Modify

Opened 21 months ago

#14206 new defect

Static analysis updates

Reported by: figaro Owned by: Jun Omae
Priority: normal Component: TracDbftsPlugin
Severity: normal Keywords: patch
Cc: Trac Release:

Description

Autopep8 mostly adjusts indentation. Manual addition of some docstrings, a classifier and a modest increase to the version number.

Two issues which I want to highlight:

  1. Typo in source:tracdbftsplugin/trunk/tracdbfts/api.py
    Line 
    533            cursor.execute("DROP TRIGGER IF EXISTS dbfts_insert")
    534            cursor.execute("DROP TRIGGER IF EXISTS dbfts_insert")
    535            cursor.execute("DROP TRIGGER IF EXISTS dbfts_delete")
  2. Bandit speaks of insecure hash function use also in api.py, and perhaps you can suggest an alternative?
    Line 
    602def _build_hash(*values):
    603    def to_b(value):
    604        if isinstance(value, _inttypes):
    605            return b'%d' % value
    606        if isinstance(value, bytes):
    607            return value
    608        if isinstance(value, unicode):
    609            return value.encode('utf-8')
    610        raise ValueError('Unrecognized value %r' % type(value))
    611    d = hashlib.sha1()
    612    d.update(b'\0'.join(to_b(value) for value in values))
    613    return base64.b64encode(d.digest()).rstrip(b'=')

Attachments (1)

tracdbftsplugin.diff (5.7 KB) - added by figaro 21 months ago.
Diff -u of tracdbftsplugin/trunk

Download all attachments as: .zip

Change History (1)

Changed 21 months ago by figaro

Attachment: tracdbftsplugin.diff added

Diff -u of tracdbftsplugin/trunk

Modify Ticket

Change Properties
Set your email in Preferences
Action
as new The owner will remain Jun Omae.

Add Comment

E-mail address and name can be saved in the Preferences.

AttachmentsDescription
 
Note: See TracTickets for help on using tickets.