The following issues were found
src/flask/logging.py
11 issues
Line: 7
Column: 1
from werkzeug.local import LocalProxy
from .globals import request
if t.TYPE_CHECKING:
from .app import Flask
Reported by Pylint.
Line: 10
Column: 5
from .globals import request
if t.TYPE_CHECKING:
from .app import Flask
@LocalProxy
def wsgi_errors_stream() -> t.TextIO:
"""Find the most appropriate error stream for the application. If a request
Reported by Pylint.
Line: 26
Column: 31
return request.environ["wsgi.errors"] if request else sys.stderr
def has_level_handler(logger: logging.Logger) -> bool:
"""Check if there is a handler in the logging chain that will handle the
given logger's :meth:`effective level <~logging.Logger.getEffectiveLevel>`.
"""
level = logger.getEffectiveLevel()
current = logger
Reported by Pylint.
Line: 47
Column: 19
#: Log messages to :func:`~flask.logging.wsgi_errors_stream` with the format
#: ``[%(asctime)s] %(levelname)s in %(module)s: %(message)s``.
default_handler = logging.StreamHandler(wsgi_errors_stream) # type: ignore
default_handler.setFormatter(
logging.Formatter("[%(asctime)s] %(levelname)s in %(module)s: %(message)s")
)
Reported by Pylint.
Line: 49
Column: 5
#: ``[%(asctime)s] %(levelname)s in %(module)s: %(message)s``.
default_handler = logging.StreamHandler(wsgi_errors_stream) # type: ignore
default_handler.setFormatter(
logging.Formatter("[%(asctime)s] %(levelname)s in %(module)s: %(message)s")
)
def create_logger(app: "Flask") -> logging.Logger:
"""Get the Flask app's logger and configure it if needed.
Reported by Pylint.
Line: 53
Column: 36
)
def create_logger(app: "Flask") -> logging.Logger:
"""Get the Flask app's logger and configure it if needed.
The logger name will be the same as
:attr:`app.import_name <flask.Flask.name>`.
Reported by Pylint.
Line: 66
Column: 14
:class:`~logging.StreamHandler` for
:func:`~flask.logging.wsgi_errors_stream` with a basic format.
"""
logger = logging.getLogger(app.name)
if app.debug and not logger.level:
logger.setLevel(logging.DEBUG)
if not has_level_handler(logger):
Reported by Pylint.
Line: 69
Column: 25
logger = logging.getLogger(app.name)
if app.debug and not logger.level:
logger.setLevel(logging.DEBUG)
if not has_level_handler(logger):
logger.addHandler(default_handler)
return logger
Reported by Pylint.
Line: 1
Column: 1
import logging
import sys
import typing as t
from werkzeug.local import LocalProxy
from .globals import request
if t.TYPE_CHECKING:
Reported by Pylint.
Line: 10
Column: 5
from .globals import request
if t.TYPE_CHECKING:
from .app import Flask
@LocalProxy
def wsgi_errors_stream() -> t.TextIO:
"""Find the most appropriate error stream for the application. If a request
Reported by Pylint.
examples/tutorial/flaskr/blog.py
11 issues
Line: 28
Column: 14
return render_template("blog/index.html", posts=posts)
def get_post(id, check_author=True):
"""Get a post and its author by id.
Checks that the id exists and optionally that the current user is
the author.
Reported by Pylint.
Line: 88
Column: 12
@bp.route("/<int:id>/update", methods=("GET", "POST"))
@login_required
def update(id):
"""Update a post if the current user is the author."""
post = get_post(id)
if request.method == "POST":
title = request.form["title"]
Reported by Pylint.
Line: 115
Column: 12
@bp.route("/<int:id>/delete", methods=("POST",))
@login_required
def delete(id):
"""Delete a post.
Ensures that the post exists and that the logged in user is the
author of the post.
"""
Reported by Pylint.
Line: 1
Column: 1
from flask import Blueprint
from flask import flash
from flask import g
from flask import redirect
from flask import render_template
from flask import request
from flask import url_for
from werkzeug.exceptions import abort
Reported by Pylint.
Line: 19
Column: 5
@bp.route("/")
def index():
"""Show all the posts, most recent first."""
db = get_db()
posts = db.execute(
"SELECT p.id, title, body, created, author_id, username"
" FROM post p JOIN user u ON p.author_id = u.id"
" ORDER BY created DESC"
).fetchall()
Reported by Pylint.
Line: 28
Column: 1
return render_template("blog/index.html", posts=posts)
def get_post(id, check_author=True):
"""Get a post and its author by id.
