context_mgr.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 6
 5 | # end_column: 11
 6 | import nntplib
 7 | 
 8 | 
 9 | with nntplib.NNTP("news.gmane.io", timeout=5) as n:
10 |     n.login("user", "password")
11 |     n.group("gmane.comp.python.committers")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_login.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 2
 5 | # end_column: 7
 6 | import nntplib
 7 | 
 8 | 
 9 | s = nntplib.NNTP("news.gmane.io", timeout=5)
10 | s.login("user", "password")
11 | f = open("article.txt", "rb")
12 | s.post(f)
13 | s.quit()
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_ssl.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import nntplib
 3 | import ssl
 4 | 
 5 | 
 6 | s = nntplib.NNTP_SSL(
 7 |     "news.gmane.io", ssl_context=ssl.create_default_context(), timeout=5
 8 | )
 9 | s.login("user", "password")
10 | f = open("article.txt", "rb")
11 | s.post(f)
12 | s.quit()
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_ssl_context_as_var.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 50
 5 | # end_column: 57
 6 | import nntplib
 7 | 
 8 | 
 9 | context = None
10 | s = nntplib.NNTP_SSL("news.gmane.io", ssl_context=context, timeout=5)
11 | s.login("user", "password")
12 | f = open("article.txt", "rb")
13 | s.post(f)
14 | s.quit()
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_ssl_context_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 50
 5 | # end_column: 54
 6 | import nntplib
 7 | 
 8 | 
 9 | s = nntplib.NNTP_SSL("news.gmane.io", ssl_context=None, timeout=5)
10 | s.login("user", "password")
11 | f = open("article.txt", "rb")
12 | s.post(f)
13 | s.quit()
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_ssl_context_unset.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 4
 5 | # end_column: 20
 6 | import nntplib
 7 | 
 8 | 
 9 | s = nntplib.NNTP_SSL("news.gmane.io", timeout=5)
10 | s.login("user", "password")
11 | f = open("article.txt", "rb")
12 | s.post(f)
13 | s.quit()
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_ssl_no_timeout.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 20
 5 | # end_column: 79
 6 | import nntplib
 7 | import ssl
 8 | 
 9 | 
10 | s = nntplib.NNTP_SSL("news.gmane.io", ssl_context=ssl.create_default_context())
11 | s.login("user", "password")
12 | f = open("article.txt", "rb")
13 | s.post(f)
14 | s.quit()
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_ssl_timeout_5.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import nntplib
 3 | import ssl
 4 | 
 5 | 
 6 | s = nntplib.NNTP_SSL(
 7 |     "news.gmane.io", ssl_context=ssl.create_default_context(), timeout=5
 8 | )
 9 | s.login("user", "password")
10 | f = open("article.txt", "rb")
11 | s.post(f)
12 | s.quit()
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_starttls.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import nntplib
 3 | import ssl
 4 | 
 5 | 
 6 | s = nntplib.NNTP("news.gmane.io", timeout=5)
 7 | s.starttls(context=ssl.create_default_context())
 8 | s.login("user", "password")
 9 | f = open("article.txt", "rb")
10 | s.post(f)
11 | s.quit()
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_starttls_context_as_var.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 19
 5 | # end_column: 26
 6 | import nntplib
 7 | 
 8 | 
 9 | context = None
10 | s = nntplib.NNTP("news.gmane.io", timeout=5)
11 | s.starttls(context=context)
12 | s.login("user", "password")
13 | f = open("article.txt", "rb")
14 | s.post(f)
15 | s.quit()
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_starttls_context_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 19
 5 | # end_column: 23
 6 | import nntplib
 7 | 
 8 | 
 9 | s = nntplib.NNTP("news.gmane.io", timeout=5)
10 | s.starttls(context=None)
11 | s.login("user", "password")
12 | f = open("article.txt", "rb")
13 | s.post(f)
14 | s.quit()
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_starttls_context_unset.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 0
 5 | # end_column: 10
 6 | import nntplib
 7 | 
 8 | 
 9 | s = nntplib.NNTP("news.gmane.io", timeout=5)
10 | s.starttls()
11 | s.login("user", "password")
12 | f = open("article.txt", "rb")
13 | s.post(f)
14 | s.quit()
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_timeout_global.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import nntplib
 3 | import socket
 4 | import ssl
 5 | 
 6 | 
 7 | socket.setdefaulttimeout(5.0)
 8 | s = nntplib.NNTP("news.gmane.io", timeout=None)
 9 | s.starttls(context=ssl.create_default_context())
10 | s.login("user", "password")
11 | f = open("article.txt", "rb")
12 | s.post(f)
13 | s.quit()
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/nntplib/examples/nntplib_nntp_timeout_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 42
 5 | # end_column: 46
 6 | import nntplib
 7 | import ssl
 8 | 
 9 | 
10 | s = nntplib.NNTP("news.gmane.io", timeout=None)
11 | s.starttls(context=ssl.create_default_context())
12 | s.login("user", "password")
13 | f = open("article.txt", "rb")
14 | s.post(f)
15 | s.quit()
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_IXOTH.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 24
 5 | # end_column: 29
 6 | import os
 7 | from stat import S_IXOTH as IXOTH
 8 | 
 9 | 
10 | os.chmod("/etc/passwd", IXOTH)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_S_IXOTH.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 24
 5 | # end_column: 31
 6 | import os
 7 | from stat import S_IXOTH
 8 | 
 9 | 
10 | os.chmod("/etc/passwd", S_IXOTH)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_S_S_IXOTH.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 24
 5 | # end_column: 33
 6 | import os
 7 | import stat as S
 8 | 
 9 | 
10 | os.chmod("/etc/passwd", S.S_IXOTH)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_o111_binop_wildcard.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 24
 5 | # end_column: 28
 6 | import os
 7 | from stat import *
 8 | 
 9 | 
10 | mode = S_IXUSR | S_IXGRP | S_IXOTH
11 | os.chmod("/etc/passwd", mode)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_o555_augmented.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 27
 5 | # end_column: 31
 6 | import os
 7 | import stat
 8 | 
 9 | 
10 | mode = 0o777
11 | mode &= ~(stat.S_IWUSR | stat.S_IWGRP | stat.S_IWOTH)
12 | os.chmod("my_secret_file", mode)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_o555_binop.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 27
