modmail-dev
diff --git a/Diff for: ‎.bandit_baseline.json
+104-66 b/Diff for: ‎.bandit_baseline.json
+104-66
diff --git a/Diff for: ‎.github/workflows/lints.yml
+4-4 b/Diff for: ‎.github/workflows/lints.yml
+4-4
@@ -1,32 +1,20 @@
 {
   "errors": [],
-  "generated_at": "2019-10-07T08:19:22Z",
+  "generated_at": "2020-11-12T15:17:38Z",
   "metrics": {
     "./bot.py": {
-      "CONFIDENCE.HIGH": 0.0,
+      "CONFIDENCE.HIGH": 1.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
       "CONFIDENCE.UNDEFINED": 0.0,
       "SEVERITY.HIGH": 0.0,
-      "SEVERITY.LOW": 0.0,
+      "SEVERITY.LOW": 1.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 933,
-      "nosec": 0
-    },
-    "_totals": {
-      "CONFIDENCE.HIGH": 2.0,
-      "CONFIDENCE.LOW": 0.0,
-      "CONFIDENCE.MEDIUM": 1.0,
-      "CONFIDENCE.UNDEFINED": 0.0,
-      "SEVERITY.HIGH": 0.0,
-      "SEVERITY.LOW": 2.0,
-      "SEVERITY.MEDIUM": 1.0,
-      "SEVERITY.UNDEFINED": 0.0,
-      "loc": 7299,
+      "loc": 1264,
       "nosec": 0
     },
-    "cogs/modmail.py": {
+    "./cogs/modmail.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -35,10 +23,10 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 973,
+      "loc": 1280,
       "nosec": 0
     },
-    "cogs/plugins.py": {
+    "./cogs/plugins.py": {
       "CONFIDENCE.HIGH": 1.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -47,22 +35,22 @@
       "SEVERITY.LOW": 1.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 537,
+      "loc": 572,
       "nosec": 0
     },
-    "cogs/utility.py": {
-      "CONFIDENCE.HIGH": 1.0,
+    "./cogs/utility.py": {
+      "CONFIDENCE.HIGH": 2.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
       "CONFIDENCE.UNDEFINED": 0.0,
       "SEVERITY.HIGH": 0.0,
-      "SEVERITY.LOW": 0.0,
+      "SEVERITY.LOW": 1.0,
       "SEVERITY.MEDIUM": 1.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 1587,
+      "loc": 1710,
       "nosec": 0
     },
-    "core/_color_data.py": {
+    "./core/_color_data.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -71,10 +59,10 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 1168,
+      "loc": 1166,
       "nosec": 0
     },
-    "core/changelog.py": {
+    "./core/changelog.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -83,10 +71,10 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 154,
+      "loc": 145,
       "nosec": 0
     },
-    "core/checks.py": {
+    "./core/checks.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -95,10 +83,22 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 75,
+      "loc": 89,
+      "nosec": 0
+    },
+    "./core/clients.py": {
+      "CONFIDENCE.HIGH": 0.0,
+      "CONFIDENCE.LOW": 0.0,
+      "CONFIDENCE.MEDIUM": 1.0,
+      "CONFIDENCE.UNDEFINED": 0.0,
+      "SEVERITY.HIGH": 0.0,
+      "SEVERITY.LOW": 1.0,
+      "SEVERITY.MEDIUM": 0.0,
+      "SEVERITY.UNDEFINED": 0.0,
+      "loc": 585,
       "nosec": 0
     },
-    "core/clients.py": {
+    "./core/config.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -107,10 +107,10 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 200,
+      "loc": 327,
       "nosec": 0
     },
-    "core/config.py": {
+    "./core/decorators.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -119,10 +119,10 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 276,
+      "loc": 9,
       "nosec": 0
     },
-    "core/decorators.py": {
+    "./core/models.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -131,10 +131,10 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 7,
+      "loc": 199,
       "nosec": 0
     },
-    "core/models.py": {
+    "./core/paginator.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -143,10 +143,10 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 91,
+      "loc": 209,
       "nosec": 0
     },
-    "core/paginator.py": {
+    "./core/thread.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -155,10 +155,10 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 214,
+      "loc": 993,
       "nosec": 0
     },
-    "core/thread.py": {
+    "./core/time.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -167,10 +167,10 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 716,
+      "loc": 158,
       "nosec": 0
     },
-    "core/time.py": {
+    "./core/utils.py": {
       "CONFIDENCE.HIGH": 0.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 0.0,
@@ -179,65 +179,103 @@
       "SEVERITY.LOW": 0.0,
       "SEVERITY.MEDIUM": 0.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 169,
+      "loc": 283,
       "nosec": 0
     },
-    "core/utils.py": {
-      "CONFIDENCE.HIGH": 0.0,
+    "_totals": {
+      "CONFIDENCE.HIGH": 4.0,
       "CONFIDENCE.LOW": 0.0,
       "CONFIDENCE.MEDIUM": 1.0,
       "CONFIDENCE.UNDEFINED": 0.0,
       "SEVERITY.HIGH": 0.0,
-      "SEVERITY.LOW": 1.0,
-      "SEVERITY.MEDIUM": 0.0,
+      "SEVERITY.LOW": 4.0,
+      "SEVERITY.MEDIUM": 1.0,
       "SEVERITY.UNDEFINED": 0.0,