Checks that the id exists and optionally that the current user is
the author.
Reported by Pylint.
Line: 75
Column: 13
if error is not None:
flash(error)
else:
db = get_db()
db.execute(
"INSERT INTO post (title, body, author_id) VALUES (?, ?, ?)",
(title, body, g.user["id"]),
)
db.commit()
Reported by Pylint.
Line: 88
Column: 1
@bp.route("/<int:id>/update", methods=("GET", "POST"))
@login_required
def update(id):
"""Update a post if the current user is the author."""
post = get_post(id)
if request.method == "POST":
title = request.form["title"]
Reported by Pylint.
Line: 103
Column: 13
if error is not None:
flash(error)
else:
db = get_db()
db.execute(
"UPDATE post SET title = ?, body = ? WHERE id = ?", (title, body, id)
)
db.commit()
return redirect(url_for("blog.index"))
Reported by Pylint.
Line: 115
Column: 1
@bp.route("/<int:id>/delete", methods=("POST",))
@login_required
def delete(id):
"""Delete a post.
Ensures that the post exists and that the logged in user is the
author of the post.
"""
Reported by Pylint.
src/flask/globals.py
11 issues
Line: 8
Column: 5
from werkzeug.local import LocalStack
if t.TYPE_CHECKING:
from .app import Flask
from .ctx import _AppCtxGlobals
from .sessions import SessionMixin
from .wrappers import Request
_request_ctx_err_msg = """\
Reported by Pylint.
Line: 9
Column: 5
if t.TYPE_CHECKING:
from .app import Flask
from .ctx import _AppCtxGlobals
from .sessions import SessionMixin
from .wrappers import Request
_request_ctx_err_msg = """\
Working outside of request context.
Reported by Pylint.
Line: 10
Column: 5
if t.TYPE_CHECKING:
from .app import Flask
from .ctx import _AppCtxGlobals
from .sessions import SessionMixin
from .wrappers import Request
_request_ctx_err_msg = """\
Working outside of request context.
Reported by Pylint.
Line: 11
Column: 5
from .app import Flask
from .ctx import _AppCtxGlobals
from .sessions import SessionMixin
from .wrappers import Request
_request_ctx_err_msg = """\
Working outside of request context.
This typically means that you attempted to use functionality that needed
Reported by Pylint.
Line: 8
Column: 5
from werkzeug.local import LocalStack
if t.TYPE_CHECKING:
from .app import Flask
from .ctx import _AppCtxGlobals
from .sessions import SessionMixin
from .wrappers import Request
_request_ctx_err_msg = """\
Reported by Pylint.
Line: 9
Column: 5
if t.TYPE_CHECKING:
from .app import Flask
from .ctx import _AppCtxGlobals
from .sessions import SessionMixin
from .wrappers import Request
_request_ctx_err_msg = """\
Working outside of request context.
Reported by Pylint.
Line: 10
Column: 5
if t.TYPE_CHECKING:
from .app import Flask
from .ctx import _AppCtxGlobals
from .sessions import SessionMixin
from .wrappers import Request
_request_ctx_err_msg = """\
Working outside of request context.
Reported by Pylint.
Line: 11
Column: 5
from .app import Flask
from .ctx import _AppCtxGlobals
from .sessions import SessionMixin
from .wrappers import Request
_request_ctx_err_msg = """\
Working outside of request context.
This typically means that you attempted to use functionality that needed
Reported by Pylint.
Line: 1
Column: 1
import typing as t
from functools import partial
from werkzeug.local import LocalProxy
from werkzeug.local import LocalStack
if t.TYPE_CHECKING:
from .app import Flask
from .ctx import _AppCtxGlobals
Reported by Pylint.
Line: 13
Column: 1
from .sessions import SessionMixin
from .wrappers import Request
_request_ctx_err_msg = """\
Working outside of request context.
This typically means that you attempted to use functionality that needed
an active HTTP request. Consult the documentation on testing for
information about how to avoid this problem.\
Reported by Pylint.
examples/javascript/tests/test_js_example.py
10 issues
Line: 1
Column: 1
import pytest
from flask import template_rendered
@pytest.mark.parametrize(
("path", "template_name"),
(
("/", "plain.html"),
("/plain", "plain.html"),
Reported by Pylint.
Line: 15
Column: 15
),
)
def test_index(app, client, path, template_name):
def check(sender, template, context):
assert template.name == template_name
with template_rendered.connected_to(check, app):
client.get(path)
Reported by Pylint.