 5 | # end_column: 31
 6 | import os
 7 | import stat
 8 | 
 9 | 
10 | mode = 0o777 & ~(stat.S_IWUSR | stat.S_IWGRP | stat.S_IWOTH)
11 | os.chmod("my_secret_file", mode)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_o644.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import os
3 | 
4 | 
5 | os.chmod("/etc/passwd", 0o644)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_o7.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 24
 5 | # end_column: 27
 6 | import os
 7 | 
 8 | 
 9 | os.chmod("/etc/passwd", 0o7)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_o755_binop_stat.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 13
 3 | # end_line: 19
 4 | # start_column: 4
 5 | # end_column: 18
 6 | import os
 7 | import stat
 8 | 
 9 | 
10 | # 0o755 for rwxr-xr-x
11 | os.chmod(
12 |     "example.txt",
13 |     stat.S_IRUSR
14 |     | stat.S_IWUSR
15 |     | stat.S_IXUSR
16 |     | stat.S_IRGRP
17 |     | stat.S_IXGRP
18 |     | stat.S_IROTH
19 |     | stat.S_IXOTH,
20 | )
21 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_o760.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 24
 5 | # end_column: 29
 6 | import os
 7 | 
 8 | 
 9 | os.chmod("/etc/passwd", 0o760)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_o770.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 24
 5 | # end_column: 29
 6 | import os
 7 | 
 8 | 
 9 | os.chmod("/etc/passwd", 0o770)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_o776.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 24
 5 | # end_column: 29
 6 | import os
 7 | 
 8 | 
 9 | os.chmod("/etc/passwd", 0o776)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_o777.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 19
 5 | # end_column: 23
 6 | import os
 7 | 
 8 | 
 9 | filename = "/etc/passwd"
10 | mode = 0o777
11 | os.chmod(filename, mode)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_stat_S_IXOTH.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 24
 5 | # end_column: 36
 6 | import os
 7 | import stat
 8 | 
 9 | 
10 | os.chmod("/etc/passwd", stat.S_IXOTH)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_chmod_x1ff.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 19
 5 | # end_column: 23
 6 | import os
 7 | 
 8 | 
 9 | filename = "/etc/passwd"
10 | mode = 0x1FF
11 | os.chmod(filename, mode)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_fchmod_511.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 25
 5 | # end_column: 28
 6 | import os
 7 | 
 8 | 
 9 | os.fchmod("/etc/passwd", 511)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_lchmod_o227.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 30
 5 | # end_column: 34
 6 | import os
 7 | 
 8 | 
 9 | mode = 0o227
10 | os.lchmod("/etc/passwd", mode=mode)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_mkdir_default.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 8
 5 | # end_column: 14
 6 | import os
 7 | 
 8 | 
 9 | path = "examples"
10 | os.mkdir(path)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_mkdir_o750_binop.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 20
 5 | # end_column: 24
 6 | import os
 7 | import stat
 8 | 
 9 | 
10 | path = "examples"
11 | mode = stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR | stat.S_IRGRP | stat.S_IXGRP
12 | os.mkdir(path, mode=mode)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_mkfifo_default.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import os
 3 | import sys
 4 | 
 5 | 
 6 | fifo_path = "my_pipe"
 7 | os.mkfifo(fifo_path)
 8 | 
 9 | if os.fork() == 0:
10 |     with open(fifo_path, "w") as fifo:
11 |         fifo.write("Hello from the child process!\n")
12 |     sys.exit(0)
13 | 
14 | with open(fifo_path, "r") as fifo:
15 |     print("Parent process reads:", fifo.read())
16 | 
17 | os.remove(fifo_path)
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_mkfifo_o644_binop.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import os
 3 | from stat import *
 4 | import sys
 5 | 
 6 | 
 7 | fifo_path = "my_pipe"
 8 | os.mkfifo(fifo_path, mode=S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)
 9 | 
10 | if os.fork() == 0:
11 |     with open(fifo_path, "w") as fifo:
12 |         fifo.write("Hello from the child process!\n")
13 |     sys.exit(0)
14 | 
15 | with open(fifo_path, "r") as fifo:
16 |     print("Parent process reads:", fifo.read())
17 | 
18 | os.remove(fifo_path)
19 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_mknod_o666_binop.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import os
3 | import stat
4 | 
5 | 
6 | file_path = "my_regular_file"
7 | mode = 0o666 | stat.S_IFREG
8 | os.mknod(file_path, mode=mode)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_open_default.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 12
 5 | # end_column: 62
 6 | import os
 7 | 
 8 | 
 9 | file_path = "example.txt"
10 | fd = os.open(file_path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC)
11 | 
12 | try:
13 |     os.write(fd, b"Hello, world!\n")
14 | finally:
15 |     os.close(fd)
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_open_o655.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 63
 5 | # end_column: 68
 6 | import os
 7 | 
 8 | 
 9 | file_path = "example.txt"
10 | fd = os.open(file_path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o655)
11 | 
12 | try:
13 |     os.write(fd, b"Hello, world!\n")
14 | finally:
15 |     os.close(fd)
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_setuid_0.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 10
 5 | # end_column: 11
 6 | import os
 7 | 
 8 | 
 9 | os.setuid(0)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_setuid_1000.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import os
3 | 
4 | 
5 | os.setuid(1000)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/os/examples/os_setuid_root.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 10
 5 | # end_column: 14
 6 | import os
 7 | 
 8 | 
 9 | root = 0
10 | os.setuid(root)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_IXOTH.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 16
 5 | # end_column: 21
 6 | from pathlib import Path
 7 | from stat import S_IXOTH as IXOTH
 8 | 
 9 | 
10 | file_path = Path("example.sh")
11 | file_path.chmod(IXOTH)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_S_IXOTH.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 16
