python-taint - pypi Package Compare versions

Comparing version 0.37 to 0.38

pyt/core/transformer.py

+import ast
+
+
+class AsyncTransformer(ast.NodeTransformer):
+    """Converts all async nodes into their synchronous counterparts."""
+
+    def visit_Await(self, node):
+        """Awaits are treated as if the keyword was absent."""
+        return self.visit(node.value)
+
+    def visit_AsyncFunctionDef(self, node):
+        return self.visit(ast.FunctionDef(**node.__dict__))
+
+    def visit_AsyncFor(self, node):
+        return self.visit(ast.For(**node.__dict__))
+
+    def visit_AsyncWith(self, node):
+        return self.visit(ast.With(**node.__dict__))

PKG-INFO

 Metadata-Version: 1.1
 Name: python-taint
-Version: 0.37
+Version: 0.38
 Summary: Find security vulnerabilities in Python web applications using static analysis.
@@ -9,3 +9,3 @@ Home-page: https://github.com/python-security/pyt
 License: GPLv2
-Download-URL: https://github.com/python-security/pyt/archive/0.37.tar.gz
+Download-URL: https://github.com/python-security/pyt/archive/0.38.tar.gz
 Description: Check out PyT on `GitHub <https://github.com/python-security/pyt>`_!
@@ -12,0 +12,0 @@ Keywords: security,vulnerability,web,flask,django,static-analysis,program-analysis

pyt/core/ast_helper.py

@@ -9,3 +9,5 @@ """This module contains helper function.
 
+from .transformer import AsyncTransformer
 
+
 BLACK_LISTED_CALL_NAMES = ['self']
@@ -36,3 +38,4 @@ recursive = False
             try:
-                return ast.parse(f.read())
+                tree = ast.parse(f.read())
+                return AsyncTransformer().visit(tree)
             except SyntaxError:  # pragma: no cover
@@ -39,0 +42,0 @@ global recursive

pyt/helper_visitors/vars_visitor.py

@@ -71,5 +71,2 @@ import ast
 
-    def visit_Await(self, node):
-        self.visit(node.value)
-
     def visit_Yield(self, node):
@@ -76,0 +73,0 @@ if node.value:

pyt/vulnerabilities/vulnerabilities.py

@@ -543,4 +543,7 @@ """Module for finding vulnerabilities based on a definitions file."""
         )
-    with open(blackbox_mapping_file, 'w') as outfile:
-        json.dump(blackbox_mapping, outfile, indent=4)
+
+    if ui_mode == UImode.INTERACTIVE:
+        with open(blackbox_mapping_file, 'w') as outfile:
+            json.dump(blackbox_mapping, outfile, indent=4)
+
     return vulnerabilities

python_taint.egg-info/PKG-INFO

 Metadata-Version: 1.1
 Name: python-taint
-Version: 0.37
+Version: 0.38
 Summary: Find security vulnerabilities in Python web applications using static analysis.
@@ -9,3 +9,3 @@ Home-page: https://github.com/python-security/pyt
 License: GPLv2
-Download-URL: https://github.com/python-security/pyt/archive/0.37.tar.gz
+Download-URL: https://github.com/python-security/pyt/archive/0.38.tar.gz
 Description: Check out PyT on `GitHub <https://github.com/python-security/pyt>`_!
@@ -12,0 +12,0 @@ Keywords: security,vulnerability,web,flask,django,static-analysis,program-analysis

python_taint.egg-info/SOURCES.txt

@@ -26,2 +26,3 @@ MANIFEST.in
 pyt/core/project_handler.py
+pyt/core/transformer.py
 pyt/formatters/__init__.py
@@ -28,0 +29,0 @@ pyt/formatters/json.py

README.rst

@@ -152,16 +152,2 @@ .. image:: https://travis-ci.org/python-security/pyt.svg?branch=master
 
-Install dependencies
-
-``pip install -r requirements.txt``
-
-``pip list`` sample output ::
-
-    gitdb (0.6.4)
-    GitPython (2.0.8)
-    graphviz (0.4.10)
-    pip (9.0.1)
-    requests (2.10.0)
-    setuptools (28.8.0)
-    smmap (0.9.0)
-
 In the future, just type ``source ~/a_folder/bin/activate`` to start developing.

setup.py

@@ -5,3 +5,3 @@ from setuptools import find_packages
 
-VERSION = '0.37'
+VERSION = '0.38'
 
@@ -8,0 +8,0 @@

Alert delta unavailable

Currently unable to show alert delta for PyPI packages.

Improved metrics

Total package byte prevSize

165549

0.25%

Number of package files

54

1.89%

Lines of code

3977

0.33%