python-security/pyt

View on GitHub

Showing 83 of 158 total issues

File stmt_visitor.py has 932 lines of code (exceeds 250 allowed). Consider refactoring.
Open

import ast
import itertools
import logging
import os.path
from pkgutil import iter_modules
Severity: Major
Found in pyt/cfg/stmt_visitor.py - About 2 days to fix

    LabelVisitor has 62 functions (exceeds 20 allowed). Consider refactoring.
    Open

    class LabelVisitor(ast.NodeVisitor):
        def __init__(self):
            self.result = ''
    
        def handle_comma_separated(self, comma_separated_list):
    Severity: Major
    Found in pyt/helper_visitors/label_visitor.py - About 1 day to fix

      File expr_visitor.py has 480 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      import ast
      import logging
      
      from .alias_helper import handle_aliases_in_calls
      from ..core.ast_helper import (
      Severity: Minor
      Found in pyt/cfg/expr_visitor.py - About 7 hrs to fix

        File vulnerabilities.py has 458 lines of code (exceeds 250 allowed). Consider refactoring.
        Open

        """Module for finding vulnerabilities based on a definitions file."""
        
        import ast
        import json
        from collections import defaultdict
        Severity: Minor
        Found in pyt/vulnerabilities/vulnerabilities.py - About 7 hrs to fix

          Function add_module has a Cognitive Complexity of 38 (exceeds 5 allowed). Consider refactoring.
          Open

              def add_module(  # noqa: C901
                  self,
                  module,
                  module_or_package_name,
                  local_names,
          Severity: Minor
          Found in pyt/cfg/stmt_visitor.py - About 5 hrs to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          StmtVisitor has 40 functions (exceeds 20 allowed). Consider refactoring.
          Open

          class StmtVisitor(ast.NodeVisitor):
              def __init__(self, allow_local_directory_imports=True):
                  self._allow_local_modules = allow_local_directory_imports
                  super().__init__()
          
          
          Severity: Minor
          Found in pyt/cfg/stmt_visitor.py - About 5 hrs to fix

            Function save_def_args_in_temp has a Cognitive Complexity of 28 (exceeds 5 allowed). Consider refactoring.
            Open

                def save_def_args_in_temp(
                    self,
                    call_args,
                    def_args,
                    line_number,
            Severity: Minor
            Found in pyt/cfg/expr_visitor.py - About 4 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function add_blackbox_or_builtin_call has a Cognitive Complexity of 25 (exceeds 5 allowed). Consider refactoring.
            Open

                def add_blackbox_or_builtin_call(self, node, blackbox):  # noqa: C901
                    """Processes a blackbox or builtin function when it is called.
                    Nothing gets assigned to ret_func_foo in the builtin/blackbox case.
            
                    Increments self.function_call_index each time it is called, we can refer to it as N in the comments.
            Severity: Minor
            Found in pyt/cfg/stmt_visitor.py - About 3 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function discover_files has a Cognitive Complexity of 24 (exceeds 5 allowed). Consider refactoring.
            Open

            def discover_files(targets, excluded_files, recursive=False):
                included_files = list()
                excluded_list = excluded_files.split(",")
                for target in targets:
                    if os.path.isdir(target):
            Severity: Minor
            Found in pyt/__main__.py - About 3 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function visit_Import has a Cognitive Complexity of 24 (exceeds 5 allowed). Consider refactoring.
            Open

                def visit_Import(self, node):
                    for name in node.names:
                        for module in self.local_modules:
                            if name.name == module[0]:
                                if os.path.isdir(module[1]):
            Severity: Minor
            Found in pyt/cfg/stmt_visitor.py - About 3 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function get_vulnerability has a Cognitive Complexity of 23 (exceeds 5 allowed). Consider refactoring.
            Open

            def get_vulnerability(
                source,
                sink,
                triggers,
                lattice,
            Severity: Minor
            Found in pyt/vulnerabilities/vulnerabilities.py - About 3 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function stmt_star_handler has a Cognitive Complexity of 23 (exceeds 5 allowed). Consider refactoring.
            Open

                def stmt_star_handler(
                    self,
                    stmts,
                    prev_node_to_avoid=None
                ):
            Severity: Minor
            Found in pyt/cfg/stmt_visitor.py - About 3 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function main has a Cognitive Complexity of 21 (exceeds 5 allowed). Consider refactoring.
            Open

            def main(command_line_args=sys.argv[1:]):  # noqa: C901
                args = parse_args(command_line_args)
            
                logging_level = (
                    logging.ERROR if not args.verbose else
            Severity: Minor
            Found in pyt/__main__.py - About 2 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            VarsVisitor has 25 functions (exceeds 20 allowed). Consider refactoring.
            Open

            class VarsVisitor(ast.NodeVisitor):
                def __init__(self):
                    self.result = list()
            
                def visit_Name(self, node):
            Severity: Minor
            Found in pyt/helper_visitors/vars_visitor.py - About 2 hrs to fix

              Function how_vulnerable has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring.
              Open

              def how_vulnerable(
                  chain,
                  blackbox_mapping,
                  sanitiser_nodes,
                  potential_sanitiser,
              Severity: Minor
              Found in pyt/vulnerabilities/vulnerabilities.py - About 2 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Function handle_relative_import has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring.
              Open

                  def handle_relative_import(self, node):
                      """
                          from A means node.level == 0
                          from . import B means node.level == 1
                          from .A means node.level == 1
              Severity: Minor
              Found in pyt/cfg/stmt_visitor.py - About 2 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Function get_modules has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
              Open

              def get_modules(path, prepend_module_root=True):
                  """Return a list containing tuples of
                  e.g. ('test_project.utils', 'example/test_project/utils.py')
                  """
                  module_root = os.path.split(path)[1]
              Severity: Minor
              Found in pyt/core/project_handler.py - About 2 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Function visit_Call has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring.
              Open

                  def visit_Call(self, call_node):
                      func_name = get_call_names_as_string(call_node.func)
                      trigger_re = r"(^|\.){}$".format(re.escape(self._trigger_str))
                      if re.search(trigger_re, func_name):
                          seen_starred = False
              Severity: Minor
              Found in pyt/helper_visitors/call_visitor.py - About 2 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Function visit_ImportFrom has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring.
              Open

                  def visit_ImportFrom(self, node):
                      # Is it relative?
                      if node.level > 0:
                          return self.handle_relative_import(node)
                      # not relative
              Severity: Minor
              Found in pyt/cfg/stmt_visitor.py - About 2 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Function vulnerability_to_str has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring.
              Open

              def vulnerability_to_str(i, vulnerability):
                  lines = []
                  lines.append(color('Vulnerability {}'.format(i), UNDERLINE))
                  lines.append('File: {}'.format(color(vulnerability.source.path, BOLD)))
                  lines.append(
              Severity: Minor
              Found in pyt/formatters/screen.py - About 1 hr to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Severity
              Category
              Status
              Source
              Language