This change migrates the testing suite from using ostestr and testr
to using stester. Also cleaned up a missing space from tox.ini.
Change-Id: I886401a1efce6cb617a4db7a90ec9454bbea1d71
When running tox on my Mac, I get many .coverage.* files. Adding
* to the gitignore such as:
.coverage.browne-mbp15.hsd1.ca.comcast.net.46598.238844
Change-Id: Ia3f5dc36f38a3c224a7976874046163be5e78f17
Rather than having separate rst documentation files, this patch auto
generates the docs from the docstrings in the modules. Should
make it easier to maintain.
Also renamed directory docs to doc to be consistent with all other
OpenStack projects.
Change-Id: Iaed77f8358ccb6edaf2627fbabdcc855272b4ea2
The running of `tox -e docs` generates some unwanted changes to be
staged.
The AUTHORS file was deleted since its written output from running
docs generation, so it should be ignored and not in the repo.
Change-Id: I58238fcf1834bf2b82481f42ce0540dcd09b1448
When running `tox -e cover`, a .coverage file is created. This
file should be ignored so it's not checked in.
Change-Id: I5d4041191ba0882233f91c820c65da1460397087
This adds documentation framework for Bandit. To build the new
documentation you can use the new tox target:
tox -e docs
This will spit out various formatted output into the docs/build
folder.
Change-Id: I3497e26052021900ad55ecdd2517198b22e82f0e
Partial-Bug: 1474796
Adds plugin to warn on Mako templates. Since mako does not have template wide
autoescaping (that we can verify is turned on), a developer is responsible to
escape each variable individually in the templates. This is higher than info
because the *only* way to escape is via the variables, but not set to ERROR
because we can't know for sure if any of those variables are used and/or
malicious.
Also add an XSS profile.
Change-Id: I65515f9584d67d8b7b58b71b6ddb447c307675d1
This large change makes bandit into an installable packahge, needed
for tox testing. I have added the tox testing scaffolding but no
real tests, they will come in a later change. I have also disabled
all failing PEP8 test (lots) since I have changed enough stuff for
one patch. I'll start re-enabling and fixing PEP8 stuff soon.
Change-Id: I774ed9149f285e4e2bceacda0484a7e2a934a3aa
Bandit can now check for insecure SSL/TLS versions, bad versions
are defined in the config file. By default:
- SSLv2 is bad
- SSLv23 is bad
- SSLv3 is bad
- TLSv1 is bad
This check works with ssl and pyOpenSSL modules.
A second check will also catch default use of ssl.wrap_socket as
this will use SSLv23 if no option is given. This is an INFO level
check.
Change-Id: I5ff8ea7038eed41b09e4d0ebfcb59bfd7fd4c894