Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

B107: Skip None values in hardcoded password detection #1232

Merged
merged 2 commits into from
Feb 10, 2025
Merged

B107: Skip None values in hardcoded password detection #1232

merged 2 commits into from
Feb 10, 2025
+20 −2

Conversation

lukehinds
Copy link
Member

The B107 check was incorrectly flagging None default values as hardcoded passwords in function definitions. This is a false positive since None is a legitimate and commonly used within init initialization

This change modifies the hardcoded_password_default function to:

  • Skip None values in parameter defaults
  • Handle both ast.Constant (Python 3.8+) and ast.NameConstant (Python 3.7-) representations of None
  • Update documentation to clarify None handling behavior

Example of code that no longer triggers B107:
def init(self, auth_scheme, auth_password=None):
pass

Fixes: #1227

@lukehinds
B107: Skip None values in hardcoded password detection

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode
Loading
Loading status checks…
cffe5f8 
The B107 check was incorrectly flagging None default values as hardcoded
passwords in function definitions. This is a false positive since None is a
legitimate and commonly used within __init__ initialization

This change modifies the hardcoded_password_default function to:
- Skip None values in parameter defaults
- Handle both ast.Constant (Python 3.8+) and ast.NameConstant (Python 3.7-)
  representations of None
- Update documentation to clarify None handling behavior

Example of code that no longer triggers B107:
def __init__(self, auth_scheme, auth_password=None):
    pass

Fixes #PyCQA#1227
@pre-commit-ci
[pre-commit.ci] auto fixes from pre-commit.com hooks
Loading
Loading status checks…
0ca5a1b 
for more information, see https://pre-commit.ci
@ericwb ericwb merged commit def123a into PyCQA:main Feb 10, 2025
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sigmavirus24 sigmavirus24

@ericwb ericwb

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

False-positive B107:hardcoded_password_default with None parameter
3 participants
@lukehinds @sigmavirus24 @ericwb