>/i/2SSKrSSKrSSKrSSKrSSKr\R"\ 5r Sr Sr Sr SrSr"SS\5r"S S \5r"S S \5r\S SS 4SjrSrSrSrSrSrSrSSjrSrSrSrSr Sr!g!\a SSKrNf=f)Nc4[U[R5(a*URU;aXR$UR$[U[R5(a0[ UR U5SUR3nX!;aX$U$g)a]Get a the full name for the attribute node. This will resolve a pseudo-qualified name for the attribute rooted at node as long as all the deeper nodes are Names or Attributes. This will give you how the code referenced the name but will not tell you what the name actually refers to. If we encounter a node without a static name we punt with an empty string. If this encounters something more complex, such as foo.mylist[0](a,b) we just return empty string. :param node: AST Name or Attribute node :param aliases: Import aliases dictionary :returns: Qualified name referred to by the attribute or name. .) isinstanceastNameid Attribute_get_attr_qual_namevalueattr)nodealiasesnames K/home/james-whalen/.local/lib/python3.13/site-packages/bandit/core/utils.pyr r s}$!! 77g 77# #ww D#-- ( (%djj':;1TYYKH ?=  c*[UR[R5(a+[ US5U;aU[ US5$[ US5$[UR[R 5(a[ URU5$g)Nzfunc.idr)rfuncrr deepgetattrr r )rrs r get_call_namer1sn$))SXX&& tY '7 2;tY78 84++ DIIs}} - -"499g66rcUR$N)r)rs r get_func_namer<s 99rc[U[R5(a5[US5nX!;aXnO [US5nUSUR 3$g![a SnN f=f)Nzvalue.idrr)rrr r Exceptionr )rrvalprefixs r get_qual_attrr@sn$ && dJ/C~ $T:6 499+&& F sA A A%$A%cLURS5Hn[X5nM U$)z>Recurses through an attribute chain to get the ultimate value.r)splitgetattr)objr keys rrrRs#zz#c Jrc\rSrSrSrg)InvalidModulePathYN)__name__ __module__ __qualname____firstlineno____static_attributes__r'rrr%r%Ysrr%c,^\rSrSrSrU4SjrSrU=r$) ConfigError]z-Raised when the config file fails validation.c\>X lUSU3Ul[TU] UR5 g)Nz : ) config_filemessagesuper__init__)selfr2r1 __class__s rr4ConfigError.__init__`s,&%c'3  &r)r1r2r(r)r*r+__doc__r4r, __classcell__r6s@rr.r.]s7''rr.c,^\rSrSrSrU4SjrSrU=r$)ProfileNotFoundfz+Raised when chosen profile cannot be found.c>XlX lSRURUR5n[TU]U5 g)Nz.Unable to find profile ({}) in config file: {})r1profileformatr3r4)r5r1r@r2r6s rr4ProfileNotFound.__init__is=& BII LL     !r)r1r@r8r;s@rr=r=fs5""rr=rc US3$)z8Monkey patch for warnings.warn to suppress cruft output. r')r2categoryfilenamelinenolines rwarnings_formatterrJssYb>rc[RRU5upUS:XdUS:Xa[SUS35e[RR U5S/nUS;a[RR [RR US55(a4[RRU5upURSU5 OOUS;aMSR U5nU$)alGet the module's qualified name by analysis of the path. Resolve the absolute pathname and eliminate symlinks. This could result in an incorrect name if symlinks are used to restructure the python lib directory. Starting from the right-most directory component look for __init__.py in the directory component. If it exists then the directory name is part of the module name. Move left to the subsequent directory components until a directory is found without __init__.py. :param: Path to module file. Relative paths will be resolved relative to current working directory. :return: fully qualified module name rzInvalid python file path: "z" Missing path or file namer)/rrz __init__.pyr)ospathr r%splitextisfilejoininsert)rNheadtailqnamequalnames rget_module_qualname_from_pathrWzs"77==< rzTRZ)$/J K  WW  d #A & 'E n $ 77>>"'',,t]; < <77==.LT LLD !  