Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Password #387

Merged
merged 18 commits into from Jan 14, 2019
Merged

Password #387

merged 18 commits into from Jan 14, 2019

Conversation

ehooo
Copy link
Contributor

@ehooo ehooo commented Sep 20, 2018

Proposed solution for #386 with re

@ehooo
Copy link
Contributor Author

ehooo commented Nov 16, 2018
edited

@sigmavirus24 I also fix a bug on this rule on python2 (d90eecf) when the param is a list, for example:
def my_funct((a, b))
Shall I create a test on example file?

@ehooo ehooo mentioned this pull request Nov 16, 2018
Closed
lukehinds
lukehinds requested changes Jan 11, 2019
View reviewed changes
Copy link
Member

@lukehinds lukehinds left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like the idea of using regex here, but with this current patch I don't think it adds a great deal - its just the same list as before, but using re. instead of a python list.

However I think it would be really nice to have the option of providing the list externally so users could supply there own. Something like [0] maybe - although that list might not be a good example as it would cause performance issues.

[0] https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt

So an external list would be sourced and fed into re.compile (or if no list is present just use the defaults in the code). Perhaps the list could be configured in the config parser, if its present (true) then load the list, if not (false) use the defaults.

What do you think?

@ehooo
Copy link
Contributor Author

ehooo commented Jan 13, 2019

Hi @lukehinds I like your idea, however the flow that you describe I think should be a new requirement out of this rule.

@lukehinds
Copy link
Member

lukehinds commented Jan 14, 2019
edited

@ehooo understood if you would like to work on that, please go ahead and raise it as an enhancement.

@lukehinds lukehinds merged commit 14a774e into PyCQA:master Jan 14, 2019
@ehooo ehooo deleted the password branch March 18, 2019 09:14
@asottile asottile mentioned this pull request May 19, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sigmavirus24 sigmavirus24 sigmavirus24 left review comments

@bcaller bcaller bcaller left review comments

@lukehinds lukehinds lukehinds approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@ehooo @lukehinds @sigmavirus24 @bcaller