Skip to content

Latest commit

 

History

History
79 lines (62 loc) · 4.46 KB

CHANGELOG.md

File metadata and controls

79 lines (62 loc) · 4.46 KB

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

Added

  • DUO137: lint for insecure itsdangerous kwarg usage (#36)
  • DUO138: lint for regular expression catastrophic backtracking in re module (#41)

Fixed

  • False positive for DUO137 when kwarg missing (#39)

[0.9.2] - 2019-11-21

Fixed

  • False negative with arbitrary depth from import alias in bad module attribute (#32)
  • False negative with arbitrary depth from import wildcard in bad module attribute (#33)

[0.9.1] - 2019-11-06

Fixed

  • False positive with input as variable name (#31)

[0.9.0] - 2019-10-13

Added

  • DUO116: rule for subprocess.run (#24)
  • The --print-dlint-linters command-line flag to print all Dlint linters (#26)
  • DUO136: lint for insecure xmlsec usage (#27)

Changed

  • Visitor strategy to minimize node visits - ~25% speed up (#28)

Fixed

  • False negative with nested imports in bad module attribute (#30)

Removed

  • dlint.linters.helpers.bad_kwarg_use: use of attribute_name in favor of fully specified module_path (#19)
  • dlint.tree: use of kwarg_attribute in favor of kwarg_module_path (#21)
  • dlint.linters.helpers.bad_name_attribute_use: use of attribute list in favor of fully specified module path (#20)

[0.8.0] - 2019-09-18

Added

  • Support for Python 3.8 (#12)
  • DUO134: lint for insecure cryptography usage (#6)
  • DUO135: lint for insecure defusedxml usage (#5)

Deprecated

  • dlint.linters.helpers.bad_kwarg_use: use of attribute_name in favor of fully specified module_path (#19)
  • dlint.tree: use of kwarg_attribute in favor of kwarg_module_path (#21)
  • dlint.linters.helpers.bad_name_attribute_use: use of attribute list in favor of fully specified module path (#20)

Fixed

  • False negative when deep imports are not fully specified in bad module attribute (#1)
  • False negative - consider async functions in bad name attribute (7bd249e)
  • False negative in various import scenarios when using attribute_name in bad kwarg (#19)
  • False negative in various import scenarios when using kwarg_attribute in bad kwarg (#21)
  • False negative in various import scenarios when using attribute list in bad name attribute (#20)

[0.7.0] - 2019-08-24

Added

  • DUO133: lint for pycrypto usage (#7)

Fixed

  • False positive when bad builtin is overwritten by import (#16)
  • False negative when bad module attribute uses import alias (#2)
  • False positive when bad module attribute not imported (#14)

[0.6.0] - 2019-08-12

Added

  • Support for Python 3.5 and 3.7 (#9)
  • DUO131: lint for disabling urllib3 warnings
  • DUO132: lint for disabling urllib3 HTTPS certification verification

Removed

  • FormatStringLinter, previously DUO104, as it was a disabled expirement (#15)

[0.5.0] - 2019-07-17

Added

  • Initial public release of Dlint