The following issues were found
certbot/certbot/_internal/cli/cli_utils.py
9 issues
Line: 6
Column: 1
import copy
import inspect
from acme import challenges
from certbot import configuration
from certbot import errors
from certbot import util
from certbot._internal import constants
from certbot.compat import os
Reported by Pylint.
Line: 53
Column: 3
def flag_default(name):
"""Default value for CLI flag."""
# XXX: this is an internal housekeeping notion of defaults before
# argparse has been set up; it is not accurate for all flags. Call it
# with caution. Plugin defaults are missing, and some things are using
# defaults defined in this file, not in constants.py :(
return copy.deepcopy(constants.CLI_DEFAULTS[name])
Reported by Pylint.
Line: 233
Column: 9
try:
int_value = int(value)
except ValueError:
raise argparse.ArgumentTypeError("value must be an integer")
if int_value < 0:
raise argparse.ArgumentTypeError("value must be non-negative")
return int_value
Reported by Pylint.
Line: 67
Column: 1
return inspect.getdoc(getattr(configuration.NamespaceConfig, name))
class HelpfulArgumentGroup:
"""Emulates an argparse group for use with HelpfulArgumentParser.
This class is used in the add_group method of HelpfulArgumentParser.
Command line arguments can be added to the group, but help
suppression and default detection is applied by
Reported by Pylint.
Line: 101
Column: 1
return helpstr
class _DomainsAction(argparse.Action):
"""Action class for parsing domains."""
def __call__(self, parser, namespace, domain, option_string=None):
"""Just wrap add_domains in argparseese."""
add_domains(namespace, domain)
Reported by Pylint.
Line: 150
Column: 1
return value
class _EncodeReasonAction(argparse.Action):
"""Action class for parsing revocation reason."""
def __call__(self, parser, namespace, reason, option_string=None):
"""Encodes the reason for certificate revocation."""
code = constants.REVOCATION_REASONS[reason.lower()]
Reported by Pylint.
Line: 183
Column: 1
return challs
class _PrefChallAction(argparse.Action):
"""Action class for parsing preferred challenges."""
def __call__(self, parser, namespace, pref_challs, option_string=None):
try:
challs = parse_preferred_challenges(pref_challs.split(","))
Reported by Pylint.
Line: 194
Column: 1
namespace.pref_challs.extend(challs)
class _DeployHookAction(argparse.Action):
"""Action class for parsing deploy hooks."""
def __call__(self, parser, namespace, values, option_string=None):
renew_hook_set = namespace.deploy_hook != namespace.renew_hook
if renew_hook_set and namespace.renew_hook != values:
Reported by Pylint.
Line: 205
Column: 1
namespace.deploy_hook = namespace.renew_hook = values
class _RenewHookAction(argparse.Action):
"""Action class for parsing renew hooks."""
def __call__(self, parser, namespace, values, option_string=None):
deploy_hook_set = namespace.deploy_hook is not None
if deploy_hook_set and namespace.deploy_hook != values:
Reported by Pylint.
certbot-dns-gehirn/certbot_dns_gehirn/_internal/dns_gehirn.py
9 issues
Line: 5
Column: 1
import logging
from typing import Optional
from lexicon.providers import gehirn
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
Reported by Pylint.
Line: 7
Column: 1
from lexicon.providers import gehirn
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 8
Column: 1
from lexicon.providers import gehirn
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 9
Column: 1
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
DASHBOARD_URL = "https://gis.gehirn.jp/"
Reported by Pylint.
Line: 10
Column: 1
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
DASHBOARD_URL = "https://gis.gehirn.jp/"
Reported by Pylint.
Line: 33
Column: 5
self.credentials: Optional[CredentialsConfiguration] = None
@classmethod
def add_parser_arguments(cls, add): # pylint: disable=arguments-differ
super().add_parser_arguments(add, default_propagation_seconds=30)
add('credentials', help='Gehirn Infrastructure Service credentials file.')
def more_info(self): # pylint: disable=missing-function-docstring
return 'This plugin configures a DNS TXT record to respond to a dns-01 challenge using ' + \
Reported by Pylint.