Line: 15
Column: 33
),
)
def test_index(app, client, path, template_name):
def check(sender, template, context):
assert template.name == template_name
with template_rendered.connected_to(check, app):
client.get(path)
Reported by Pylint.
Line: 1
Column: 1
import pytest
from flask import template_rendered
@pytest.mark.parametrize(
("path", "template_name"),
(
("/", "plain.html"),
("/plain", "plain.html"),
Reported by Pylint.
Line: 12
Column: 1
("/plain", "plain.html"),
("/fetch", "fetch.html"),
("/jquery", "jquery.html"),
),
)
def test_index(app, client, path, template_name):
def check(sender, template, context):
assert template.name == template_name
Reported by Pylint.
Line: 16
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
)
def test_index(app, client, path, template_name):
def check(sender, template, context):
assert template.name == template_name
with template_rendered.connected_to(check, app):
client.get(path)
Reported by Bandit.
Line: 24
Column: 1
@pytest.mark.parametrize(
("a", "b", "result"), ((2, 3, 5), (2.5, 3, 5.5), (2, None, 2), (2, "b", 2))
)
def test_add(client, a, b, result):
response = client.post("/add", data={"a": a, "b": b})
assert response.get_json()["result"] == result
Reported by Pylint.
Line: 24
Column: 1
@pytest.mark.parametrize(
("a", "b", "result"), ((2, 3, 5), (2.5, 3, 5.5), (2, None, 2), (2, "b", 2))
)
def test_add(client, a, b, result):
response = client.post("/add", data={"a": a, "b": b})
assert response.get_json()["result"] == result
Reported by Pylint.
Line: 24
Column: 1
@pytest.mark.parametrize(
("a", "b", "result"), ((2, 3, 5), (2.5, 3, 5.5), (2, None, 2), (2, "b", 2))
)
def test_add(client, a, b, result):
response = client.post("/add", data={"a": a, "b": b})
assert response.get_json()["result"] == result
Reported by Pylint.
Line: 27
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
)
def test_add(client, a, b, result):
response = client.post("/add", data={"a": a, "b": b})
assert response.get_json()["result"] == result
Reported by Bandit.
src/flask/json/tag.py
10 issues
Line: 53
Column: 1
from werkzeug.http import http_date
from werkzeug.http import parse_date
from ..json import dumps
from ..json import loads
class JSONTag:
"""Base class for defining type tags for :class:`TaggedJSONSerializer`."""
Reported by Pylint.
Line: 54
Column: 1
from werkzeug.http import parse_date
from ..json import dumps
from ..json import loads
class JSONTag:
"""Base class for defining type tags for :class:`TaggedJSONSerializer`."""
Reported by Pylint.
Line: 116
Column: 1
return {key[:-2]: value[key]}
class PassDict(JSONTag):
__slots__ = ()
def check(self, value: t.Any) -> bool:
return isinstance(value, dict)
Reported by Pylint.
Line: 144
Column: 1
return tuple(value)
class PassList(JSONTag):
__slots__ = ()
def check(self, value: t.Any) -> bool:
return isinstance(value, list)
Reported by Pylint.
Line: 116
Column: 1
return {key[:-2]: value[key]}
class PassDict(JSONTag):
__slots__ = ()
def check(self, value: t.Any) -> bool:
return isinstance(value, dict)
Reported by Pylint.
Line: 130
Column: 1
tag = to_json
class TagTuple(JSONTag):
__slots__ = ()
key = " t"
def check(self, value: t.Any) -> bool:
return isinstance(value, tuple)
Reported by Pylint.
Line: 144
Column: 1
return tuple(value)
class PassList(JSONTag):
__slots__ = ()
def check(self, value: t.Any) -> bool:
return isinstance(value, list)
Reported by Pylint.
Line: 156
Column: 1
tag = to_json
class TagBytes(JSONTag):
__slots__ = ()
key = " b"
def check(self, value: t.Any) -> bool:
return isinstance(value, bytes)
Reported by Pylint.
Line: 188
Column: 1
return Markup(value)
class TagUUID(JSONTag):
__slots__ = ()
key = " u"
def check(self, value: t.Any) -> bool:
return isinstance(value, UUID)
Reported by Pylint.
Line: 202
Column: 1
return UUID(value)
class TagDateTime(JSONTag):
__slots__ = ()
key = " d"
def check(self, value: t.Any) -> bool:
return isinstance(value, datetime)
Reported by Pylint.
src/flask/signals.py
10 issues
Line: 1
Column: 1
import typing as t
try:
from blinker import Namespace
signals_available = True
except ImportError:
signals_available = False
Reported by Pylint.
