Skip to content

[flake8-bandit] flag S501 with requests.request#23873

Merged
amyreese merged 1 commit intoastral-sh:mainfrom
getehen:fix/S501-not-raised-in
Mar 11, 2026
Merged

[flake8-bandit] flag S501 with requests.request#23873
amyreese merged 1 commit intoastral-sh:mainfrom
getehen:fix/S501-not-raised-in

Conversation

@getehen
Copy link
Copy Markdown
Contributor

@getehen getehen commented Mar 10, 2026

Fix 23735: S501 not raised when calling requests.request (instead of requests.get, requests.post, ...)

Changes

Very minimal changes.
Just added "request" in the field of possible function call in the requests module.

Test plan

Tests were updated, I added calls with requests.request and verify = false / verify = true, according to the previous tests.

@getehen
[ruff] fix S501 not raised with requests.request
d0efe5f 
Just added "request" in the field of possible function call in the
requests module

Added some tests also. They shift the results a bit, so the snapshot
looks like it changed a lot but actually it mostly just line numbers
@astral-sh-bot astral-sh-bot bot requested a review from amyreese March 10, 2026 15:41
@astral-sh-bot
Copy link
Copy Markdown

astral-sh-bot bot commented Mar 10, 2026

ruff-ecosystem results

Linter (stable)

ℹ️ ecosystem check detected linter changes. (+1 -0 violations, +0 -0 fixes in 1 projects; 55 projects unchanged)

indico/indico (+1 -0 violations, +0 -0 fixes) 

+ bin/utils/apiProxy.py:46:78: S501 Probable use of `requests` call with `verify=False` disabling SSL certificate checks

Changes by rule (1 rules affected)

code total + violation - violation + fix - fix
S501 1 1 0 0 0

Linter (preview)

ℹ️ ecosystem check detected linter changes. (+1 -0 violations, +0 -0 fixes in 1 projects; 55 projects unchanged)

indico/indico (+1 -0 violations, +0 -0 fixes) 

ruff check --no-cache --exit-zero --no-fix --output-format concise --preview

+ bin/utils/apiProxy.py:46:78: S501 Probable use of `requests` call with `verify=False` disabling SSL certificate checks

Changes by rule (1 rules affected)

code total + violation - violation + fix - fix
S501 1 1 0 0 0

@amyreese amyreese added the rule Implementing or modifying a lint rule label Mar 11, 2026
@amyreese
Copy link
Copy Markdown
Member

amyreese commented Mar 11, 2026

@ntBre do you think this needs to be preview gated? there's only one ecosystem report, so I personally wouldn't be worried about it, but wanted to check with you.

@ntBre
Copy link
Copy Markdown
Contributor

ntBre commented Mar 11, 2026

I was wondering about that myself. I think it's probably okay without preview. It feels reasonably like a bug fix since it's well within the spirit of the rule and seems like just an oversight.

@amyreese amyreese changed the title [flake8_bandint] fix S501 not raised with requests.request [flake8-bandit] flag S501 with requests.request Mar 11, 2026
@amyreese amyreese merged commit 3f57886 into astral-sh:main Mar 11, 2026
44 checks passed
@BrewTestBot BrewTestBot mentioned this pull request Mar 12, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amyreese amyreese amyreese approved these changes

Assignees

@amyreese amyreese

Labels

rule Implementing or modifying a lint rule

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

S501 (request-with-no-cert-validation) does not flag requests.request() with verify=False

3 participants

@getehen @amyreese @ntBre