ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

build(deps-dev): bump flake8 from 6.0.0 to 6.1.0 (#2651)

Browse Source 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
This commit is contained in:
dependabot[bot]
2023-08-01 10:59:58 +02:00
committed by GitHub
parent 5e773f1eee
commit 26cdc7a0ee
15 changed files with 37 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
poetry.lock generated
View File

@@ -771,19 +771,19 @@ testing = ["pre-commit"]
[[package]] [[package]]
name = "flake8" name = "flake8"
version = "6.0.0" version = "6.1.0"
description = "the modular source code checker: pep8 pyflakes and co" description = "the modular source code checker: pep8 pyflakes and co"
optional = false optional = false
python-versions = ">=3.8.1" python-versions = ">=3.8.1"
files = [ files = [
{file = "flake8-6.0.0-py2.py3-none-any.whl", hash = "sha256:3833794e27ff64ea4e9cf5d410082a8b97ff1a06c16aa3d2027339cd0f1195c7"}, {file = "flake8-6.1.0-py2.py3-none-any.whl", hash = "sha256:ffdfce58ea94c6580c77888a86506937f9a1a227dfcd15f245d694ae20a6b6e5"},
{file = "flake8-6.0.0.tar.gz", hash = "sha256:c61007e76655af75e6785a931f452915b371dc48f56efd765247c8fe68f2b181"}, {file = "flake8-6.1.0.tar.gz", hash = "sha256:d5b3857f07c030bdb5bf41c7f53799571d75c4491748a3adcd47de929e34cd23"},
] ]
[package.dependencies] [package.dependencies]
mccabe = ">=0.7.0,<0.8.0" mccabe = ">=0.7.0,<0.8.0"
pycodestyle = ">=2.10.0,<2.11.0" pycodestyle = ">=2.11.0,<2.12.0"
pyflakes = ">=3.0.0,<3.1.0" pyflakes = ">=3.1.0,<3.2.0"
[[package]] [[package]]
name = "freezegun" name = "freezegun"
@@ -1696,13 +1696,13 @@ pyasn1 = ">=0.4.6,<0.6.0"
[[package]] [[package]]
name = "pycodestyle" name = "pycodestyle"
version = "2.10.0" version = "2.11.0"
description = "Python style guide checker" description = "Python style guide checker"
optional = false optional = false
python-versions = ">=3.6" python-versions = ">=3.8"
files = [ files = [
{file = "pycodestyle-2.10.0-py2.py3-none-any.whl", hash = "sha256:8a4eaf0d0495c7395bdab3589ac2db602797d76207242c17d470186815706610"}, {file = "pycodestyle-2.11.0-py2.py3-none-any.whl", hash = "sha256:5d1013ba8dc7895b548be5afb05740ca82454fd899971563d2ef625d090326f8"},
{file = "pycodestyle-2.10.0.tar.gz", hash = "sha256:347187bdb476329d98f695c213d7295a846d1152ff4fe9bacb8a9590b8ee7053"}, {file = "pycodestyle-2.11.0.tar.gz", hash = "sha256:259bcc17857d8a8b3b4a2327324b79e5f020a13c16074670f9c8c8f872ea76d0"},
] ]
[[package]] [[package]]
@@ -1770,13 +1770,13 @@ email = ["email-validator (>=1.0.3)"]
[[package]] [[package]]
name = "pyflakes" name = "pyflakes"
version = "3.0.1" version = "3.1.0"
description = "passive checker of Python programs" description = "passive checker of Python programs"
optional = false optional = false
python-versions = ">=3.6" python-versions = ">=3.8"
files = [ files = [
{file = "pyflakes-3.0.1-py2.py3-none-any.whl", hash = "sha256:ec55bf7fe21fff7f1ad2f7da62363d749e2a470500eab1b555334b67aa1ef8cf"}, {file = "pyflakes-3.1.0-py2.py3-none-any.whl", hash = "sha256:4132f6d49cb4dae6819e5379898f2b8cce3c5f23994194c24b77d5da2e36f774"},
{file = "pyflakes-3.0.1.tar.gz", hash = "sha256:ec8b276a6b60bd80defed25add7e439881c19e64850afd9b346283d4165fd0fd"}, {file = "pyflakes-3.1.0.tar.gz", hash = "sha256:a0aae034c444db0071aa077972ba4768d40c830d9539fd45bf4cd3f8f6992efc"},
] ]
[[package]] [[package]]
@@ -2876,4 +2876,4 @@ docs = ["mkdocs", "mkdocs-material"]
[metadata] [metadata]
lock-version = "2.0" lock-version = "2.0"
python-versions = "^3.9" python-versions = "^3.9"
content-hash = "0dcd58a094380d0e001a751afd104a543f27cc55c4dbd42db02e120f4da90220" content-hash = "95a3c66d752dc8552a3e2c032545cda76f13f056ff0f0554a8664f20c8da39c4"