Line: 6
Column: 5
try:
from blinker import Namespace
signals_available = True
except ImportError:
signals_available = False
class Namespace: # type: ignore
def signal(self, name: str, doc: t.Optional[str] = None) -> "_FakeSignal":
Reported by Pylint.
Line: 8
Column: 5
signals_available = True
except ImportError:
signals_available = False
class Namespace: # type: ignore
def signal(self, name: str, doc: t.Optional[str] = None) -> "_FakeSignal":
return _FakeSignal(name, doc)
Reported by Pylint.
Line: 10
Column: 5
except ImportError:
signals_available = False
class Namespace: # type: ignore
def signal(self, name: str, doc: t.Optional[str] = None) -> "_FakeSignal":
return _FakeSignal(name, doc)
class _FakeSignal:
"""If blinker is unavailable, create a fake class with the same
Reported by Pylint.
Line: 10
Column: 5
except ImportError:
signals_available = False
class Namespace: # type: ignore
def signal(self, name: str, doc: t.Optional[str] = None) -> "_FakeSignal":
return _FakeSignal(name, doc)
class _FakeSignal:
"""If blinker is unavailable, create a fake class with the same
Reported by Pylint.
Line: 11
Column: 9
signals_available = False
class Namespace: # type: ignore
def signal(self, name: str, doc: t.Optional[str] = None) -> "_FakeSignal":
return _FakeSignal(name, doc)
class _FakeSignal:
"""If blinker is unavailable, create a fake class with the same
interface that allows sending of signals but will fail with an
Reported by Pylint.
Line: 11
Column: 9
signals_available = False
class Namespace: # type: ignore
def signal(self, name: str, doc: t.Optional[str] = None) -> "_FakeSignal":
return _FakeSignal(name, doc)
class _FakeSignal:
"""If blinker is unavailable, create a fake class with the same
interface that allows sending of signals but will fail with an
Reported by Pylint.
Line: 14
Column: 5
def signal(self, name: str, doc: t.Optional[str] = None) -> "_FakeSignal":
return _FakeSignal(name, doc)
class _FakeSignal:
"""If blinker is unavailable, create a fake class with the same
interface that allows sending of signals but will fail with an
error on anything else. Instead of doing anything on send, it
will just ignore the arguments and do nothing instead.
"""
Reported by Pylint.
Line: 25
Column: 9
self.name = name
self.__doc__ = doc
def send(self, *args: t.Any, **kwargs: t.Any) -> t.Any:
pass
def _fail(self, *args: t.Any, **kwargs: t.Any) -> t.Any:
raise RuntimeError(
"Signalling support is unavailable because the blinker"
Reported by Pylint.
Line: 28
Column: 9
def send(self, *args: t.Any, **kwargs: t.Any) -> t.Any:
pass
def _fail(self, *args: t.Any, **kwargs: t.Any) -> t.Any:
raise RuntimeError(
"Signalling support is unavailable because the blinker"
" library is not installed."
)
Reported by Pylint.
tests/test_subclassing.py
8 issues
Line: 15
Column: 5
app = SuppressedFlask(__name__)
@app.route("/")
def index():
raise Exception("test")
rv = app.test_client().get("/", errors_stream=out)
assert rv.status_code == 500
assert b"Internal Server Error" in rv.data
Reported by Pylint.
Line: 1
Column: 1
from io import StringIO
import flask
def test_suppressed_exception_logging():
class SuppressedFlask(flask.Flask):
def log_exception(self, exc_info):
pass
Reported by Pylint.
Line: 6
Column: 1
import flask
def test_suppressed_exception_logging():
class SuppressedFlask(flask.Flask):
def log_exception(self, exc_info):
pass
out = StringIO()
Reported by Pylint.
Line: 7
Column: 5
def test_suppressed_exception_logging():
class SuppressedFlask(flask.Flask):
def log_exception(self, exc_info):
pass
out = StringIO()
app = SuppressedFlask(__name__)
Reported by Pylint.
Line: 18
Column: 5
def index():
raise Exception("test")
rv = app.test_client().get("/", errors_stream=out)
assert rv.status_code == 500
assert b"Internal Server Error" in rv.data
assert not out.getvalue()
Reported by Pylint.
Line: 19
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
raise Exception("test")
rv = app.test_client().get("/", errors_stream=out)
assert rv.status_code == 500
assert b"Internal Server Error" in rv.data
assert not out.getvalue()
Reported by Bandit.
