You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* Support of Python 3.14
This is a re-opening of PR #1189 and revert of revert #1217.
PR #1189 caused issue #1216 which must be fixed as part of
this PR.
This change starts testing against Python 3.14 now that is has
been officially released.
Python 3.14 has dropped the deprecated use of ast.Bytes,
ast.Ellipsis, ast.NameConstant, ast.Num, ast.Str. They are
replaced with ast.Constant and Node.value is used to get the
value instead of the previous attributes like Node.s.
https://docs.python.org/3.14/whatsnew/3.14.html#id2
This also has the potential to break 3rd party plugins that
were checking on Str or Num, etc. As a result, Bandit keeps
the validity of checking on those non-existent ast types.
These changes did break a quite a few plugins that were
directly accessing ast classes to determine a result, but
were fixed as part of this PR.
Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
* Add 3.14 classifier
Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
* Add test case
Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
* Check if value.value is str
Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
* Incorrect comment
Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
* Fix up injection_sql.py
Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
* More checking on Constant.value
Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
* Final Constant value checks
Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
---------
Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
0 commit comments