Line: 37
Column: 5
super().add_parser_arguments(add, default_propagation_seconds=30)
add('credentials', help='Gehirn Infrastructure Service credentials file.')
def more_info(self): # pylint: disable=missing-function-docstring
return 'This plugin configures a DNS TXT record to respond to a dns-01 challenge using ' + \
'the Gehirn Infrastructure Service API.'
def _setup_credentials(self):
self.credentials = self._configure_credentials(
Reported by Pylint.
Line: 69
Column: 1
)
class _GehirnLexiconClient(dns_common_lexicon.LexiconClient):
"""
Encapsulates all communication with the Gehirn Infrastructure Service via Lexicon.
"""
def __init__(self, api_token, api_secret, ttl):
Reported by Pylint.
Line: 86
Column: 5
self.provider = gehirn.Provider(config)
def _handle_http_error(self, e, domain_name):
if domain_name in str(e) and (str(e).startswith('404 Client Error: Not Found for url:')):
return None # Expected errors when zone name guess is wrong
return super()._handle_http_error(e, domain_name)
Reported by Pylint.
certbot-dns-sakuracloud/certbot_dns_sakuracloud/_internal/dns_sakuracloud.py
9 issues
Line: 5
Column: 1
import logging
from typing import Optional
from lexicon.providers import sakuracloud
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
Reported by Pylint.
Line: 7
Column: 1
from lexicon.providers import sakuracloud
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 8
Column: 1
from lexicon.providers import sakuracloud
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 9
Column: 1
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
APIKEY_URL = "https://secure.sakura.ad.jp/cloud/#!/apikey/top/"
Reported by Pylint.
Line: 10
Column: 1
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
APIKEY_URL = "https://secure.sakura.ad.jp/cloud/#!/apikey/top/"
Reported by Pylint.
Line: 32
Column: 5
self.credentials: Optional[CredentialsConfiguration] = None
@classmethod
def add_parser_arguments(cls, add): # pylint: disable=arguments-differ
super().add_parser_arguments(
add, default_propagation_seconds=90)
add('credentials', help='Sakura Cloud credentials file.')
def more_info(self): # pylint: disable=missing-function-docstring
Reported by Pylint.
Line: 37
Column: 5
add, default_propagation_seconds=90)
add('credentials', help='Sakura Cloud credentials file.')
def more_info(self): # pylint: disable=missing-function-docstring
return 'This plugin configures a DNS TXT record to respond to a dns-01 challenge using ' + \
'the Sakura Cloud API.'
def _setup_credentials(self):
self.credentials = self._configure_credentials(
Reported by Pylint.
Line: 71
Column: 1
)
class _SakuraCloudLexiconClient(dns_common_lexicon.LexiconClient):
"""
Encapsulates all communication with the Sakura Cloud via Lexicon.
"""
def __init__(self, api_token, api_secret, ttl):
Reported by Pylint.
Line: 88
Column: 5
self.provider = sakuracloud.Provider(config)
def _handle_http_error(self, e, domain_name):
if domain_name in str(e) and (str(e).startswith('404 Client Error: Not Found for url:')):
return None # Expected errors when zone name guess is wrong
return super()._handle_http_error(e, domain_name)
Reported by Pylint.
acme/acme/fields.py
8 issues
Line: 4
Column: 1
"""ACME JSON fields."""
import logging
import josepy as jose
import pyrfc3339
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 5
Column: 1
import logging
import josepy as jose
import pyrfc3339
logger = logging.getLogger(__name__)
class Fixed(jose.Field):
Reported by Pylint.
Line: 18
Column: 5
super().__init__(
json_name=json_name, default=value, omitempty=False)
def decode(self, value):
if value != self.value:
raise jose.DeserializationError('Expected {0!r}'.format(self.value))
return self.value
def encode(self, value):
Reported by Pylint.
Line: 23
Column: 5
raise jose.DeserializationError('Expected {0!r}'.format(self.value))
return self.value
def encode(self, value):
if value != self.value:
logger.warning(
'Overriding fixed field (%s) with %r', self.json_name, value)
return value
Reported by Pylint.
