Skip to content

Python 3.14 compatibility fixes #1288

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Python 3.14 compatibility fixes #1288

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion bandit/core/blacklisting.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ def blacklist(context, config):
if isinstance(func, ast.Name) and func.id == "__import__":
if len(context.node.args):
if isinstance(context.node.args[0], ast.Str):
name = context.node.args[0].s
name = context.node.args[0].value
else:
# TODO(??): import through a variable, need symbol tab
name = "UNKNOWN"
Expand Down
17 changes: 2 additions & 15 deletions bandit/core/context.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -178,11 +178,8 @@ def _get_literal_value(self, literal):
:param literal: The AST literal to convert
:return: The value of the AST literal
"""
if isinstance(literal, ast.Num):
literal_value = literal.n

elif isinstance(literal, ast.Str):
literal_value = literal.s
if isinstance(literal, ast.Constant):
literal_value = literal.value

elif isinstance(literal, ast.List):
return_list = list()
Expand All @@ -205,19 +202,9 @@ def _get_literal_value(self, literal):
elif isinstance(literal, ast.Dict):
literal_value = dict(zip(literal.keys, literal.values))

elif isinstance(literal, ast.Ellipsis):
# what do we want to do with this?
literal_value = None
Comment on lines -208 to -210
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this necessary to remove?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

% uvx python3.14 -c"import ast ; ast.Ellipsis"

Traceback (most recent call last):
  File "<string>", line 1, in <module>
    import ast ; ast.Ellipsis
                 ^^^^^^^^^^^^
AttributeError: module 'ast' has no attribute 'Ellipsis'


elif isinstance(literal, ast.Name):
literal_value = literal.id

elif isinstance(literal, ast.NameConstant):
literal_value = str(literal.value)

elif isinstance(literal, ast.Bytes):
literal_value = literal.s

else:
literal_value = None

Expand Down
4 changes: 2 additions & 2 deletions bandit/core/node_visitor.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ def visit_Str(self, node):
:param node: The node that is being inspected
:return: -
"""
self.context["str"] = node.s
self.context["str"] = node.value
if not isinstance(node._bandit_parent, ast.Expr): # docstring
self.context["linerange"] = b_utils.linerange(node._bandit_parent)
self.update_scores(self.tester.run_tests(self.context, "Str"))
Expand All @@ -181,7 +181,7 @@ def visit_Bytes(self, node):
:param node: The node that is being inspected
:return: -
"""
self.context["bytes"] = node.s
self.context["bytes"] = node.value
if not isinstance(node._bandit_parent, ast.Expr): # docstring
self.context["linerange"] = b_utils.linerange(node._bandit_parent)
self.update_scores(self.tester.run_tests(self.context, "Bytes"))
Expand Down
2 changes: 1 addition & 1 deletion bandit/core/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -300,7 +300,7 @@ def _get(node, bits, stop=None):
node = node._bandit_parent
if isinstance(node, ast.BinOp):
_get(node, bits, stop)
return (node, " ".join([x.s for x in bits if isinstance(x, ast.Str)]))
return (node, " ".join([x.value for x in bits if isinstance(x, ast.Str)]))


def get_called_name(node):
Expand Down
2 changes: 1 addition & 1 deletion bandit/plugins/general_hardcoded_password.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ def hardcoded_password_string(context):
return _report(assign.value.s)

elif isinstance(node._bandit_parent, ast.Index) and RE_CANDIDATES.search(
node.s
node.value
):
# looks for "dict[candidate]='some_string'"
# assign -> subscript -> index -> string
Expand Down
2 changes: 1 addition & 1 deletion bandit/plugins/injection_sql.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ def _evaluate_ast(node):
elif isinstance(
node._bandit_parent, ast.Attribute
) and node._bandit_parent.attr in ("format", "replace"):
statement = node.s
statement = node.value
# Hierarchy for "".format() is Wrapper -> Call -> Attribute -> Str
wrapper = node._bandit_parent._bandit_parent._bandit_parent
if node._bandit_parent.attr == "replace":
Expand Down
2 changes: 1 addition & 1 deletion bandit/plugins/tarfile_unsafe_members.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ def is_filter_data(context):
for keyword in context.node.keywords:
if keyword.arg == "filter":
arg = keyword.value
return isinstance(arg, ast.Str) and arg.s == "data"
return isinstance(arg, ast.Str) and arg.value == "data"


@test.test_id("B202")
Expand Down
4 changes: 2 additions & 2 deletions tests/unit/core/test_context.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -137,7 +137,7 @@ def test__get_literal_value(self):
self.assertEqual(expected, new_context._get_literal_value(value))

value = ast.Str("spam")
expected = value.s
expected = value.value
self.assertEqual(expected, new_context._get_literal_value(value))

value = ast.List([ast.Str("spam"), ast.Num(42)], ast.Load())
Expand All @@ -164,7 +164,7 @@ def test__get_literal_value(self):
self.assertEqual(expected, new_context._get_literal_value(value))

value = ast.Bytes(b"spam")
expected = value.s
expected = value.value
self.assertEqual(expected, new_context._get_literal_value(value))

self.assertIsNone(new_context._get_literal_value(None))
Expand Down
Loading