6
prowler/lib/outputs/models.py
View File

@@ -184,7 +184,7 @@ def unroll_tags(tags: list):
if tags and tags != [{}] and tags != [None]: if tags and tags != [{}] and tags != [None]:
for item in tags: for item in tags:
# Check if there are tags in list # Check if there are tags in list
if type(item) == dict: if isinstance(item, dict):
for key, value in item.items(): for key, value in item.items():
if not unrolled_items: if not unrolled_items:
# Check the pattern of tags (Key:Value or Key:key/Value:value) # Check the pattern of tags (Key:Value or Key:key/Value:value)
@@ -219,7 +219,7 @@ def unroll_dict(dict: dict):
unrolled_items = "" unrolled_items = ""
separator = "|" separator = "|"
for key, value in dict.items(): for key, value in dict.items():
if type(value) == list: if isinstance(value, list):
value = ", ".join(value) value = ", ".join(value)
if not unrolled_items: if not unrolled_items:
unrolled_items = f"{key}: {value}" unrolled_items = f"{key}: {value}"
@@ -232,7 +232,7 @@ def unroll_dict(dict: dict):
def unroll_dict_to_list(dict: dict): def unroll_dict_to_list(dict: dict):
list = [] list = []
for key, value in dict.items(): for key, value in dict.items():
if type(value) == list: if isinstance(value, list):
value = ", ".join(value) value = ", ".join(value)
list.append(f"{key}: {value}") list.append(f"{key}: {value}")
else: else:

2
prowler/providers/aws/services/iam/iam_aws_attached_policy_no_administrative_privileges/iam_aws_attached_policy_no_administrative_privileges.py
View File

@@ -17,7 +17,7 @@ class iam_aws_attached_policy_no_administrative_privileges(Check):
report.status_extended = f"{policy.type} policy {policy.name} is attached but does not allow '*:*' administrative privileges" report.status_extended = f"{policy.type} policy {policy.name} is attached but does not allow '*:*' administrative privileges"
if policy.document: if policy.document:
# Check the statements, if one includes *:* stop iterating over the rest # Check the statements, if one includes *:* stop iterating over the rest
if type(policy.document["Statement"]) != list: if not isinstance(policy.document["Statement"], list):
policy_statements = [policy.document["Statement"]] policy_statements = [policy.document["Statement"]]
else: else:
policy_statements = policy.document["Statement"] policy_statements = policy.document["Statement"]

2
prowler/providers/aws/services/iam/iam_customer_attached_policy_no_administrative_privileges/iam_customer_attached_policy_no_administrative_privileges.py
View File

@@ -17,7 +17,7 @@ class iam_customer_attached_policy_no_administrative_privileges(Check):
report.status_extended = f"{policy.type} policy {policy.name} is attached but does not allow '*:*' administrative privileges" report.status_extended = f"{policy.type} policy {policy.name} is attached but does not allow '*:*' administrative privileges"
if policy.document: if policy.document:
# Check the statements, if one includes *:* stop iterating over the rest # Check the statements, if one includes *:* stop iterating over the rest
if type(policy.document["Statement"]) != list: if not isinstance(policy.document["Statement"], list):
policy_statements = [policy.document["Statement"]] policy_statements = [policy.document["Statement"]]
else: else:
policy_statements = policy.document["Statement"] policy_statements = policy.document["Statement"]

2
prowler/providers/aws/services/iam/iam_customer_unattached_policy_no_administrative_privileges/iam_customer_unattached_policy_no_administrative_privileges.py
View File

@@ -17,7 +17,7 @@ class iam_customer_unattached_policy_no_administrative_privileges(Check):
report.status_extended = f"{policy.type} policy {policy.name} is unattached and does not allow '*:*' administrative privileges" report.status_extended = f"{policy.type} policy {policy.name} is unattached and does not allow '*:*' administrative privileges"
if policy.document: if policy.document:
# Check the statements, if one includes *:* stop iterating over the rest # Check the statements, if one includes *:* stop iterating over the rest
if type(policy.document["Statement"]) != list: if not isinstance(policy.document["Statement"], list):
policy_statements = [policy.document["Statement"]] policy_statements = [policy.document["Statement"]]
else: else:
policy_statements = policy.document["Statement"] policy_statements = policy.document["Statement"]

