Allow select_autoescape to be an attribute (i.e. jinja2.select_autoes…

…cape)
PyCQA · Mar 25, 2019 · 3572b7d · 3572b7d
1 parent a975e63
commit 3572b7d
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/bandit/plugins/jinja2_templates.py b/bandit/plugins/jinja2_templates.py
@@ -110,6 +110,10 @@ def jinja2_autoescape_false(context):
                         elif isinstance(value, ast.Call) and getattr(
                                 value.func, 'id', None) == 'select_autoescape':
                             return
+                        elif isinstance(value, ast.Call) and getattr(
+                                value.func, 'attr', None) == \
+                                'select_autoescape':
+                            return
                         else:
                             return bandit.Issue(
                                 severity=bandit.HIGH,