Line: 40
Column: 5
"""
@classmethod
def default_encoder(cls, value):
return pyrfc3339.generate(value)
@classmethod
def default_decoder(cls, value):
try:
Reported by Pylint.
Line: 44
Column: 5
return pyrfc3339.generate(value)
@classmethod
def default_decoder(cls, value):
try:
return pyrfc3339.parse(value)
except ValueError as error:
raise jose.DeserializationError(error)
Reported by Pylint.
Line: 51
Column: 1
raise jose.DeserializationError(error)
class Resource(jose.Field):
"""Resource MITM field."""
def __init__(self, resource_type, *args, **kwargs):
self.resource_type = resource_type
super().__init__(
Reported by Pylint.
Line: 59
Column: 5
super().__init__(
'resource', default=resource_type, *args, **kwargs)
def decode(self, value):
if value != self.resource_type:
raise jose.DeserializationError(
'Wrong resource type: {0} instead of {1}'.format(
value, self.resource_type))
return value
Reported by Pylint.
tests/lock_test.py
8 issues
Line: 19
Column: 1
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from certbot import util
from certbot._internal import lock
from certbot.compat import filesystem
from certbot.tests import util as test_util
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 20
Column: 1
from cryptography.hazmat.primitives.asymmetric import rsa
from certbot import util
from certbot._internal import lock
from certbot.compat import filesystem
from certbot.tests import util as test_util
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 21
Column: 1
from certbot import util
from certbot._internal import lock
from certbot.compat import filesystem
from certbot.tests import util as test_util
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 22
Column: 1
from certbot import util
from certbot._internal import lock
from certbot.compat import filesystem
from certbot.tests import util as test_util
logger = logging.getLogger(__name__)
def main():
Reported by Pylint.
Line: 9
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import os
import re
import shutil
import subprocess
import sys
import tempfile
from cryptography import x509
from cryptography.hazmat.backends import default_backend
Reported by Bandit.
Line: 112
Column: 62
# Prepare self-signed certificates for Nginx
key_path, cert_path = setup_certificate(root_path)
# Generate Nginx configuration
with open(os.path.join(root_path, 'nginx.conf'), 'w') as f:
f.write(check_call(['/bin/sh', conf_script, root_path, key_path, cert_path]))
def set_up_command(config_dir, logs_dir, work_dir, nginx_dir):
"""Build the Certbot command to run for testing.
Reported by Pylint.
Line: 218
Column: 38
match = re.search("ee the logfile '?(.*?)'? ", err)
if match is not None:
# Get error output from more verbose logfile
with open(match.group(1)) as f:
err = f.read()
pattern = 'A lock on {0}.* is held by another process'.format(dir_path)
if not re.search(pattern, err):
err_msg = 'Directory path {0} not in error output!'.format(dir_path)
Reported by Pylint.
Line: 266
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
:rtype: tuple
"""
process = subprocess.run(args, stdout=subprocess.PIPE, check=False,
stderr=subprocess.PIPE, universal_newlines=True)
out, err = process.stdout, process.stderr
logger.debug('Return code was %d', process.returncode)
log_output(logging.DEBUG, out, err)
return process.returncode, out, err
Reported by Bandit.
acme/tests/jose_test.py
8 issues
Line: 24
Column: 9
# We use the imports below with eval, but pylint doesn't
# understand that.
import acme # pylint: disable=unused-import
import josepy # pylint: disable=unused-import
acme_jose_mod = eval(acme_jose_path) # pylint: disable=eval-used
josepy_mod = eval(josepy_path) # pylint: disable=eval-used
self.assertIs(acme_jose_mod, josepy_mod)
self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute))
Reported by Pylint.
Line: 25
Column: 9
# We use the imports below with eval, but pylint doesn't
# understand that.
import acme # pylint: disable=unused-import
import josepy # pylint: disable=unused-import
acme_jose_mod = eval(acme_jose_path) # pylint: disable=eval-used
josepy_mod = eval(josepy_path) # pylint: disable=eval-used
self.assertIs(acme_jose_mod, josepy_mod)
self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute))
Reported by Pylint.