 5 | # end_column: 23
 6 | import pathlib
 7 | from stat import S_IXOTH
 8 | 
 9 | 
10 | file_path = pathlib.Path("/etc/passwd")
11 | file_path.chmod(S_IXOTH)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_S_S_IXOTH.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 16
 5 | # end_column: 25
 6 | import pathlib
 7 | import stat as S
 8 | 
 9 | 
10 | file_path = pathlib.Path("/etc/passwd")
11 | file_path.chmod(S.S_IXOTH)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_o111_binop_wildcard.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 16
 5 | # end_column: 20
 6 | from pathlib import Path
 7 | from stat import *
 8 | 
 9 | 
10 | file_path = Path("/etc/passwd")
11 | mode = S_IXUSR | S_IXGRP | S_IXOTH
12 | file_path.chmod(mode)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_o644.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import pathlib
3 | 
4 | 
5 | file_path = pathlib.Path("/etc/passwd")
6 | file_path.chmod(0o644)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_o7.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 16
 5 | # end_column: 19
 6 | import pathlib
 7 | 
 8 | 
 9 | file_path = pathlib.Path("/etc/passwd")
10 | file_path.chmod(0o7)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_o755_binop_stat.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 13
 3 | # end_line: 19
 4 | # start_column: 4
 5 | # end_column: 18
 6 | import pathlib
 7 | import stat
 8 | 
 9 | 
10 | # 0o755 for rwxr-xr-x
11 | file_path = pathlib.Path("example.txt")
12 | file_path.chmod(
13 |     stat.S_IRUSR
14 |     | stat.S_IWUSR
15 |     | stat.S_IXUSR
16 |     | stat.S_IRGRP
17 |     | stat.S_IXGRP
18 |     | stat.S_IROTH
19 |     | stat.S_IXOTH
20 | )
21 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_o760.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 16
 5 | # end_column: 21
 6 | import pathlib
 7 | 
 8 | 
 9 | file_path = pathlib.Path("/etc/passwd")
10 | file_path.chmod(0o760)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_o770.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 16
 5 | # end_column: 21
 6 | import pathlib
 7 | 
 8 | 
 9 | file_path = pathlib.Path("/etc/passwd")
10 | file_path.chmod(0o770)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_o776.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 16
 5 | # end_column: 21
 6 | import pathlib
 7 | 
 8 | 
 9 | file_path = pathlib.Path("/etc/passwd")
10 | file_path.chmod(0o776)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_o777.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 21
 5 | # end_column: 25
 6 | import pathlib
 7 | 
 8 | 
 9 | filename = "/etc/passwd"
10 | mode = 0o777
11 | file_path = pathlib.Path(filename)
12 | file_path.chmod(mode=mode)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_stat_S_IXOTH.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 16
 5 | # end_column: 28
 6 | import pathlib
 7 | import stat
 8 | 
 9 | 
10 | file_path = pathlib.Path("/etc/passwd")
11 | file_path.chmod(stat.S_IXOTH)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_chmod_x1ff.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 16
 5 | # end_column: 20
 6 | from pathlib import Path
 7 | 
 8 | 
 9 | filename = "/etc/passwd"
10 | mode = 0x1FF
11 | file_path = Path(filename)
12 | file_path.chmod(mode)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_lchmod_o227.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 22
 5 | # end_column: 26
 6 | from pathlib import Path
 7 | 
 8 | 
 9 | mode = 0o227
10 | file_path = Path("/etc/passwd")
11 | file_path.lchmod(mode=mode)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_mkdir_default.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 15
 5 | # end_column: 17
 6 | from pathlib import Path
 7 | 
 8 | 
 9 | file_path = Path("examples")
10 | file_path.mkdir()
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_mkdir_o750_binop.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 13
 3 | # end_line: 13
 4 | # start_column: 21
 5 | # end_column: 25
 6 | from pathlib import Path
 7 | import stat
 8 | 
 9 | 
10 | path = "examples"
11 | mode = stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR | stat.S_IRGRP | stat.S_IXGRP
12 | file_path = Path(path)
13 | file_path.mkdir(mode=mode)
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_touch_default.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | from pathlib import *
3 | 
4 | 
5 | file_path = Path("example.txt")
6 | file_path.touch()
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pathlib/examples/pathlib_touch_o750_binop.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 21
 5 | # end_column: 25
 6 | from pathlib import *
 7 | import stat
 8 | 
 9 | 
10 | file_path = Path("example.txt")
11 | mode = stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR | stat.S_IRGRP | stat.S_IXGRP
12 | file_path.touch(mode=mode)
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pickle/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/pickle/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pickle/examples/pickle_load.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 10
 5 | # end_column: 21
 6 | import pickle
 7 | 
 8 | 
 9 | def load_pickle_file(file_path):
10 |     # WARNING: Unpickle data without proper validation
11 |     obj = pickle.load(file_path)
12 |     return obj
13 | 
14 | 
15 | # Example usage (assuming 'malicious.pickle' contains malicious code)
16 | pickle_file = "malicious.pickle"
17 | loaded_object = load_pickle_file(pickle_file)
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/pickle/examples/pickle_unpickler.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 10
 5 | # end_column: 26
 6 | import pickle
 7 | 
 8 | 
 9 | def load_pickle_file(file_path):
10 |     # WARNING: Unpickle data without proper validation
11 |     obj = pickle.Unpickler(file_path).load()
12 |     return obj
13 | 
14 | 
15 | # Example usage (assuming 'malicious.pickle' contains malicious code)
16 | pickle_file = "malicious.pickle"
17 | loaded_object = load_pickle_file(pickle_file)
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/poplib/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_apop.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 2
 5 | # end_column: 6
 6 | import getpass
 7 | import poplib
 8 | 
 9 | 
10 | M = poplib.POP3("localhost", 110, 5)
11 | secret = getpass.getpass()
12 | M.apop(getpass.getuser(), secret)