Line: 20
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
rv = app.test_client().get("/", errors_stream=out)
assert rv.status_code == 500
assert b"Internal Server Error" in rv.data
assert not out.getvalue()
Reported by Bandit.
Line: 21
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
rv = app.test_client().get("/", errors_stream=out)
assert rv.status_code == 500
assert b"Internal Server Error" in rv.data
assert not out.getvalue()
Reported by Bandit.
tests/test_session_interface.py
7 issues
Line: 22
Column: 6
app = flask.Flask(__name__)
app.session_interface = MySessionInterface()
@app.get("/")
def index():
return "Hello, World!"
response = app.test_client().get("/")
assert response.status_code == 200
Reported by Pylint.
Line: 16
Column: 13
pass
def open_session(self, app, request):
flask._request_ctx_stack.top.match_request()
assert request.endpoint is not None
app = flask.Flask(__name__)
app.session_interface = MySessionInterface()
Reported by Pylint.
Line: 23
Column: 5
app.session_interface = MySessionInterface()
@app.get("/")
def index():
return "Hello, World!"
response = app.test_client().get("/")
assert response.status_code == 200
Reported by Pylint.
Line: 1
Column: 1
import flask
from flask.sessions import SessionInterface
def test_open_session_with_endpoint():
"""If request.endpoint (or other URL matching behavior) is needed
while loading the session, RequestContext.match_request() can be
called manually.
"""
Reported by Pylint.
Line: 11
Column: 5
called manually.
"""
class MySessionInterface(SessionInterface):
def save_session(self, app, session, response):
pass
def open_session(self, app, request):
flask._request_ctx_stack.top.match_request()
Reported by Pylint.
Line: 17
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def open_session(self, app, request):
flask._request_ctx_stack.top.match_request()
assert request.endpoint is not None
app = flask.Flask(__name__)
app.session_interface = MySessionInterface()
@app.get("/")
Reported by Bandit.
Line: 27
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
return "Hello, World!"
response = app.test_client().get("/")
assert response.status_code == 200
Reported by Bandit.
examples/tutorial/flaskr/db.py
6 issues
Line: 23
Column: 14
return g.db
def close_db(e=None):
"""If this request connected to the database, close the
connection.
"""
db = g.pop("db", None)
Reported by Pylint.
Line: 1
Column: 1
import sqlite3
import click
from flask import current_app
from flask import g
from flask.cli import with_appcontext
def get_db():
Reported by Pylint.
Line: 23
Column: 1
return g.db
def close_db(e=None):
"""If this request connected to the database, close the
connection.
"""
db = g.pop("db", None)
Reported by Pylint.
Line: 27
Column: 5
"""If this request connected to the database, close the
connection.
"""
db = g.pop("db", None)
if db is not None:
db.close()
Reported by Pylint.
Line: 35
Column: 5
def init_db():
"""Clear existing data and create new tables."""
db = get_db()
with current_app.open_resource("schema.sql") as f:
db.executescript(f.read().decode("utf8"))
Reported by Pylint.
Line: 37
Column: 53
"""Clear existing data and create new tables."""
db = get_db()
with current_app.open_resource("schema.sql") as f:
db.executescript(f.read().decode("utf8"))
@click.command("init-db")
@with_appcontext
Reported by Pylint.
tests/test_apps/cliapp/factory.py
6 issues
Line: 1
Column: 1
from flask import Flask
def create_app():
return Flask("app")
def create_app2(foo, bar):
return Flask("_".join(["app2", foo, bar]))
Reported by Pylint.
Line: 4
Column: 1
from flask import Flask
def create_app():
return Flask("app")
def create_app2(foo, bar):
return Flask("_".join(["app2", foo, bar]))
Reported by Pylint.
Line: 8
Column: 1
return Flask("app")
def create_app2(foo, bar):
return Flask("_".join(["app2", foo, bar]))
def no_app():
pass
Reported by Pylint.
Line: 8
Column: 1
return Flask("app")
def create_app2(foo, bar):
return Flask("_".join(["app2", foo, bar]))
def no_app():
pass
Reported by Pylint.
Line: 8
Column: 1
return Flask("app")
def create_app2(foo, bar):
return Flask("_".join(["app2", foo, bar]))
def no_app():
pass
Reported by Pylint.
Line: 12
Column: 1
return Flask("_".join(["app2", foo, bar]))
def no_app():
pass
Reported by Pylint.