0.1.4

What's Changed

• Remap the rule ID numbers by @ericwb in #92
• Add sphinx docs for stdlib rules by @ericwb in #93
• Add a docs Github action workflow by @ericwb in #94
• Add ability to enable or disable rules by @ericwb in #95
• Add kind property to result by @ericwb in #96
• Nit: make location optional in result by @ericwb in #97
• Add framework for Suppressions by @ericwb in #98
• Creation of Call and Argument classes by @ericwb in #99
• Fixes for new Call class by @ericwb in #100
• Some nit change by @ericwb in #101
• Add testing for crypt rule by @ericwb in #102
• Add testing for hashlib rule by @ericwb in #103
• Add testing for hmac rule by @ericwb in #104
• Hmac allows hashlib hashes as digest by @ericwb in #105
• Add json.load testing by @ericwb in #106
• Add testing of marshal.load rule by @ericwb in #107
• Add shelve rule testing by @ericwb in #108
• Add testing for rule pickle by @ericwb in #109
• Add support of assignments via walrus operator by @ericwb in #110
• Avoid double visit in edge case by @ericwb in #111
• Add rule for HMAC timing attack by @ericwb in #112
• Highlight the operator instead of digest by @ericwb in #113
• Some comparison code cleanup by @ericwb in #114
• SSHClient can be imported from paramiko by @ericwb in #115
• Add metrics summary to the output by @ericwb in #116

Full Changelog: 0.1.3...0.1.4

0.1.3

What's Changed

• Update upload-asset.yml by @ericwb in #91

Full Changelog: 0.1.2...0.1.3

0.1.2

What's Changed

• Update upload-asset.yml by @ericwb in #90

Full Changelog: 0.1.1...0.1.2

0.1.1

What's Changed

• Add names to each symbol table by @ericwb in #88
• Create upload-asset.yml by @ericwb in #89

Full Changelog: 0.1.0...0.1.1

0.1.0

What's Changed

• Initial drop of minimal working CLI by @ericwb in #1
• Second drop demonstrating parser and rule loading by @ericwb in #2
• Clean up based on pylint and format checking by @ericwb in #3
• Make use of importlib instead of pbr by @ericwb in #4
• Use abstract base class for parsers by @ericwb in #5
• Parser handling of import and import from statements by @ericwb in #6
• Early drop of handling call nodes by @ericwb in #7
• Big drop including mechanics of rules by @ericwb in #8
• Rename of the rule and parser base classes by @ericwb in #9
• Drop of working code for rules to match calls by @ericwb in #10
• First working complete Rule by @ericwb in #11
• Add template and workflows to the repository by @ericwb in #12
• Update unit-test.yml by @ericwb in #14
• Fix pep8 errors by @ericwb in #13
• Delete dependency-review.yml by @ericwb in #15
• Update README.md by @ericwb in #16
• Handle more types of nodes and kwargs by @ericwb in #17
• Support tox4 by @ericwb in #18
• More rules around deserialize by @ericwb in #19
• Use the function call qualified name in message by @ericwb in #20
• Simplify rule impl with less code by @ericwb in #21
• Render the result to the command line by @ericwb in #22
• Fix resolving fully qualified attributes by @ericwb in #23
• Convert node bytes to str by @ericwb in #24
• A fix for numerous things by @ericwb in #25
• Remove redundant pip installs by @ericwb in #26
• Add more weak hash checks by @ericwb in #27
• Add cryptography weak hashes check by @ericwb in #28
• Add check for hmac weak hashes by @ericwb in #29
• Set the rule ID in the setup.cfg by @ericwb in #30
• Fix up the match call functions by @ericwb in #31
• Add testcase of an import within a function by @ericwb in #32
• Resolving qualified names is now scope aware by @ericwb in #33
• Some minor cleanup fixes by @ericwb in #34
• Some more refactoring for simplicity by @ericwb in #35
• Create examples in test directory by @ericwb in #36
• Rename rule variable cwe to cwe_id by @ericwb in #37
• Remove official macOS support for now by @ericwb in #38
• Add some more example tests by @ericwb in #39
• Test and fix for wildcard imports by @ericwb in #40
• Early implementation of symbol table by @ericwb in #41
• Redo symbol table to more polished solution by @ericwb in #42
• Upper case the rule IDs by @ericwb in #43
• Rename lang to stdlib by @ericwb in #44
• Drop with modified tests by @ericwb in #45
• Refactor the python parser by @ericwb in #46
• Some more small refactoring by @ericwb in #47
• More various clean up by @ericwb in #48
• Handle multiple files for directories by @ericwb in #49
• Adds a recursive option to CLI by @ericwb in #50
• Fix errors when running against a lot of code by @ericwb in #51
• Slight refactor by @ericwb in #52
• Add more docstrings by @ericwb in #53
• Different levels of severity depending on policy by @ericwb in #54
• Add rule for _create_unverified_context by @ericwb in #55
• Add ssl insecure version rule by @ericwb in #56
• More TLS version testing by @ericwb in #57
• Add rule for pyopenssl insecure methods by @ericwb in #58
• Add wildcard imports to pyopenssl by @ericwb in #59
• Add rule for requests no cert verify by @ericwb in #60
• Add rule for httpx no cert verify by @ericwb in #61
• Add support for context managers by @ericwb in #62
• Fix for traceback on with statement by @ericwb in #63
• Add rule for logging.config.listen by @ericwb in #64
• Fix some nits related to logging rule by @ericwb in #65
• Handle variable arguments with value None by @ericwb in #66
• Add test to requests rule verify-as-var by @ericwb in #67
• Nit: remove setting None in call context by @ericwb in #68
• Initial drop implementing suggested fixes by @ericwb in #69
• Prototype parse and unparse imports by @ericwb in #70
• Fix no_host_key and other nits by @ericwb in #71
• Add some initial output renderers by @ericwb in #72
• Add no-color option to CLI args by @ericwb in #73
• Add logger init code by @ericwb in #74
• Show better context of offending code by @ericwb in #75
• New version of suggested fixes by @ericwb in #76
• Use symbol class instead of tuple by @ericwb in #77
• More suggested fixes for rules by @ericwb in #78
• Add fixes and tests for ftplib by @ericwb in #79
• More detailed ftp rule and tests by @ericwb in #80
• Better handling of context, nodes and such by @ericwb in #81
• More extensive refactoring by @ericwb in #82
• Fix the suggested fix output by @ericwb in #83
• Add fixes for httpx by @ericwb in #84
• Remove unused args argument in analyze by @ericwb in #85
• Fix some of the todos in ftp and tls rules by @ericwb in #86
• Cleanup various rules by @ericwb in #87

New Contributors

• @ericwb made their first contribution in #1

Full Changelog: https://github.com/securesauce/precli/commits/0.1.0