13 | numMessages = len(M.list()[1])
14 | for i in range(numMessages):
15 |     for j in M.retr(i + 1)[1]:
16 |         print(j)
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_no_timeout.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 17
 5 | # end_column: 44
 6 | import poplib
 7 | import ssl
 8 | 
 9 | 
10 | pop = poplib.POP3("mail.my-mail-server.com")
11 | pop.stls(ssl.create_default_context())
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_pass_.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 2
 5 | # end_column: 7
 6 | import getpass
 7 | import poplib
 8 | 
 9 | 
10 | M = poplib.POP3("localhost", timeout=5)
11 | M.pass_(getpass.getpass())
12 | numMessages = len(M.list()[1])
13 | for i in range(numMessages):
14 |     for j in M.retr(i + 1)[1]:
15 |         print(j)
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_rpop.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 2
 5 | # end_column: 6
 6 | import getpass
 7 | import poplib
 8 | 
 9 | 
10 | M = poplib.POP3("localhost", timeout=5)
11 | M.rpop(getpass.getuser())
12 | numMessages = len(M.list()[1])
13 | for i in range(numMessages):
14 |     for j in M.retr(i + 1)[1]:
15 |         print(j)
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_ssl.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import getpass
 3 | import poplib
 4 | import ssl
 5 | 
 6 | 
 7 | M = poplib.POP3_SSL(
 8 |     "localhost", context=ssl.create_default_context(), timeout=5
 9 | )
10 | M.user(getpass.getuser())
11 | M.pass_(getpass.getpass())
12 | numMessages = len(M.list()[1])
13 | for i in range(numMessages):
14 |     for j in M.retr(i + 1)[1]:
15 |         print(j)
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_ssl_context_as_var.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 41
 5 | # end_column: 48
 6 | import getpass
 7 | import poplib
 8 | 
 9 | 
10 | context = None
11 | M = poplib.POP3_SSL("localhost", context=context, timeout=5)
12 | M.user(getpass.getuser())
13 | M.pass_(getpass.getpass())
14 | numMessages = len(M.list()[1])
15 | for i in range(numMessages):
16 |     for j in M.retr(i + 1)[1]:
17 |         print(j)
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_ssl_context_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 41
 5 | # end_column: 45
 6 | import getpass
 7 | import poplib
 8 | 
 9 | 
10 | M = poplib.POP3_SSL("localhost", context=None, timeout=5)
11 | M.user(getpass.getuser())
12 | M.pass_(getpass.getpass())
13 | numMessages = len(M.list()[1])
14 | for i in range(numMessages):
15 |     for j in M.retr(i + 1)[1]:
16 |         print(j)
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_ssl_context_unset.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 4
 5 | # end_column: 19
 6 | import getpass
 7 | import poplib
 8 | 
 9 | 
10 | M = poplib.POP3_SSL("localhost", timeout=5)
11 | M.user(getpass.getuser())
12 | M.pass_(getpass.getpass())
13 | numMessages = len(M.list()[1])
14 | for i in range(numMessages):
15 |     for j in M.retr(i + 1)[1]:
16 |         print(j)
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_stls.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import getpass
 3 | import poplib
 4 | import ssl
 5 | 
 6 | 
 7 | M = poplib.POP3("localhost", timeout=5)
 8 | M.stls(context=ssl.create_default_context())
 9 | M.user(getpass.getuser())
10 | M.pass_(getpass.getpass())
11 | numMessages = len(M.list()[1])
12 | for i in range(numMessages):
13 |     for j in M.retr(i + 1)[1]:
14 |         print(j)
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_stls_context_as_var.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 15
 5 | # end_column: 22
 6 | import getpass
 7 | import poplib
 8 | 
 9 | 
10 | context = None
11 | M = poplib.POP3("localhost", timeout=5)
12 | M.stls(context=context)
13 | M.user(getpass.getuser())
14 | M.pass_(getpass.getpass())
15 | numMessages = len(M.list()[1])
16 | for i in range(numMessages):
17 |     for j in M.retr(i + 1)[1]:
18 |         print(j)
19 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_stls_context_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 15
 5 | # end_column: 19
 6 | import getpass
 7 | import poplib
 8 | 
 9 | 
10 | M = poplib.POP3("localhost", timeout=5)
11 | M.stls(context=None)
12 | M.user(getpass.getuser())
13 | M.pass_(getpass.getpass())
14 | numMessages = len(M.list()[1])
15 | for i in range(numMessages):
16 |     for j in M.retr(i + 1)[1]:
17 |         print(j)
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_stls_context_unset.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 0
 5 | # end_column: 6
 6 | import getpass
 7 | import poplib
 8 | 
 9 | 
10 | M = poplib.POP3("localhost", timeout=5)
11 | M.stls()
12 | M.user(getpass.getuser())
13 | M.pass_(getpass.getpass())
14 | numMessages = len(M.list()[1])
15 | for i in range(numMessages):
16 |     for j in M.retr(i + 1)[1]:
17 |         print(j)
18 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_timeout_global.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import getpass
 3 | import poplib
 4 | import socket
 5 | import ssl
 6 | 
 7 | 
 8 | socket.setdefaulttimeout(5.0)
 9 | M = poplib.POP3_SSL("localhost", context=ssl.create_default_context())
10 | M.user(getpass.getuser())
11 | M.pass_(getpass.getpass())
12 | numMessages = len(M.list()[1])
13 | for i in range(numMessages):
14 |     for j in M.retr(i + 1)[1]:
15 |         print(j)
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_timeout_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 12
 3 | # end_line: 12
 4 | # start_column: 63
 5 | # end_column: 67
 6 | import getpass
 7 | import poplib
 8 | import ssl
 9 | 
10 | 
11 | M = poplib.POP3_SSL(
12 |     "localhost", context=ssl.create_default_context(), timeout=None
13 | )
14 | M.user(getpass.getuser())
15 | M.pass_(getpass.getpass())
16 | numMessages = len(M.list()[1])
17 | for i in range(numMessages):
18 |     for j in M.retr(i + 1)[1]:
19 |         print(j)
20 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/poplib/examples/poplib_pop3_user.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 2
 5 | # end_column: 6
 6 | import getpass
 7 | import poplib
 8 | 
 9 | 
10 | M = poplib.POP3("localhost", timeout=5)
11 | M.user(getpass.getuser())
12 | numMessages = len(M.list()[1])
13 | for i in range(numMessages):
14 |     for j in M.retr(i + 1)[1]:
15 |         print(j)
