Remove lxml from DUO107

defusedxml.lxml [was only ever an example](https://github.com/tiran/defusedxml#defusedxmllxml) and tiran/defusedxml#38.
dlint-py · May 18, 2022 · 4af3486 · 4af3486
1 parent ce0b19c
commit 4af3486
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 18 deletions.
diff --git a/dlint/linters/bad_xml_use.py b/dlint/linters/bad_xml_use.py
@@ -23,7 +23,6 @@ class BadXMLUseLinter(bad_module_use.BadModuleUseLinter):
     @property
     def illegal_modules(self):
         return [
-            'lxml',
             'xml',
             'xmlrpclib',
         ]

diff --git a/docs/linters/DUO107.md b/docs/linters/DUO107.md
@@ -1,6 +1,6 @@
 # DUO107
 
-This linter searches for use of the `lxml`, `xml`, `xmlrpclib` modules. These
+This linter searches for use of the `xml`, `xmlrpclib` modules. These
 libraries are not hardened against many common XML attacks. The `defusedxml`
 library should be preferred to these modules.
 

diff --git a/tests/test_bad_xml_use.py b/tests/test_bad_xml_use.py
@@ -19,7 +19,6 @@ def test_xml_import_usage(self):
             """
             import xml
             import xmlrpclib
-            import lxml
             """
         )
 
@@ -108,21 +107,6 @@ def test_element_parse_import_usage(self):
 
         assert result == expected
 
-    def test_defused_lxml_usage(self):
-        python_node = self.get_ast_node(
-            """
-            from defusedxml import lxml
-            """
-        )
-
-        linter = dlint.linters.BadXMLUseLinter()
-        linter.visit(python_node)
-
-        result = linter.get_results()
-        expected = []
-
-        assert result == expected
-
 
 if __name__ == "__main__":
     unittest.main()