diff --git a/dlint/linters/bad_xml_use.py b/dlint/linters/bad_xml_use.py index 1adf4ae..b5b78f8 100644 --- a/dlint/linters/bad_xml_use.py +++ b/dlint/linters/bad_xml_use.py @@ -23,7 +23,6 @@ class BadXMLUseLinter(bad_module_use.BadModuleUseLinter): @property def illegal_modules(self): return [ - 'lxml', 'xml', 'xmlrpclib', ] diff --git a/docs/linters/DUO107.md b/docs/linters/DUO107.md index 738b4b5..8f5b8c0 100644 --- a/docs/linters/DUO107.md +++ b/docs/linters/DUO107.md @@ -1,6 +1,6 @@ # DUO107 -This linter searches for use of the `lxml`, `xml`, `xmlrpclib` modules. These +This linter searches for use of the `xml`, `xmlrpclib` modules. These libraries are not hardened against many common XML attacks. The `defusedxml` library should be preferred to these modules. diff --git a/tests/test_bad_xml_use.py b/tests/test_bad_xml_use.py index 250ce62..311a280 100644 --- a/tests/test_bad_xml_use.py +++ b/tests/test_bad_xml_use.py @@ -19,7 +19,6 @@ def test_xml_import_usage(self): """ import xml import xmlrpclib - import lxml """ ) @@ -37,11 +36,6 @@ def test_xml_import_usage(self): lineno=3, col_offset=0, message=dlint.linters.BadXMLUseLinter._error_tmpl - ), - dlint.linters.base.Flake8Result( - lineno=4, - col_offset=0, - message=dlint.linters.BadXMLUseLinter._error_tmpl ) ] @@ -108,21 +102,6 @@ def test_element_parse_import_usage(self): assert result == expected - def test_defused_lxml_usage(self): - python_node = self.get_ast_node( - """ - from defusedxml import lxml - """ - ) - - linter = dlint.linters.BadXMLUseLinter() - linter.visit(python_node) - - result = linter.get_results() - expected = [] - - assert result == expected - if __name__ == "__main__": unittest.main()