YunoHost/package_linter
1
0
Fork 0
mirror of https://github.com/YunoHost/package_linter.git synced 2024-09-03 20:06:12 +02:00
Code Issues Projects Releases Packages Wiki Activity

add line numer and fix a trigger on commented lines

Browse source
This commit is contained in:
OniriCorpe 2024-01-17 23:37:25 +01:00
parent 90ad5247a9
commit 832dc3d55b
1 changed files with 7 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
package_linter.py
View file

@ -1543,18 +1543,17 @@ class Configurations(TestSuite):
yield Warning("Can't open/read %s: %s" % (filename, e)) yield Warning("Can't open/read %s: %s" % (filename, e))
return return
for line in content.split("\n"): for number, line in enumerate(content.split("\n"), 1):
comment = ["#", "//", ";"] comment = ("#", "//", ";")
if ( if (
"0.0.0.0" in line ( "0.0.0.0" in line or "::" in line )
or "::" in line
and not line.strip().startswith(comment) and not line.strip().startswith(comment)
): ):
yield Info( yield Info(
"%s: Binding to '0.0.0.0' or '::' can result in a security issue as " f"{filename}:{number}: Binding to '0.0.0.0' or '::' can result in "
"the SSO can be bypassed by knowing a public IP (typically an IPv6) " "a security issue as the SSO can be bypassed by knowing a public "
"and the app port. Please be sure that this behavior is intentional.\n" "IP (typically an IPv6) and the app port. Please be sure that this "
"Maybe use '127.0.0.1' or '::1' instead." % filename "behavior is intentional. Maybe use '127.0.0.1' or '::1' instead."
) )
############################################# #############################################