16 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/re/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_compile.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 17
 5 | # end_column: 28
 6 | import re
 7 | 
 8 | 
 9 | IPv6address = r"([A-Fa-f0-9:]+:+)+[A-Fa-f0-9]+"
10 | reg = re.compile(IPv6address)
11 | reg.search("http://[:::::::::::::::::::::::::::::::::::::::]/path")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_compile_good.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import re
3 | 
4 | IPv6address = r"([A-Fa-f0-9:]+[:$])[A-Fa-f0-9]{1,4}"
5 | reg = re.compile(IPv6address)
6 | reg.search("http://[:::::::::::::::::::::::::::::::::::::::]/path")
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_findall.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 11
 5 | # end_column: 18
 6 | import re
 7 | 
 8 | 
 9 | pattern = r"(a+)+"
10 | string = "aaaaaaaaaaaaaaaaaaaaaaaa!"
11 | re.findall(pattern, string)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_finditer.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 12
 5 | # end_column: 19
 6 | import re
 7 | 
 8 | 
 9 | pattern = r"(a+)+"
10 | string = "aaaaaaaaaaaaaaaaaaaaaaaa!"
11 | re.finditer(pattern, string)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_fullmatch.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 13
 5 | # end_column: 20
 6 | import re
 7 | 
 8 | 
 9 | pattern = r"(a+)+"
10 | string = "aaaaaaaaaaaaaaaaaaaaaaaa!"
11 | re.fullmatch(pattern, string)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_match.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 9
 5 | # end_column: 16
 6 | import re
 7 | 
 8 | 
 9 | pattern = r"(a+)+"
10 | string = "aaaaaaaaaaaaaaaaaaaaaaaa!"
11 | re.match(pattern, string)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_search.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 10
 5 | # end_column: 17
 6 | import re
 7 | 
 8 | 
 9 | pattern = r"(a+)+"
10 | string = "aaaaaaaaaaaaaaaaaaaaaaaa!"
11 | re.search(pattern, string)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_search_good.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import re
3 | 
4 | 
5 | string = "aaaaaaaaaaaaaaaaaaaaaaaa!"
6 | re.search(r"a+", string)
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_split.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 9
 5 | # end_column: 16
 6 | import re
 7 | 
 8 | 
 9 | pattern = r"(a+)+"
10 | string = "aaaaaaaaaaaaaaaaaaaaaaaa!"
11 | re.split(pattern, string)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_sub.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 7
 5 | # end_column: 14
 6 | import re
 7 | 
 8 | 
 9 | pattern = r"(a+)+"
10 | string = "aaaaaaaaaaaaaaaaaaaaaaaa!"
11 | re.sub(pattern, print, string)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/re/examples/re_subn.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 8
 5 | # end_column: 15
 6 | import re
 7 | 
 8 | 
 9 | pattern = r"(a+)+"
10 | string = "aaaaaaaaaaaaaaaaaaaaaaaa!"
11 | re.subn(pattern, print, string)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/secrets/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/secrets/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/secrets/examples/secrets_token_bytes.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 20
 5 | # end_column: 21
 6 | import secrets
 7 | 
 8 | 
 9 | secrets.token_bytes(4)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/secrets/examples/secrets_token_bytes_default.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import secrets
3 | 
4 | 
5 | secrets.token_bytes()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/secrets/examples/secrets_token_bytes_size_var.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import secrets
3 | 
4 | 
5 | token_size = 16
6 | token_size = 32
7 | secrets.token_bytes(token_size)
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/secrets/examples/secrets_token_hex.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 18
 5 | # end_column: 20
 6 | import secrets
 7 | 
 8 | 
 9 | secrets.token_hex(16)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/secrets/examples/secrets_token_hex_nbytes_unknown.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import secrets
3 | 
4 | 
5 | _SHM_SAFE_NAME_LENGTH = 14
6 | _SHM_NAME_PREFIX = "/psm_"
7 | nbytes = (_SHM_SAFE_NAME_LENGTH - len(_SHM_NAME_PREFIX)) // 2
8 | name = _SHM_NAME_PREFIX + secrets.token_hex(nbytes)
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/secrets/examples/secrets_token_urlsafe.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 29
 5 | # end_column: 30
 6 | import secrets
 7 | 
 8 | 
 9 | secrets.token_urlsafe(nbytes=8)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/shelve/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/shelve/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/shelve/examples/shelve_dbfilenameshelf.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 5
 5 | # end_column: 27
 6 | import shelve
 7 | 
 8 | 
 9 | filename = "db.dat"
10 | db = shelve.DbfilenameShelf(filename)
11 | flag = "key" in db
12 | db.close()
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/shelve/examples/shelve_open.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 5
 5 | # end_column: 16
 6 | import shelve
 7 | 
 8 | 
 9 | filename = "db.dat"
10 | db = shelve.open(filename)
11 | flag = "key" in db
12 | db.close()
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/shelve/examples/shelve_open_context_mgr.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 5
 5 | # end_column: 16
 6 | import shelve
 7 | 
 8 | 
 9 | with shelve.open("db.dat") as db:
10 |     flag = "key" in db
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/smtplib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/smtplib/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/smtplib/examples/smtplib_lmtp_timeout_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 55
 5 | # end_column: 59
 6 | import smtplib
 7 | import ssl
 8 | 
 9 | 
10 | server = smtplib.LMTP("smtp.example.com", 587, timeout=None)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/smtplib/examples/smtplib_smtp_context_mgr.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 9
 5 | # end_column: 14
 6 | import smtplib
 7 | 
 8 | 
 9 | with smtplib.SMTP("domain.org", timeout=5) as smtp:
10 |     smtp.noop()
11 |     smtp.login("user", "password")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/smtplib/examples/smtplib_smtp_no_timeout.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 21
