Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Suggest fixes for issues #1001

Draft
wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

Suggest fixes for issues #1001

wants to merge 4 commits into from

Conversation

ericwb
Copy link
Member

@ericwb ericwb commented Mar 19, 2023

This change introduces a new feature that will suggest a fix in the form of a line of code as replacement for the line range of the issue.

This is the first step to have the ability to auto-correct problems detected. Later more changes can be merged to modify the file with the suggested fix.

The Issue class has a new fix string attribute that denotes how the lines of affected code can be replaced. This suggested fix will not preserve code comments and possibly other optimizations the AST does not capture.

Closes #439

@ericwb ericwb marked this pull request as draft March 19, 2023 02:18
@ericwb ericwb mentioned this pull request Mar 19, 2023
@sigmavirus24
Copy link
Member

If we're going to try to parse/unparse AST we should consider using libcst instead

@ericwb
Copy link
Member Author

ericwb commented Apr 7, 2023

If we're going to try to parse/unparse AST we should consider using libcst instead

Yeah, I did consider libcst initially, but thought the changes would be too drastic. There is a lot of existing code assuming the use of the ast module.

What the standard ast lacks is the capturing of comments as nodes. In the example code in this PR, I have a workaround to ensure comments are preserved.

@ericwb ericwb force-pushed the suggest_fix branch 3 times, most recently from 7947171 to f4d5535 Compare October 1, 2024 22:33
ericwb and others added 2 commits October 1, 2024 15:51
Unlike python-requests, the httpx client has a default
timeout of 5 seconds on its class and functions. As such,
there is no need for Bandit to check for an undefined
timeout. However, explicitly setting the timeout to None
is still a potential problem as that would create a
situtation where the client would block forever.

Fixes: PyCQA#1175

Signed-off-by: Eric Brown <[email protected]>
This change introduces a new feature that will suggest a fix in
the form of a line of code as replacement for the line range of
the issue.

This is the first step to have the ability to auto-correct problems
detected. Later more changes can be merged to modify the file with
the suggested fix.

The Issue class has a new fix string attribute that denotes how
the lines of affected code can be replaced. This suggested fix
will not preserve code comments and possibly other optimizations
the AST does not capture.

Closes PyCQA#439

Signed-off-by: Eric Brown <[email protected]>
Signed-off-by: Eric Brown <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add an auto-fix or auto-correct feature
2 participants