Line: 26
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b307-eval
# understand that.
import acme # pylint: disable=unused-import
import josepy # pylint: disable=unused-import
acme_jose_mod = eval(acme_jose_path) # pylint: disable=eval-used
josepy_mod = eval(josepy_path) # pylint: disable=eval-used
self.assertIs(acme_jose_mod, josepy_mod)
self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute))
def test_top_level(self):
Reported by Bandit.
Line: 27
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b307-eval
import acme # pylint: disable=unused-import
import josepy # pylint: disable=unused-import
acme_jose_mod = eval(acme_jose_path) # pylint: disable=eval-used
josepy_mod = eval(josepy_path) # pylint: disable=eval-used
self.assertIs(acme_jose_mod, josepy_mod)
self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute))
def test_top_level(self):
self._test_it('', 'RS512')
Reported by Bandit.
Line: 24
Column: 9
# We use the imports below with eval, but pylint doesn't
# understand that.
import acme # pylint: disable=unused-import
import josepy # pylint: disable=unused-import
acme_jose_mod = eval(acme_jose_path) # pylint: disable=eval-used
josepy_mod = eval(josepy_path) # pylint: disable=eval-used
self.assertIs(acme_jose_mod, josepy_mod)
self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute))
Reported by Pylint.
Line: 25
Column: 9
# We use the imports below with eval, but pylint doesn't
# understand that.
import acme # pylint: disable=unused-import
import josepy # pylint: disable=unused-import
acme_jose_mod = eval(acme_jose_path) # pylint: disable=eval-used
josepy_mod = eval(josepy_path) # pylint: disable=eval-used
self.assertIs(acme_jose_mod, josepy_mod)
self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute))
Reported by Pylint.
Line: 31
Column: 5
self.assertIs(acme_jose_mod, josepy_mod)
self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute))
def test_top_level(self):
self._test_it('', 'RS512')
def test_submodules(self):
# This test ensures that the modules in josepy that were
# available at the time it was moved into its own package are
Reported by Pylint.
Line: 34
Column: 5
def test_top_level(self):
self._test_it('', 'RS512')
def test_submodules(self):
# This test ensures that the modules in josepy that were
# available at the time it was moved into its own package are
# available under acme.jose. Backwards compatibility with new
# modules or testing code is not maintained.
mods_and_attrs = [('b64', 'b64decode',),
Reported by Pylint.
certbot-apache/tests/gentoo_test.py
8 issues
Line: 9
Column: 1
except ImportError: # pragma: no cover
from unittest import mock # type: ignore
from certbot import errors
from certbot.compat import filesystem
from certbot.compat import os
from certbot_apache._internal import obj
from certbot_apache._internal import override_gentoo
import util
Reported by Pylint.
Line: 10
Column: 1
from unittest import mock # type: ignore
from certbot import errors
from certbot.compat import filesystem
from certbot.compat import os
from certbot_apache._internal import obj
from certbot_apache._internal import override_gentoo
import util
Reported by Pylint.
Line: 11
Column: 1
from certbot import errors
from certbot.compat import filesystem
from certbot.compat import os
from certbot_apache._internal import obj
from certbot_apache._internal import override_gentoo
import util
Reported by Pylint.
Line: 12
Column: 1
from certbot import errors
from certbot.compat import filesystem
from certbot.compat import os
from certbot_apache._internal import obj
from certbot_apache._internal import override_gentoo
import util
def get_vh_truth(temp_dir, config_name):
Reported by Pylint.
Line: 13
Column: 1
from certbot.compat import filesystem
from certbot.compat import os
from certbot_apache._internal import obj
from certbot_apache._internal import override_gentoo
import util
def get_vh_truth(temp_dir, config_name):
"""Return the ground truth for the specified directory."""
Reported by Pylint.
Line: 65
Column: 5
self.vh_truth = get_vh_truth(
self.temp_dir, "gentoo_apache/apache")
def test_get_parser(self):
self.assertTrue(isinstance(self.config.parser,
override_gentoo.GentooParser))
def test_get_virtual_hosts(self):
"""Make sure all vhosts are being properly found."""
