ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S2115/python/rule.adoc

99 lines
1.7 KiB
Plaintext
Raw Blame History

== Why is this an issue?
include::../description.adoc[]
=== Noncompliant code example
Flask-SQLAlchemy
[source,python]
----
def configure_app(app):
app.config['SQLALCHEMY_DATABASE_URI'] = "postgresql://user:@domain.com" # Noncompliant
----
Django
[source,python]
----
# settings.py
DATABASES = {
'postgresql_db': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': 'quickdb',
'USER': 'sonarsource',
'PASSWORD': '', # Noncompliant
'HOST': 'localhost',
'PORT': '5432'
}
}
----
mysql/mysql-connector-python
[source,python]
----
from mysql.connector import connection
connection.MySQLConnection(host='localhost', user='sonarsource', password='') # Noncompliant
----
=== Compliant solution
Flask-SQLAlchemy
[source,python]
----
def configure_app(app, pwd):
app.config['SQLALCHEMY_DATABASE_URI'] = f"postgresql://user:{pwd}@domain.com" # Compliant
----
Django
[source,python]
----
# settings.py
import os
DATABASES = {
'postgresql_db': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': 'quickdb',
'USER': 'sonarsource',
'PASSWORD': os.getenv('DB_PASSWORD'), # Compliant
'HOST': 'localhost',
'PORT': '5432'
}
}
----
mysql/mysql-connector-python
[source,python]
----
from mysql.connector import connection
import os
db_password = os.getenv('DB_PASSWORD')
connection.MySQLConnection(host='localhost', user='sonarsource', password=db_password) # Compliant
----
include::../see.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink