PyCQA · jwstein3400 · Dec 2, 2020 · Dec 2, 2020
@@ -9,8 +9,8 @@
 Blacklist various Python calls known to be dangerous
 ====================================================
 
-This blacklist data checks for a number of Python calls known to have possible
-security implications. The following blacklist tests are run against any
+This blocklist data checks for a number of Python calls known to have possible
+security implications. The following blocklist tests are run against any
 function calls encoutered in the scanned code base, triggered by encoutering
 ast.Call nodes.
 
@@ -313,19 +313,19 @@
 
 """
 
-from bandit.blacklists import utils
+from bandit.blocklists import utils
 
 
-def gen_blacklist():
-    """Generate a list of items to blacklist.
+def gen_blocklist():
+    """Generate a list of items to blocklist.
 
-    Methods of this type, "bandit.blacklist" plugins, are used to build a list
-    of items that bandit's built in blacklisting tests will use to trigger
-    issues. They replace the older blacklist* test plugins and allow
-    blacklisted items to have a unique bandit ID for filtering and profile
+    Methods of this type, "bandit.blocklist" plugins, are used to build a list
+    of items that bandit's built in blocklisting tests will use to trigger
+    issues. They replace the older blocklist* test plugins and allow
+    blocklisted items to have a unique bandit ID for filtering and profile
     usage.
 
-    :return: a dictionary mapping node types to a list of blacklist data
+    :return: a dictionary mapping node types to a list of blocklist data
     """
 
     sets = []

@@ -9,8 +9,8 @@
 Blacklist various Python imports known to be dangerous
 ======================================================
 
-This blacklist data checks for a number of Python modules known to have
-possible security implications. The following blacklist tests are run against
+This blocklist data checks for a number of Python modules known to have
+possible security implications. The following blocklist tests are run against
 any import statements or calls encountered in the scanned code base.
 
 Note that the XML rules listed here are mostly based off of Christian Heimes'
@@ -193,7 +193,7 @@
 
 B414: import_pycryptodome
 -------------------------
-This import blacklist has been removed. The information here has been
+This import blocklist has been removed. The information here has been
 left for historical purposes.
 
 pycryptodome is a direct fork of pycrypto that has not fully addressed
@@ -216,19 +216,19 @@
 
 """
 
-from bandit.blacklists import utils
+from bandit.blocklists import utils
 
 
-def gen_blacklist():
-    """Generate a list of items to blacklist.
+def gen_blocklist():
+    """Generate a list of items to blocklist.
 
-    Methods of this type, "bandit.blacklist" plugins, are used to build a list
-    of items that bandit's built in blacklisting tests will use to trigger
-    issues. They replace the older blacklist* test plugins and allow
-    blacklisted items to have a unique bandit ID for filtering and profile
+    Methods of this type, "bandit.blocklist" plugins, are used to build a list
+    of items that bandit's built in blocklisting tests will use to trigger
+    issues. They replace the older blocklist* test plugins and allow
+    blocklisted items to have a unique bandit ID for filtering and profile
     usage.
 
-    :return: a dictionary mapping node types to a list of blacklist data
+    :return: a dictionary mapping node types to a list of blocklist data
     """
 
     sets = []

@@ -6,7 +6,7 @@
 
 
 def build_conf_dict(name, bid, qualnames, message, level='MEDIUM'):
-    """Build and return a blacklist configuration dict."""
+    """Build and return a blocklist configuration dict."""
 
     return {'name': name, 'id': bid, 'message': message,
             'qualnames': qualnames, 'level': level}
@@ -148,7 +148,7 @@ def main():
                              for t in extension_loader.MANAGER.plugins]
 
                 others = [tpl.format(k, v['name']) for k, v in (
-                    extension_loader.MANAGER.blacklist_by_id.items())]
+                    extension_loader.MANAGER.blocklist_by_id.items())]
                 test_list.extend(others)
                 test_list.sort()
 

@@ -256,12 +256,12 @@ def main():
 
     plugin_info = ["%s\t%s" % (a[0], a[1].name) for a in
                    extension_mgr.plugins_by_id.items()]
-    blacklist_info = []
-    for a in extension_mgr.blacklist.items():
+    blocklist_info = []
+    for a in extension_mgr.blocklist.items():
         for b in a[1]:
-            blacklist_info.append('%s\t%s' % (b['id'], b['name']))
+            blocklist_info.append('%s\t%s' % (b['id'], b['name']))
 
-    plugin_list = '\n\t'.join(sorted(set(plugin_info + blacklist_info)))
+    plugin_list = '\n\t'.join(sorted(set(plugin_info + blocklist_info)))
     dedent_text = textwrap.dedent('''
     CUSTOM FORMATTING
     -----------------

@@ -17,17 +17,17 @@ def report_issue(check, name):
         ident=name, test_id=check.get("id", 'LEGACY'))
 
 
-def blacklist(context, config):
-    """Generic blacklist test, B001.
+def blocklist(context, config):
+    """Generic blocklist test, B001.
 
-    This generic blacklist test will be called for any encountered node with
-    defined blacklist data available. This data is loaded via plugins using
-    the 'bandit.blacklists' entry point. Please see the documentation for more
-    details. Each blacklist datum has a unique bandit ID that may be used for
-    filtering purposes, or alternatively all blacklisting can be filtered using
+    This generic blocklist test will be called for any encountered node with
+    defined blocklist data available. This data is loaded via plugins using
+    the 'bandit.blocklists' entry point. Please see the documentation for more
+    details. Each blocklist datum has a unique bandit ID that may be used for
+    filtering purposes, or alternatively all blocklisting can be filtered using
     the id of this built in test, 'B001'.
     """
-    blacklists = config
+    blocklists = config
     node_type = context.node.__class__.__name__
 
     if node_type == 'Call':
@@ -48,7 +48,7 @@ def blacklist(context, config):
             # Will produce None if argument is not a literal or identifier
             if name in ["importlib.import_module", "importlib.__import__"]:
                 name = context.call_args[0]
-        for check in blacklists[node_type]:
+        for check in blocklists[node_type]:
             for qn in check['qualnames']:
                 if name is not None and fnmatch.fnmatch(name, qn):
                     return report_issue(check, name)
@@ -59,7 +59,7 @@ def blacklist(context, config):
             if context.node.module is not None:
                 prefix = context.node.module + "."
 
-        for check in blacklists[node_type]:
+        for check in blocklists[node_type]:
             for name in context.node.names:
                 for qn in check['qualnames']:
                     if (prefix + name.name).startswith(qn):

@@ -111,10 +111,10 @@ def _init_plugin_name_pattern(self):
 
     def convert_legacy_config(self):
         updated_profiles = self.convert_names_to_ids()
-        bad_calls, bad_imports = self.convert_legacy_blacklist_data()
+        bad_calls, bad_imports = self.convert_legacy_blocklist_data()
 
         if updated_profiles:
-            self.convert_legacy_blacklist_tests(updated_profiles,
+            self.convert_legacy_blocklist_tests(updated_profiles,
                                                 bad_calls, bad_imports)
             self._config['profiles'] = updated_profiles
 
@@ -134,20 +134,20 @@ def convert_names_to_ids(self):
             updated_profiles[name] = {'include': include, 'exclude': exclude}
         return updated_profiles
 
-    def convert_legacy_blacklist_data(self):
-        '''Detect legacy blacklist data and convert it to new format.'''
+    def convert_legacy_blocklist_data(self):
+        '''Detect legacy blocklist data and convert it to new format.'''
         bad_calls_list = []
         bad_imports_list = []
 
-        bad_calls = self.get_option('blacklist_calls') or {}
+        bad_calls = self.get_option('blocklist_calls') or {}
         bad_calls = bad_calls.get('bad_name_sets', {})
         for item in bad_calls:
             for key, val in item.items():
                 val['name'] = key
                 val['message'] = val['message'].replace('{func}', '{name}')
                 bad_calls_list.append(val)
 
-        bad_imports = self.get_option('blacklist_imports') or {}
+        bad_imports = self.get_option('blocklist_imports') or {}
         bad_imports = bad_imports.get('bad_import_sets', {})
         for item in bad_imports:
             for key, val in item.items():
@@ -158,47 +158,47 @@ def convert_legacy_blacklist_data(self):
                 bad_imports_list.append(val)
 
         if bad_imports_list or bad_calls_list:
-            LOG.warning('Legacy blacklist data found in config, overriding '
+            LOG.warning('Legacy blocklist data found in config, overriding '
                         'data plugins')
         return bad_calls_list, bad_imports_list
 
     @staticmethod
-    def convert_legacy_blacklist_tests(profiles, bad_imports, bad_calls):
-        '''Detect old blacklist tests, convert to use new builtin.'''
+    def convert_legacy_blocklist_tests(profiles, bad_imports, bad_calls):
+        '''Detect old blocklist tests, convert to use new builtin.'''
         def _clean_set(name, data):
             if name in data:
                 data.remove(name)
                 data.add('B001')
 
         for name, profile in profiles.items():
-            blacklist = {}
+            blocklist = {}
             include = profile['include']
             exclude = profile['exclude']
 
-            name = 'blacklist_calls'
+            name = 'blocklist_calls'
             if name in include and name not in exclude:
-                blacklist.setdefault('Call', []).extend(bad_calls)
+                blocklist.setdefault('Call', []).extend(bad_calls)
 
             _clean_set(name, include)
             _clean_set(name, exclude)
 
-            name = 'blacklist_imports'
+            name = 'blocklist_imports'
             if name in include and name not in exclude:
-                blacklist.setdefault('Import', []).extend(bad_imports)
-                blacklist.setdefault('ImportFrom', []).extend(bad_imports)
-                blacklist.setdefault('Call', []).extend(bad_imports)
+                blocklist.setdefault('Import', []).extend(bad_imports)
+                blocklist.setdefault('ImportFrom', []).extend(bad_imports)
+                blocklist.setdefault('Call', []).extend(bad_imports)
 