Reported by Pylint.
Line: 111
Column: 5
self.assertTrue(mock_subprocess.called)
@mock.patch("certbot_apache._internal.apache_util._get_runtime_cfg")
def test_opportunistic_httpd_runtime_parsing(self, mock_get):
mod_val = (
'Loaded Modules:\n'
' mock_module (static)\n'
' another_module (static)\n'
)
Reported by Pylint.
Line: 135
Column: 5
self.assertTrue("mod_another.c" in self.config.parser.modules)
@mock.patch("certbot_apache._internal.configurator.util.run_script")
def test_alt_restart_works(self, mock_run_script):
mock_run_script.side_effect = [None, errors.SubprocessError, None]
self.config.restart()
self.assertEqual(mock_run_script.call_count, 3)
if __name__ == "__main__":
Reported by Pylint.
certbot/certbot/plugins/common.py
8 issues
Line: 9
Column: 1
import tempfile
from typing import List
from josepy import util as jose_util
import pkg_resources
from certbot import achallenges
from certbot import crypto_util
from certbot import errors
Reported by Pylint.
Line: 52
Column: 5
self.name = name
@jose_util.abstractclassmethod
def add_parser_arguments(cls, add):
"""Add plugin arguments to the CLI argument parser.
:param callable add: Function that proxies calls to
`argparse.ArgumentParser.add_argument` prepending options
with unique plugin name prefix.
Reported by Pylint.
Line: 73
Column: 16
return parser.add_argument(
"--{0}{1}".format(option_namespace(name), arg_name_no_prefix),
*args, **kwargs)
return cls.add_parser_arguments(add)
@property
def option_namespace(self):
"""ArgumentParser options namespace (prefix of all options)."""
return option_namespace(self.name)
Reported by Pylint.
Line: 243
Column: 9
@classmethod
def fromstring(cls, str_addr):
"""Initialize Addr from string."""
if str_addr.startswith('['):
# ipv6 addresses starts with [
endIndex = str_addr.rfind(']')
host = str_addr[:endIndex + 1]
port = ''
if len(str_addr) > endIndex + 2 and str_addr[endIndex + 1] == ':':
Reported by Pylint.
Line: 245
Column: 13
"""Initialize Addr from string."""
if str_addr.startswith('['):
# ipv6 addresses starts with [
endIndex = str_addr.rfind(']')
host = str_addr[:endIndex + 1]
port = ''
if len(str_addr) > endIndex + 2 and str_addr[endIndex + 1] == ':':
port = str_addr[endIndex + 2:]
return cls((host, port), ipv6=True)
Reported by Pylint.
Line: 302
Column: 5
return ":".join(self._normalize_ipv6(self.tup[0]))
return ""
def _explode_ipv6(self, addr):
"""Explode IPv6 address for comparison"""
result = ['0', '0', '0', '0', '0', '0', '0', '0']
addr_list = addr.split(":")
if len(addr_list) > len(result):
# too long, truncate
Reported by Pylint.
Line: 378
Column: 40
current_hash = crypto_util.sha256sum(src_path)
def _write_current_hash():
with open(digest_path, "w") as f:
f.write(current_hash)
def _install_current_file():
shutil.copyfile(src_path, dest_path)
_write_current_hash()
Reported by Pylint.
Line: 400
Column: 44
else: # has been manually modified, not safe to update
# did they modify the current version or an old version?
if os.path.isfile(digest_path):
with open(digest_path, "r") as f:
saved_digest = f.read()
# they modified it after we either installed or told them about this version, so return
if saved_digest == current_hash:
return
# there's a new version but we couldn't update the file, or they deleted the digest.
Reported by Pylint.
certbot-nginx/certbot_nginx/_internal/http_01.py
8 issues
Line: 8
Column: 1
from typing import List
from typing import Optional
from acme import challenges
from certbot import achallenges
from certbot import errors
from certbot.compat import os
from certbot.plugins import common
from certbot_nginx._internal import nginxparser
Reported by Pylint.