 5 | # end_column: 46
 6 | import smtplib
 7 | import ssl
 8 | 
 9 | 
10 | server = smtplib.SMTP("smtp.example.com", 587)
11 | server.starttls(context=ssl.create_default_context())
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/smtplib/examples/smtplib_smtp_ssl_no_timeout.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 12
 4 | # start_column: 25
 5 | # end_column: 1
 6 | import smtplib
 7 | import ssl
 8 | 
 9 | 
10 | server = smtplib.SMTP_SSL(
11 |     "smtp.example.com", 587, context=ssl.create_default_context()
12 | )
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/smtplib/examples/smtplib_smtp_timeout_5.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import smtplib
3 | import ssl
4 | 
5 | 
6 | server = smtplib.SMTP("smtp.example.com", 587, timeout=5)
7 | server.starttls(context=ssl.create_default_context())
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/smtplib/examples/smtplib_smtp_timeout_global.py:
--------------------------------------------------------------------------------
 1 | # level: NONE
 2 | import socket
 3 | import smtplib
 4 | import ssl
 5 | 
 6 | 
 7 | socket.setdefaulttimeout(5.0)
 8 | server = smtplib.SMTP("smtp.example.com", 587)
 9 | server.starttls(context=ssl.create_default_context())
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/socket/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/socket/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/socket/examples/socket_create_connection.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 28
 5 | # end_column: 47
 6 | import socket
 7 | 
 8 | 
 9 | s = socket.create_connection(("127.0.0.1", 80))
10 | s.recv(1024)
11 | s.close()
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/socket/examples/socket_create_connection_timeout_5.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import socket
3 | 
4 | 
5 | s = socket.create_connection(("127.0.0.1", 80), timeout=5)
6 | s.recv(1024)
7 | s.close()
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/socket/examples/socket_create_connection_timeout_global.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import socket
3 | 
4 | 
5 | socket.setdefaulttimeout(5.0)
6 | s = socket.create_connection(("127.0.0.1", 80))
7 | s.recv(1024)
8 | s.close()
9 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/socket/examples/socket_create_connection_timeout_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 56
 5 | # end_column: 60
 6 | import socket
 7 | 
 8 | 
 9 | s = socket.create_connection(("127.0.0.1", 80), timeout=None)
10 | s.recv(1024)
11 | s.close()
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/socket/examples/socket_create_server.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 4
 5 | # end_column: 16
 6 | import socket
 7 | 
 8 | 
 9 | s = socket.create_server(
10 |     ("::", 8080), family=socket.AF_INET6, dualstack_ipv6=True
11 | )
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/socket/examples/socket_socket_bind.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 7
 5 | # end_column: 15
 6 | from socket import *
 7 | 
 8 | 
 9 | s = socket(socket.AF_INET, socket.SOCK_STREAM)
10 | s.bind(("", 80))
11 | s.listen()
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/socket/examples/socket_socket_bind_as_var.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 7
 5 | # end_column: 11
 6 | import socket
 7 | 
 8 | 
 9 | addr = ("0.0.0.0", 80)
10 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
11 | s.bind(addr)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/socket/examples/socket_socket_bind_as_vars.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 13
 3 | # end_line: 13
 4 | # start_column: 7
 5 | # end_column: 11
 6 | import socket
 7 | 
 8 | 
 9 | address = "0.0.0.0"
10 | port = 80
11 | addr = (address, port)
12 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
13 | s.bind(addr)
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/socketserver/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/socketserver/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/ssl/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/create_default_context.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | context = ssl.create_default_context()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/create_unverified_context.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 10
 5 | # end_column: 40
 6 | import ssl
 7 | 
 8 | 
 9 | context = ssl._create_unverified_context()
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_no_timeout.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 33
 5 | # end_column: 55
 6 | import ssl
 7 | 
 8 | 
 9 | cert = ssl.get_server_certificate(("example.com", 443))
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_sslv2.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 63
 5 | # end_column: 77
 6 | import ssl
 7 | 
 8 | 
 9 | ssl.get_server_certificate(("localhost", 443), ssl_version=ssl.PROTOCOL_SSLv2)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_sslv23.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | ssl.get_server_certificate(("localhost", 443), ssl_version=ssl.PROTOCOL_SSLv23)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_sslv3.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 63
 5 | # end_column: 77
 6 | import ssl
 7 | 
 8 | 
 9 | ssl.get_server_certificate(("localhost", 443), ssl_version=ssl.PROTOCOL_SSLv3)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_timeout_5.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | cert = ssl.get_server_certificate(("example.com", 443), timeout=5.0)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_timeout_global.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import socket
3 | import ssl
4 | 
5 | 
6 | socket.setdefaulttimeout(5.0)
7 | cert = ssl.get_server_certificate(("example.com", 443))
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_timeout_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 64
 5 | # end_column: 68
 6 | import ssl
 7 | 
 8 | 
 9 | cert = ssl.get_server_certificate(("example.com", 443), timeout=None)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_tlsv1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 63
 5 | # end_column: 77
 6 | import ssl
 7 | 
 8 | 
 9 | ssl.get_server_certificate(("localhost", 443), ssl_version=ssl.PROTOCOL_TLSv1)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_tlsv11.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 40