             _clean_set(name, include)
             _clean_set(name, exclude)
-            _clean_set('blacklist_import_func', include)
-            _clean_set('blacklist_import_func', exclude)
+            _clean_set('blocklist_import_func', include)
+            _clean_set('blocklist_import_func', exclude)
 
             # This can happen with a legacy config that includes
-            # blacklist_calls but exclude blacklist_imports for example
+            # blocklist_calls but exclude blocklist_imports for example
             if 'B001' in include and 'B001' in exclude:
                 exclude.remove('B001')
 
-            profile['blacklist'] = blacklist
+            profile['blocklist'] = blocklist
 
     def validate(self, path):
         '''Validate the config data.'''
@@ -221,9 +221,9 @@ def _test(key, block, exclude, include):
                 inc = profile.get('include') or set()
                 exc = profile.get('exclude') or set()
 
-                _test('blacklist_imports', 'blacklist_imports', inc, exc)
-                _test('blacklist_import_func', 'blacklist_imports', inc, exc)
-                _test('blacklist_calls', 'blacklist_calls', inc, exc)
+                _test('blocklist_imports', 'blocklist_imports', inc, exc)
+                _test('blocklist_import_func', 'blocklist_imports', inc, exc)
+                _test('blocklist_calls', 'blocklist_calls', inc, exc)
 
         # show deprecation message
         if legacy:

@@ -19,9 +19,9 @@ def get_url(bid):
         return '%splugins/%s_%s.html' % (BASE_URL, bid.lower(),
                                          info.plugin.__name__)
 
-    info = extension_loader.MANAGER.blacklist_by_id.get(bid)
+    info = extension_loader.MANAGER.blocklist_by_id.get(bid)
     if info is not None:
-        template = 'blacklists/blacklist_{kind}.html#{id}-{name}'
+        template = 'blocklists/blocklist_{kind}.html#{id}-{name}'
         info['name'] = info['name'].replace('_', '-')
 
         if info['id'].startswith('B3'):  # B3XX

@@ -15,16 +15,16 @@
 class Manager(object):
     # These IDs are for bandit built in tests
     builtin = [
-        'B001'  # Built in blacklist test
+        'B001'  # Built in blocklist test
         ]
 
     def __init__(self, formatters_namespace='bandit.formatters',
                  plugins_namespace='bandit.plugins',
-                 blacklists_namespace='bandit.blacklists'):
+                 blocklists_namespace='bandit.blocklists'):
         # Cache the extension managers, loaded extensions, and extension names
         self.load_formatters(formatters_namespace)
         self.load_plugins(plugins_namespace)
-        self.load_blacklists(blacklists_namespace)
+        self.load_blocklists(blocklists_namespace)
 
     def load_formatters(self, formatters_namespace):
         self.formatters_mgr = extension.ExtensionManager(
@@ -60,25 +60,25 @@ def get_plugin_id(self, plugin_name):
             return self.plugins_by_name[plugin_name].plugin._test_id
         return None
 
-    def load_blacklists(self, blacklist_namespace):
-        self.blacklists_mgr = extension.ExtensionManager(
-            namespace=blacklist_namespace,
+    def load_blocklists(self, blocklist_namespace):
+        self.blocklists_mgr = extension.ExtensionManager(
+            namespace=blocklist_namespace,
             invoke_on_load=False,
             verify_requirements=False,
             )
-        self.blacklist = {}
-        blacklist = list(self.blacklists_mgr)
-        for item in blacklist:
+        self.blocklist = {}
+        blocklist = list(self.blocklists_mgr)
+        for item in blocklist:
             for key, val in item.plugin().items():
                 utils.check_ast_node(key)
-                self.blacklist.setdefault(key, []).extend(val)
+                self.blocklist.setdefault(key, []).extend(val)
 
-        self.blacklist_by_id = {}
-        self.blacklist_by_name = {}
-        for val in six.itervalues(self.blacklist):
+        self.blocklist_by_id = {}
+        self.blocklist_by_name = {}
+        for val in six.itervalues(self.blocklist):
             for b in val:
-                self.blacklist_by_id[b['id']] = b
-                self.blacklist_by_name[b['name']] = b
+                self.blocklist_by_id[b['id']] = b
+                self.blocklist_by_name[b['name']] = b
 
     def validate_profile(self, profile):
         '''Validate that everything in the configured profiles looks good.'''
@@ -98,7 +98,7 @@ def validate_profile(self, profile):
     def check_id(self, test):
         return (
             test in self.plugins_by_id or
-            test in self.blacklist_by_id or
+            test in self.blocklist_by_id or
             test in self.builtin)
 
 

@@ -403,7 +403,7 @@ def _find_candidate_matches(unmatched_issues, results_list):
     be able to pick out the new one.
 
     :param unmatched_issues: List of issues that weren't present before
-    :param results_list: Master list of current Bandit findings
+    :param results_list: Complete list of current Bandit findings
     :return: A dictionary with a list of candidates for each issue
     """