c5e2eb9974
allow #nosec in exactly the same place the error was reported rather than at the
beginning of a function call. For example the error is reported on the second
line of:
Popen("foo *",
shell=True)
so #nosec on the same line should be interpreted correctly.
The original behaviour of #nosec at the start of function call is still allowed
for backwards compatibility.
Plugins which check keyword arguments must explicitly pass the line of the
argument to the Issue constructor now.
Closes-bug: 1477739
Change-Id: I71f25e2920e0533649ad8dc65b9883559fc31311
6 lines
257 B
Python
6 lines
257 B
Python
subprocess.Popen('/bin/ls *', shell=True) #nosec (on the line)
|
|
subprocess.Popen('/bin/ls *', #nosec (at the start of function call)
|
|
shell=True)
|
|
subprocess.Popen('/bin/ls *',
|
|
shell=True) #nosec (on the specific kwarg line)
|