4
prowler/providers/aws/services/iam/iam_no_custom_policy_permissive_role_assumption/iam_no_custom_policy_permissive_role_assumption.py
View File

@@ -16,7 +16,7 @@ class iam_no_custom_policy_permissive_role_assumption(Check):
report.status = "PASS" report.status = "PASS"
report.status_extended = f"Custom Policy {policy.name} does not allow permissive STS Role assumption" report.status_extended = f"Custom Policy {policy.name} does not allow permissive STS Role assumption"
if policy.document: if policy.document:
if type(policy.document["Statement"]) != list: if not isinstance(policy.document["Statement"], list):
policy_statements = [policy.document["Statement"]] policy_statements = [policy.document["Statement"]]
else: else:
policy_statements = policy.document["Statement"] policy_statements = policy.document["Statement"]
@@ -27,7 +27,7 @@ class iam_no_custom_policy_permissive_role_assumption(Check):
and "Resource" in statement and "Resource" in statement
and "*" in statement["Resource"] and "*" in statement["Resource"]
): ):
if type(statement["Action"]) == list: if isinstance(statement["Action"], list):
for action in statement["Action"]: for action in statement["Action"]:
if ( if (
action == "sts:AssumeRole" action == "sts:AssumeRole"

2
prowler/providers/aws/services/iam/iam_policy_allows_privilege_escalation/iam_policy_allows_privilege_escalation.py
View File

@@ -76,7 +76,7 @@ class iam_policy_allows_privilege_escalation(Check):
# Recover all policy actions # Recover all policy actions
if policy.document: if policy.document:
if type(policy.document["Statement"]) != list: if not isinstance(policy.document["Statement"], list):
policy_statements = [policy.document["Statement"]] policy_statements = [policy.document["Statement"]]
else: else:
policy_statements = policy.document["Statement"] policy_statements = policy.document["Statement"]

2
prowler/providers/aws/services/iam/iam_policy_no_full_access_to_cloudtrail/iam_policy_no_full_access_to_cloudtrail.py
View File

@@ -18,7 +18,7 @@ class iam_policy_no_full_access_to_cloudtrail(Check):
report.status = "PASS" report.status = "PASS"
report.status_extended = f"Custom Policy {policy.name} does not allow '{critical_service}:*' privileges" report.status_extended = f"Custom Policy {policy.name} does not allow '{critical_service}:*' privileges"
if policy.document: if policy.document:
if type(policy.document["Statement"]) != list: if not isinstance(policy.document["Statement"], list):
policy_statements = [policy.document["Statement"]] policy_statements = [policy.document["Statement"]]
else: else:
policy_statements = policy.document["Statement"] policy_statements = policy.document["Statement"]

2
prowler/providers/aws/services/iam/iam_policy_no_full_access_to_kms/iam_policy_no_full_access_to_kms.py
View File

@@ -18,7 +18,7 @@ class iam_policy_no_full_access_to_kms(Check):
report.status = "PASS" report.status = "PASS"
report.status_extended = f"Custom Policy {policy.name} does not allow '{critical_service}:*' privileges" report.status_extended = f"Custom Policy {policy.name} does not allow '{critical_service}:*' privileges"
if policy.document: if policy.document:
if type(policy.document["Statement"]) != list: if not isinstance(policy.document["Statement"], list):
policy_statements = [policy.document["Statement"]] policy_statements = [policy.document["Statement"]]
else: else:
policy_statements = policy.document["Statement"] policy_statements = policy.document["Statement"]

8
prowler/providers/aws/services/iam/iam_role_cross_account_readonlyaccess_policy/iam_role_cross_account_readonlyaccess_policy.py
View File