 5 | # end_column: 56
 6 | import ssl
 7 | 
 8 | 
 9 | ssl.get_server_certificate(
10 |     ("localhost", 443), ssl_version=ssl.PROTOCOL_TLSv1_1
11 | )
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_tlsv12.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | ssl.get_server_certificate(
6 |     ("localhost", 443), ssl_version=ssl.PROTOCOL_TLSv1_2
7 | )
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_brainpoolP256r1.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | context = ssl.SSLContext()
6 | context.set_ecdh_curve("brainpoolP256r1")
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_brainpoolP384r1.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | context = ssl.SSLContext()
6 | context.set_ecdh_curve("brainpoolP384r1")
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_brainpoolP384r1tls13.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | context = ssl.SSLContext()
6 | context.set_ecdh_curve("brainpoolP384r1tls13")
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_brainpoolP512r1.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | context = ssl.SSLContext()
6 | context.set_ecdh_curve("brainpoolP512r1")
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_default_context.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 23
 5 | # end_column: 35
 6 | import ssl
 7 | 
 8 | 
 9 | context = ssl.create_default_context()
10 | context.set_ecdh_curve("prime192v1")
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_ffdhe2048.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | context = ssl.SSLContext()
6 | context.set_ecdh_curve("ffdhe2048")
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_prime192v1.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 23
 5 | # end_column: 35
 6 | import ssl
 7 | 
 8 | 
 9 | context = ssl.SSLContext()
10 | context.set_ecdh_curve("prime192v1")
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_prime256v1.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | context = ssl.SSLContext()
6 | context.set_ecdh_curve("prime256v1")
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_secp160r2.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 23
 5 | # end_column: 34
 6 | import ssl
 7 | 
 8 | 
 9 | context = ssl.SSLContext()
10 | context.set_ecdh_curve("secp160r1")
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_secp256r1.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | context = ssl.SSLContext()
6 | context.set_ecdh_curve("secp256r1")
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_sect163k1.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 23
 5 | # end_column: 34
 6 | import ssl
 7 | 
 8 | 
 9 | context = ssl.SSLContext()
10 | context.set_ecdh_curve("sect163k1")
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_sect571k1.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | context = ssl.SSLContext()
6 | context.set_ecdh_curve("sect571k1")
7 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_typed_default_param.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 27
 5 | # end_column: 39
 6 | import ssl
 7 | 
 8 | 
 9 | def set_curve(context: ssl.SSLContext = None) -> None:
10 |     context.set_ecdh_curve("prime192v1")
11 | 
12 | 
13 | context = ssl.SSLContext()
14 | set_curve(context)
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_typed_param.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 27
 5 | # end_column: 39
 6 | import ssl
 7 | 
 8 | 
 9 | def set_curve(context: ssl.SSLContext) -> None:
10 |     context.set_ecdh_curve("prime192v1")
11 | 
12 | 
13 | context = ssl.SSLContext()
14 | set_curve(context)
15 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_set_ecdh_curve_unverified_context.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 23
 5 | # end_column: 35
 6 | import ssl
 7 | 
 8 | 
 9 | context = ssl._create_unverified_context()  # suppress: PY017
10 | context.set_ecdh_curve("prime192v1")
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_sslv2.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 28
 5 | # end_column: 42
 6 | import ssl
 7 | 
 8 | 
 9 | ssl.SSLContext(protocol=ssl.PROTOCOL_SSLv2)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_sslv23.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | ssl.SSLContext(protocol=ssl.PROTOCOL_SSLv23)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_sslv3.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 28
 5 | # end_column: 42
 6 | import ssl
 7 | 
 8 | 
 9 | ssl.SSLContext(protocol=ssl.PROTOCOL_SSLv3)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_tlsv1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 28
 5 | # end_column: 42
 6 | import ssl
 7 | 
 8 | 
 9 | ssl.SSLContext(protocol=ssl.PROTOCOL_TLSv1)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_tlsv11.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 28
 5 | # end_column: 44
 6 | import ssl
 7 | 
 8 | 
 9 | ssl.SSLContext(protocol=ssl.PROTOCOL_TLSv1_1)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/ssl_context_tlsv12.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import ssl
3 | 
4 | 
5 | ssl.SSLContext(protocol=ssl.PROTOCOL_TLSv1_2)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/wrap_socket_sslv2.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 40
 5 | # end_column: 54
 6 | import socket
 7 | import ssl
 8 | 
 9 | 
10 | socket = socket.create_connection(("localhost", 443))
11 | ssl.wrap_socket(socket, ssl_version=ssl.PROTOCOL_SSLv2)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/wrap_socket_sslv23.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import socket
3 | import ssl
4 | 
5 | 
6 | socket = socket.create_connection(("localhost", 443))
7 | ssl.wrap_socket(socket, ssl_version=ssl.PROTOCOL_SSLv23)
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/wrap_socket_sslv2_server_side_true.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 40
 5 | # end_column: 54
 6 | import socket
 7 | import ssl
 8 | 
 9 | 
10 | socket = socket.create_connection(("localhost", 443))
11 | ssl.wrap_socket(socket, ssl_version=ssl.PROTOCOL_SSLv2, server_side=True)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/wrap_socket_sslv3.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 40
 5 | # end_column: 54
 6 | import socket
 7 | import ssl
 8 | 
 9 | 
10 | socket = socket.create_connection(("localhost", 443))
