diff --git a/ChangeLog b/ChangeLog index c693e22152a..bba04a46b29 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,15 @@ Release date: TBA Close #2874 +* Do not allow ``python -m pylint ...`` to import user code + + ``python -m pylint ...`` adds the current working directory as the first element + of ``sys.path``. This opens up a potential security hole where ``pylint`` will import + user level code as long as that code resides in modules having the same name as stdlib + or pylint's own modules. + + Close #3386 + * Add `dummy-variables-rgx` option for `_redeclared-assigned-name` check. Close #3341 @@ -21,8 +30,6 @@ Release date: TBA Close #3284 -* Clean up plugin HOWTO documentation. - * `not in` is considered iterating context for some of the Python 3 porting checkers. * A new check `inconsistent-quotes` was added. @@ -128,7 +135,6 @@ Release date: TBA * ``inspect.getargvalues`` is no longer marked as deprecated. - * A new check ``f-string-without-interpolation`` was added Close #3190 @@ -138,14 +144,14 @@ Release date: TBA Close #3183 * ``docparams`` extension supports multiple types in raises sections. + Multiple types can also be separated by commas in all valid sections. Closes #2729 * Allow parallel linting when run under Prospector -* Fixed false positives of ``method-hidden`` when a subclass defines - the method that is being hidden. +* Fixed false positives of ``method-hidden`` when a subclass defines the method that is being hidden. Closes #414 @@ -155,10 +161,6 @@ Release date: TBA Closes #2956 -* Fixes a typo in tests/functional/t/ternary.py - - Closes #3237 - * Pass the actual PyLinter object to sub processes to allow using custom PyLinter classes. @@ -176,12 +178,6 @@ Release date: TBA Pylint no longer outputs a traceback, if a file, read from stdin, contains a syntaxerror. -* Clean up .travis.yml - - Use up to date version of python interpreters - -* Use new release of black 19.10b0 for formating - * Fix uppercase style to disallow 3+ uppercase followed by lowercase. * Fixed ``undefined-variable`` and ``unused-import`` false positives diff --git a/doc/whatsnew/2.5.rst b/doc/whatsnew/2.5.rst index 0dc043247d4..2cb4216fef3 100644 --- a/doc/whatsnew/2.5.rst +++ b/doc/whatsnew/2.5.rst @@ -83,4 +83,4 @@ separated list of regexes, that if a name matches will be always marked as a bla * Add a new check (non-str-assignment-to-dunder-name) to ensure that only strings are assigned to ``__name__`` attributes -* Add a new option ``notes-rgx`` to make fixme warnings more flexible +* Add a new option ``notes-rgx`` to make fixme warnings more flexible. Now either ``notes`` or ``notes-rgx`` option can be used to detect fixme warnings. diff --git a/pylint/checkers/misc.py b/pylint/checkers/misc.py index 9cbef1bc577..01947b3aafd 100644 --- a/pylint/checkers/misc.py +++ b/pylint/checkers/misc.py @@ -99,7 +99,6 @@ class EncodingChecker(BaseChecker): { "type": "string", "metavar": "", - "default": ("a^"), "help": "Regular expression of note tags to take in consideration.", }, ), @@ -109,9 +108,12 @@ def open(self): super().open() notes = "|".join(map(re.escape, self.config.notes)) - self._fixme_pattern = re.compile( - r"#\s*(%s|%s)\b" % (notes, self.config.notes_rgx), re.I - ) + if self.config.notes_rgx: + regex_string = r"#\s*(%s|%s)\b" % (notes, self.config.notes_rgx) + else: + regex_string = r"#\s*(%s)\b" % (notes) + + self._fixme_pattern = re.compile(regex_string, re.I) def _check_encoding(self, lineno, line, file_encoding): try: diff --git a/pylintrc b/pylintrc index 4b318ffcdeb..c75c3fa02dc 100644 --- a/pylintrc +++ b/pylintrc @@ -103,8 +103,6 @@ logging-modules=logging # List of note tags to take in consideration, separated by a comma. notes=FIXME,XXX,TODO -# Regular expression of note tags to take in consideration. -notes-rgx=a^ [SIMILARITIES]