-      "loc": 199,
+      "loc": 8989,
       "nosec": 0
     }
   },
   "results": [
     {
-      "code": "14 from site import USER_SITE\n15 from subprocess import PIPE\n16 \n17 import discord\n",
-      "filename": "cogs/plugins.py",
+      "code": "11 from datetime import datetime\n12 from subprocess import PIPE\n13 from types import SimpleNamespace\n",
+      "filename": "./bot.py",
+      "issue_confidence": "HIGH",
+      "issue_severity": "LOW",
+      "issue_text": "Consider possible security implications associated with PIPE module.",
+      "line_number": 12,
+      "line_range": [
+        12
+      ],
+      "more_info": "https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess",
+      "test_id": "B404",
+      "test_name": "blacklist"
+    },
+    {
+      "code": "13 from site import USER_SITE\n14 from subprocess import PIPE\n15 \n16 import discord\n",
+      "filename": "./cogs/plugins.py",
+      "issue_confidence": "HIGH",
+      "issue_severity": "LOW",
+      "issue_text": "Consider possible security implications associated with PIPE module.",
+      "line_number": 14,
+      "line_range": [
+        14,
+        15
+      ],
+      "more_info": "https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess",
+      "test_id": "B404",
+      "test_name": "blacklist"
+    },
+    {
+      "code": "12 from json import JSONDecodeError, loads\n13 from subprocess import PIPE\n14 from textwrap import indent\n",
+      "filename": "./cogs/utility.py",
       "issue_confidence": "HIGH",
       "issue_severity": "LOW",
       "issue_text": "Consider possible security implications associated with PIPE module.",
-      "line_number": 15,
+      "line_number": 13,
       "line_range": [
-        15,
-        16
+        13
       ],
       "more_info": "https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess",
       "test_id": "B404",
       "test_name": "blacklist"
     },
     {
-      "code": "1824         try:\n1825             exec(to_compile, env)  # pylint: disable=exec-used\n1826         except Exception as exc:\n",
-      "filename": "cogs/utility.py",
+      "code": "1985         try:\n1986             exec(to_compile, env)  # pylint: disable=exec-used\n1987         except Exception as exc:\n",
+      "filename": "./cogs/utility.py",
       "issue_confidence": "HIGH",
       "issue_severity": "MEDIUM",
       "issue_text": "Use of exec detected.",
-      "line_number": 1825,
+      "line_number": 1986,
       "line_range": [
-        1825
+        1986
       ],
       "more_info": "https://bandit.readthedocs.io/en/latest/plugins/b102_exec_used.html",
       "test_id": "B102",
       "test_name": "exec_used"
     },
     {
-      "code": "219         for token in shlex.shlex(alias, punctuation_chars=\"&\"):\n220             if token != \"&&\":\n221                 buffer += \" \" + token\n",
-      "filename": "core/utils.py",
+      "code": "68 \n69     def __init__(self, bot, access_token: str = \"\", username: str = \"\", **kwargs):\n70         self.bot = bot\n71         self.session = bot.session\n72         self.headers: dict = None\n73         self.access_token = access_token\n74         self.username = username\n75         self.avatar_url: str = kwargs.pop(\"avatar_url\", \"\")\n76         self.url: str = kwargs.pop(\"url\", \"\")\n77         if self.access_token:\n78             self.headers = {\"Authorization\": \"token \" + str(access_token)}\n79 \n80     async def request(\n",
+      "filename": "./core/clients.py",
       "issue_confidence": "MEDIUM",
       "issue_severity": "LOW",
-      "issue_text": "Possible hardcoded password: '&&'",
-      "line_number": 220,
+      "issue_text": "Possible hardcoded password: ''",
+      "line_number": 69,
       "line_range": [
-        220
+        69,
+        70,
+        71,
+        72,
+        73,
+        74,
+        75,
+        76,
+        77,
+        78,
+        79
       ],
-      "more_info": "https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html",
-      "test_id": "B105",
-      "test_name": "hardcoded_password_string"
+      "more_info": "https://bandit.readthedocs.io/en/latest/plugins/b107_hardcoded_password_default.html",
+      "test_id": "B107",
+      "test_name": "hardcoded_password_default"
     }
   ]
 }
@@ -22,13 +22,13 @@ jobs:
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip
-        python -m pip install bandit pylint black
+        python -m pip install bandit==1.6.2 pylint black==19.10b0
       continue-on-error: true
     - name: Bandit syntax check
-      run: bandit ./bot.py cogs/*.py core/*.py -b .bandit_baseline.json
+      run: bandit -r . -b .bandit_baseline.json
     - name: Pylint
       run: pylint ./bot.py cogs/*.py core/*.py --disable=import-error  --exit-zero -r y
       continue-on-error: true
-    - name: Black and flake8
+    - name: Black
       run: |
-        black . --diff
+        black . --diff --check