Line: 9
Column: 1
from typing import Optional
from acme import challenges
from certbot import achallenges
from certbot import errors
from certbot.compat import os
from certbot.plugins import common
from certbot_nginx._internal import nginxparser
from certbot_nginx._internal import obj
Reported by Pylint.
Line: 10
Column: 1
from acme import challenges
from certbot import achallenges
from certbot import errors
from certbot.compat import os
from certbot.plugins import common
from certbot_nginx._internal import nginxparser
from certbot_nginx._internal import obj
Reported by Pylint.
Line: 11
Column: 1
from acme import challenges
from certbot import achallenges
from certbot import errors
from certbot.compat import os
from certbot.plugins import common
from certbot_nginx._internal import nginxparser
from certbot_nginx._internal import obj
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 12
Column: 1
from certbot import achallenges
from certbot import errors
from certbot.compat import os
from certbot.plugins import common
from certbot_nginx._internal import nginxparser
from certbot_nginx._internal import obj
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 163
Column: 3
['root', ' ', document_root],
self._location_directive_for_achall(achall)
])
# TODO: do we want to return something else if they otherwise access this block?
return [['server'], block]
def _location_directive_for_achall(self, achall):
validation = achall.validation(achall.account_key)
validation_path = self._get_validation_path(achall)
Reported by Pylint.
Line: 19
Column: 1
logger = logging.getLogger(__name__)
class NginxHttp01(common.ChallengePerformer):
"""HTTP-01 authenticator for Nginx
:ivar configurator: NginxConfigurator object
:type configurator: :class:`~nginx.configurator.NginxConfigurator`
Reported by Pylint.
Line: 140
Column: 5
default_addr)
return addresses
def _get_validation_path(self, achall):
return os.sep + os.path.join(challenges.HTTP01.URI_ROOT_PATH, achall.chall.encode("token"))
def _make_server_block(self, achall: achallenges.KeyAuthorizationAnnotatedChallenge) -> List:
"""Creates a server block for a challenge.
Reported by Pylint.
tools/pip_install.py
8 issues
Line: 25
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
if not env:
env = os.environ
print(command)
subprocess.check_call(command, shell=True, env=env)
def pip_install_with_print(args_str, env=None):
if not env:
env = os.environ
Reported by Bandit.
Line: 38
Column: 43
def main(args):
tools_path = find_tools_path()
with tempfile.TemporaryDirectory() as working_dir:
if os.environ.get('CERTBOT_NO_PIN') == '1':
# With unpinned dependencies, there is no constraint
pip_install_with_print(' '.join(args))
else:
# Otherwise, we pick the constraints file based on the environment
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
# pip installs packages using pinned package versions. If CERTBOT_OLDEST is set
# to 1, tools/oldest_constraints.txt is used, otherwise, tools/requirements.txt
# is used.
from __future__ import absolute_import
from __future__ import print_function
import os
Reported by Pylint.
Line: 10
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
from __future__ import print_function
import os
import subprocess
import sys
import tempfile
import readlink
Reported by Bandit.
Line: 17
Column: 1
import readlink
def find_tools_path():
return os.path.dirname(readlink.main(__file__))
def call_with_print(command, env=None):
if not env:
Reported by Pylint.
Line: 21
Column: 1
return os.path.dirname(readlink.main(__file__))
def call_with_print(command, env=None):
if not env:
env = os.environ
print(command)
subprocess.check_call(command, shell=True, env=env)
Reported by Pylint.
Line: 28
Column: 1
subprocess.check_call(command, shell=True, env=env)
def pip_install_with_print(args_str, env=None):
if not env:
env = os.environ
command = ['"', sys.executable, '" -m pip install --disable-pip-version-check ', args_str]
call_with_print(''.join(command), env=env)
Reported by Pylint.
Line: 35
Column: 1
call_with_print(''.join(command), env=env)
def main(args):
tools_path = find_tools_path()
with tempfile.TemporaryDirectory() as working_dir:
if os.environ.get('CERTBOT_NO_PIN') == '1':
# With unpinned dependencies, there is no constraint
Reported by Pylint.