11 | ssl.wrap_socket(socket, ssl_version=ssl.PROTOCOL_SSLv3)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/wrap_socket_tlsv1.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 40
 5 | # end_column: 54
 6 | import socket
 7 | import ssl
 8 | 
 9 | 
10 | socket = socket.create_connection(("localhost", 443))
11 | ssl.wrap_socket(socket, ssl_version=ssl.PROTOCOL_TLSv1)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/wrap_socket_tlsv11.py:
--------------------------------------------------------------------------------
 1 | # level: ERROR
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 40
 5 | # end_column: 56
 6 | import socket
 7 | import ssl
 8 | 
 9 | 
10 | socket = socket.create_connection(("localhost", 443))
11 | ssl.wrap_socket(socket, ssl_version=ssl.PROTOCOL_TLSv1_1)
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/ssl/examples/wrap_socket_tlsv12.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import socket
3 | import ssl
4 | 
5 | 
6 | socket = socket.create_connection(("localhost", 443))
7 | ssl.wrap_socket(socket, ssl_version=ssl.PROTOCOL_TLSv1_2)
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/telnetlib/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/telnetlib/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/telnetlib/examples/telnetlib_telnet_no_timeout.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 9
 3 | # end_line: 9
 4 | # start_column: 25
 5 | # end_column: 44
 6 | import telnetlib
 7 | 
 8 | 
 9 | telnet = telnetlib.Telnet("example.com", 23)
10 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/telnetlib/examples/telnetlib_telnet_open_timeout_none.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 35
 5 | # end_column: 39
 6 | import telnetlib
 7 | 
 8 | 
 9 | telnet = telnetlib.Telnet()
10 | telnet.open("example.com", timeout=None)
11 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/telnetlib/examples/telnetlib_telnet_timeout_5.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import telnetlib
3 | 
4 | 
5 | telnet = telnetlib.Telnet("example.com", 23, 5)
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/telnetlib/examples/telnetlib_telnet_timeout_global.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import socket
3 | import telnetlib
4 | 
5 | 
6 | socket.setdefaulttimeout(5.0)
7 | telnet = telnetlib.Telnet("example.com", 23)
8 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/tempfile/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/tempfile/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/tempfile/examples/tempfile_mktemp.py:
--------------------------------------------------------------------------------
1 | # level: NONE
2 | import tempfile
3 | 
4 | 
5 | filename = tempfile.mktemp()
6 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/tempfile/examples/tempfile_mktemp_args_open.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 4
 5 | # end_column: 8
 6 | import tempfile
 7 | 
 8 | 
 9 | filename = tempfile.mktemp("", "tmp", dir=None)
10 | f = open(filename, "w+")
11 | f.write(b"Hello World!\n")
12 | f.close()
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/tempfile/examples/tempfile_mktemp_args_with_open_args.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 5
 5 | # end_column: 9
 6 | import tempfile
 7 | 
 8 | 
 9 | filename = tempfile.mktemp("", "tmp", dir=None)
10 | with open(
11 |     filename, "w+", buffering=-1, encoding=None, errors=None, newline=None
12 | ) as f:
13 |     f.write(b"Hello World!\n")
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/tempfile/examples/tempfile_mktemp_open.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 4
 5 | # end_column: 8
 6 | import tempfile
 7 | 
 8 | 
 9 | filename = tempfile.mktemp()
10 | f = open(filename, "w+")
11 | f.write(b"Hello World!\n")
12 | f.close()
13 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/tempfile/examples/tempfile_mktemp_walrus_open.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 9
 5 | # end_column: 13
 6 | import tempfile
 7 | 
 8 | 
 9 | if filename := tempfile.mktemp():
10 |     with open(filename, "w+") as f:
11 |         f.write(b"Hello World!\n")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/tempfile/examples/tempfile_mktemp_with_open.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 5
 5 | # end_column: 9
 6 | import tempfile
 7 | 
 8 | 
 9 | filename = tempfile.mktemp()
10 | with open(filename, "w+") as f:
11 |     f.write(b"Hello World!\n")
12 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/tempfile/examples/tempfile_mktemp_with_open_multiline.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 10
 3 | # end_line: 10
 4 | # start_column: 5
 5 | # end_column: 9
 6 | import tempfile
 7 | 
 8 | 
 9 | filename = tempfile.mktemp("", "tmp", dir=None)
10 | with open(
11 |     filename, "w+", buffering=-1, encoding=None, errors=None, newline=None
12 | ) as f:
13 |     f.write(b"Hello World!\n")
14 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/xmlrpc/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/securesauce/precli/1caaec7bcdd32e2a04bf07cf6d692a7c9627cb19/tests/unit/rules/python/stdlib/xmlrpc/__init__.py


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/xmlrpc/examples/xmlrpc_server_doc_xml_rpc_server.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 25
 5 | # end_column: 39
 6 | from xmlrpc.server import DocXMLRPCServer
 7 | 
 8 | 
 9 | def run(server_class: DocXMLRPCServer):
10 |     server_address = ("::", 8000)
11 |     httpd = server_class(server_address, allow_none=True)
12 |     httpd.serve_forever()
13 | 
14 | 
15 | if __name__ == "__main__":
16 |     run(DocXMLRPCServer)
17 | 


--------------------------------------------------------------------------------
/tests/unit/rules/python/stdlib/xmlrpc/examples/xmlrpc_server_simple_xml_rpc_server.py:
--------------------------------------------------------------------------------
 1 | # level: WARNING
 2 | # start_line: 11
 3 | # end_line: 11
 4 | # start_column: 25
 5 | # end_column: 39
 6 | from xmlrpc.server import SimpleXMLRPCServer
 7 | 
 8 | 
 9 | def run(server_class: SimpleXMLRPCServer):
10 |     server_address = ("0.0.0.0", 8000)
11 |     httpd = server_class(server_address, allow_none=True)
12 |     httpd.serve_forever()
13 | 
14 | 
15 | if __name__ == "__main__":
16 |     run(SimpleXMLRPCServer)
17 | 


--------------------------------------------------------------------------------