diff options
| author | cpopa <devnull@localhost> | 2014-04-07 11:45:57 +0300 |
|---|---|---|
| committer | cpopa <devnull@localhost> | 2014-04-07 11:45:57 +0300 |
| commit | 6b58d7b2f505f172ab6b744271f75c5b3a17910a (patch) | |
| tree | 17ac1a3d9aa89ebeccbe0bbb58216a355b4b90ad | |
| parent | ac205c624cccde73312929065eeeb3b2831f53eb (diff) | |
| parent | c39cba8e6c396e2d980ef967d8abe3f7f1a87983 (diff) | |
| download | pylint-6b58d7b2f505f172ab6b744271f75c5b3a17910a.tar.gz | |
Merge heads.
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | checkers/base.py | 10 | ||||
| -rw-r--r-- | test/input/func_eval_used.py | 13 | ||||
| -rw-r--r-- | test/messages/func_eval_used.txt | 4 |
4 files changed, 29 insertions, 1 deletions
@@ -2,6 +2,9 @@ ChangeLog for Pylint ==================== -- + * Add new warning 'eval-used', checking that the builtin function `eval` + was used. + * ensure init-hooks is evaluated before other options, notably load-plugins (#166) diff --git a/checkers/base.py b/checkers/base.py index 11198ac..4228802 100644 --- a/checkers/base.py +++ b/checkers/base.py @@ -450,6 +450,12 @@ functions, methods 'exec-used', 'Used when you use the "exec" statement (function for Python 3), to discourage its \ usage. That doesn\'t mean you can not use it !'), + 'W0123': ('Use of eval', + 'eval-used', + 'Used when you use the "eval" function, to discourage its ' + 'usage. Consider using `ast.literal_eval` for safely evaluating ' + 'strings containing Python expressions ' + 'from untrusted sources. '), 'W0141': ('Used builtin function %r', 'bad-builtin', 'Used when a black listed builtin function is used (see the ' @@ -680,7 +686,7 @@ functions, methods """just print a warning on exec statements""" self.add_message('exec-used', node=node) - @check_messages('bad-builtin', 'star-args', + @check_messages('bad-builtin', 'star-args', 'eval-used', 'exec-used', 'missing-reversed-argument', 'bad-reversed-sequence') def visit_callfunc(self, node): @@ -697,6 +703,8 @@ functions, methods self.add_message('exec-used', node=node) elif name == 'reversed': self._check_reversed(node) + elif name == 'eval': + self.add_message('eval-used', node=node) if name in self.config.bad_functions: self.add_message('bad-builtin', node=node, args=name) if node.starargs or node.kwargs: diff --git a/test/input/func_eval_used.py b/test/input/func_eval_used.py new file mode 100644 index 0000000..c58b69c --- /dev/null +++ b/test/input/func_eval_used.py @@ -0,0 +1,13 @@ +"""test for eval usage""" + +__revision__ = 0 + +eval('os.listdir(".")') +eval('os.listdir(".")', globals={}) + +eval('os.listdir(".")', globals=globals()) + +def func(): + """ eval in local scope""" + eval('b = 1') + diff --git a/test/messages/func_eval_used.txt b/test/messages/func_eval_used.txt new file mode 100644 index 0000000..1921caf --- /dev/null +++ b/test/messages/func_eval_used.txt @@ -0,0 +1,4 @@ +W: 5: Use of eval. Consider using ast.literal_eval
+W: 6: Use of eval. Consider using ast.literal_eval
+W: 8: Use of eval. Consider using ast.literal_eval
+W: 12:func: Use of eval. Consider using ast.literal_eval
\ No newline at end of file |