B107: Skip None values in hardcoded password detection #1232
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The B107 check was incorrectly flagging None default values as hardcoded
passwords in function definitions. This is a false positive since None is a
legitimate and commonly used within __init__ initialization
This change modifies the hardcoded_password_default function to:
- Skip None values in parameter defaults
- Handle both ast.Constant (Python 3.8+) and ast.NameConstant (Python 3.7-)
representations of None
- Update documentation to clarify None handling behavior
Example of code that no longer triggers B107:
def __init__(self, auth_scheme, auth_password=None):
pass
Fixes #PyCQA#1227
for more information, see https://pre-commit.ci
sigmavirus24
approved these changes
Feb 10, 2025
ericwb
approved these changes
Feb 10, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The B107 check was incorrectly flagging None default values as hardcoded passwords in function definitions. This is a false positive since None is a legitimate and commonly used within init initialization
This change modifies the hardcoded_password_default function to:
Example of code that no longer triggers B107:
def init(self, auth_scheme, auth_password=None):
pass
Fixes: #1227