@@ -22,14 +22,16 @@ class iam_role_cross_account_readonlyaccess_policy(Check):
if policy["PolicyName"] == "ReadOnlyAccess": if policy["PolicyName"] == "ReadOnlyAccess":
report.status_extended = f"IAM Role {role.name} has read-only access but is not cross account." report.status_extended = f"IAM Role {role.name} has read-only access but is not cross account."
cross_account_access = False cross_account_access = False
if type(role.assume_role_policy["Statement"]) == list: if isinstance(role.assume_role_policy["Statement"], list):
for statement in role.assume_role_policy["Statement"]: for statement in role.assume_role_policy["Statement"]:
if not cross_account_access: if not cross_account_access:
if ( if (
statement["Effect"] == "Allow" statement["Effect"] == "Allow"
and "AWS" in statement["Principal"] and "AWS" in statement["Principal"]
): ):
if type(statement["Principal"]["AWS"]) == list: if isinstance(
statement["Principal"]["AWS"], list
):
for aws_account in statement["Principal"][ for aws_account in statement["Principal"][
"AWS" "AWS"
]: ]:
@@ -55,7 +57,7 @@ class iam_role_cross_account_readonlyaccess_policy(Check):
statement["Effect"] == "Allow" statement["Effect"] == "Allow"
and "AWS" in statement["Principal"] and "AWS" in statement["Principal"]
): ):
if type(statement["Principal"]["AWS"]) == list: if isinstance(statement["Principal"]["AWS"], list):
for aws_account in statement["Principal"]["AWS"]: for aws_account in statement["Principal"]["AWS"]:
if ( if (
iam_client.audited_account iam_client.audited_account

2
prowler/providers/aws/services/iam/iam_service.py
View File

@@ -13,7 +13,7 @@ from prowler.providers.aws.lib.service.service import AWSService
def is_service_role(role): def is_service_role(role):
try: try:
if "Statement" in role["AssumeRolePolicyDocument"]: if "Statement" in role["AssumeRolePolicyDocument"]:
if type(role["AssumeRolePolicyDocument"]["Statement"]) == list: if isinstance(role["AssumeRolePolicyDocument"]["Statement"], list):
for statement in role["AssumeRolePolicyDocument"]["Statement"]: for statement in role["AssumeRolePolicyDocument"]["Statement"]:
if ( if (
statement["Effect"] == "Allow" statement["Effect"] == "Allow"

2
prowler/providers/aws/services/kms/kms_key_not_publicly_accessible/kms_key_not_publicly_accessible.py
View File

@@ -31,7 +31,7 @@ class kms_key_not_publicly_accessible(Check):
elif ( elif (
"Principal" in statement and "AWS" in statement["Principal"] "Principal" in statement and "AWS" in statement["Principal"]
): ):
if type(statement["Principal"]["AWS"]) == str: if isinstance(statement["Principal"]["AWS"], str):
principals = [statement["Principal"]["AWS"]] principals = [statement["Principal"]["AWS"]]
else: else:
principals = statement["Principal"]["AWS"] principals = statement["Principal"]["AWS"]

4
prowler/providers/aws/services/s3/s3_bucket_public_access/s3_bucket_public_access.py
View File

@@ -60,7 +60,9 @@ class s3_bucket_public_access(Check):
and "AWS" in statement["Principal"] and "AWS" in statement["Principal"]
and statement["Effect"] == "Allow" and statement["Effect"] == "Allow"
): ):
if type(statement["Principal"]["AWS"]) == str: if isinstance(
statement["Principal"]["AWS"], str
):
principals = [statement["Principal"]["AWS"]] principals = [statement["Principal"]["AWS"]]
else: else:
principals = statement["Principal"]["AWS"] principals = statement["Principal"]["AWS"]

2
prowler/providers/aws/services/vpc/vpc_endpoint_connections_trust_boundaries/vpc_endpoint_connections_trust_boundaries.py
View File

@@ -24,7 +24,7 @@ class vpc_endpoint_connections_trust_boundaries(Check):
break break
else: else:
if type(statement["Principal"]["AWS"]) == str: if isinstance(statement["Principal"]["AWS"], str):
principals = [statement["Principal"]["AWS"]] principals = [statement["Principal"]["AWS"]]
else: else:
principals = statement["Principal"]["AWS"] principals = statement["Principal"]["AWS"]

2
pyproject.toml
View File

@@ -56,7 +56,7 @@ bandit = "1.7.5"
black = "22.12.0" black = "22.12.0"
coverage = "7.2.7" coverage = "7.2.7"
docker = "6.1.3" docker = "6.1.3"
flake8 = "6.0.0" flake8 = "6.1.0"
freezegun = "1.2.2" freezegun = "1.2.2"
moto = "4.1.14" moto = "4.1.14"
openapi-spec-validator = "0.6.0" openapi-spec-validator = "0.6.0"