n $xxH OrcUSU3$)aExtend the current namespace path with an additional name Take a namespace path (i.e., package.module.class) and extends it with an additional name (i.e., package.module.class.subclass). This is similar to how os.path.join works. :param base: (String) The base namespace path. :param name: (String) The new name to append to the base path. :returns: (String) A new namespace path resulting from combination of base and name. rr')basers rnamespace_path_joinrZsV1TF rc8[URSS55$)amSplit the namespace path into a pair (head, tail). Tail will be the last namespace path component and head will be everything leading up to that in the path. This is similar to os.path.split. :param path: (String) A namespace path. :returns: (String, String) A tuple where the first component is the base path and the second is the last path component. r)tuplersplit)rNs rnamespace_path_splitr_s S!$ %%rcBURS5RS5$)aCPY3 bytes need escaping for comparison with other strings. In practice it turns control characters into acceptable codepoints then encodes them into bytes again to turn unprintable bytes into printable escape sequences. This is safe to do for the whole range 0..255 and result matches unicode_escape on a unicode string. unicode_escape)decodeencode)bs rescaped_bytes_representationres  88$ % , ,-= >>rc4[US5(a UR$SnSn[US5(aURnURn[R"U5H*n[ U5n[ XS5n[X$S5nM, X4UlX4$)zCalculate linerange for subtree_bandit_linerangec( rCrHrr\)hasattrrgrHriter_child_nodescalc_linerangeminmax)r lines_min lines_maxn lines_minmaxs rrkrkst())%%%IItXKK KK  ! !$ '%a(  ?3  ?3 ( (3D  !!rc[US5(a,[[URURS-55$[US5(a*UR n[[USUSS-55$SSSSS.nUR 5H.n[X5(dM[X5X#'[X/5 M0 SnSn[US5(aURnURn[R"U5H*n[U5n[XAS5n[XQS5nM, UR 5HnX#cM [XX#5 M US:XaSnSnXE4Ul[[XES-55n[US 5(am[URS5(aR[U5nURRU- n U S:a([[XRR55$U$) z"Get line number range from a node.rHr\_bandit_linerange_strippedrN)bodyorelsehandlers finalbodyrhrC_bandit_sibling)rilistrangerH end_linenorskeysr!setattrrrjrkrlrmrx) rrqstripr#rnrorplinesstartdeltas r linerangerstXE$++t':;<< 45 6 6::Ll1o|A/BCD D   ::X:waUR[UR[R5(aT"URX5O UR5 UR[UR [R5(aT"UR X5O UR 5 ggr)appendrleftrBinOpright)rbitsstop_gets rrconcat_string.._gets < KKdii33TYY+YY  KKdjj#))44TZZ,ZZ  r r)r_bandit_parentrrrQConstantr str)rrrxrs @r concat_stringrs  6D T((#)) 4 4"" T((#)) 4 4$ "" T   Aa.3=aggs3K     s%#D D -D cURn[U[R5(a UR$UR $![ a gf=f)a@Get a function name from an ast.Call node. An ast.Call node representing a method call with present differently to one wrapping a function call: thing.call() vs call(). This helper will grab the unqualified call name correctly in either case. :param node: (ast.Call) the call node :returns: (String) the function name r)rrrr r r AttributeError)rrs rget_called_namer;sG 99D&tS]];;tyyHH s*A A AAcJ[US5(a URnO?[US5(aURRnO[R SU5 g[ R Un[US5(a UR$[R SU5 g)zGet the path of the file where the function is defined. :returns: the path, or None if one could not be found or f is not a real function r)im_funcz'Cannot resolve file where %s is definedN__file__z&Cannot resolve file path for module %s)rir)rLOGwarningsysmodulesr)f module_namemodules rget_path_for_functionrLsq,ll I  ii**  =qA [[ %Fvz"" rs   (! 8$  ')' "i ""Br F  & ?"(3l'T". F.{ ('(sB BB