Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
flake8-import-rules
- 1.0.0
- PyPI
Sorry we don't scan binary artifacts yet
- Maintainers
- 1
Helps to prevent import of certain modules from certain modules.
It's useful if you have many modules in your project and want to keep them kind of isolated.
After installing just add import-rules option to your setup.cfg file.
[flake8]
...
import-rules=
# yaml format here
- module_one: [
module_two allow,
any deny
]
- module_two: [
module_one.sub.submodule deny
]
- module_two.sumbodule: module_one deny
- module_three: any allow
# many section for the same module are allowed
# for example
- module_two: [
deny some_other_module
]
# this will prevent any import everywhere
- any: [
any deny
]
# default behaviour is
- any: [
any allow
]
# For each module (among foo bar baz) allow import from self submodules
# and top module of others but not from submodules
- X | Y | foo | bar | baz : [
Y.ANY deny,
Y allow,
X allow
]
...
Rules are checking top-down. The Order Matters.
If current module name match section name or is submodule, then it will check all imports by rules from the section.
There can be one or more rules in section. There can be one or more sections for the same module/submodule.
modulepath allow - means allow imports from modulepath and its submodules
modulepath deny - means deny imports from modulepath and its submodules.
Keyword any or ANY or all or ALL - menas any module (like *)
To combine different module paths in one rule we can use | symbol. For example
to define rule for foo.hi foo.low bar.hi bar.low we can use
foo|bar.hi|low .
We can "define" variable that will be valid only during one section and its rules.
A | B | foo | bar | baz : [
...
]
means if current module name is foo or bar or baz then A is equal to current module name and B will correspond other names from group foo|bar|baz without current module name.
Variable name can be only single uppercase character. You can use variable name in section rule and inside section.
You can use variables for different module level for example
X|mod_a|mod_b.domain.Y : [
X.infra.Y allow
X.infra.ANY deny
]
CAUTION. As .INI configparser ignores indentation use [ ... , .. ] flow for lists as in example.
FAQs
Unknown package
We found that flake8-import-rules demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024