DEBUG

move
frappe · Oct 22, 2021 · 53c4b80 · 53c4b80
1 parent 17a12e1
commit 53c4b80
Show file tree

Hide file tree

Showing 6 changed files with 177 additions and 2 deletions.
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
@@ -16,8 +16,6 @@ jobs:
         with:
           python-version: 3.8
 
-      - name: Install and Run Pre-commit
-        uses: pre-commit/action@v2.0.3
 
       - name: Download Semgrep rules
         run: git clone --depth 1 https://github.com/frappe/frappe-semgrep-rules.git ~/frappe-semgrep-rules
@@ -29,3 +27,6 @@ jobs:
             config: >-
               r/python.lang.correctness
               ~/frappe-semgrep-rules
+
+      - name: Install and Run Pre-commit
+        uses: pre-commit/action@v2.0.3
diff --git a/erpnext/frappe_correctness.py b/erpnext/frappe_correctness.py
@@ -0,0 +1,63 @@
+import frappe
+from frappe import _
+from frappe.model.document import Document
+
+
+# ruleid: frappe-modifying-but-not-comitting
+def on_submit(self):
+	if self.value_of_goods == 0:
+		frappe.throw(_('Value of goods cannot be 0'))
+	self.status = 'Submitted'
+
+
+# ok: frappe-modifying-but-not-comitting
+def on_submit(self):
+	if self.value_of_goods == 0:
+		frappe.throw(_('Value of goods cannot be 0'))
+	self.status = 'Submitted'
+	self.db_set('status', 'Submitted')
+
+# ok: frappe-modifying-but-not-comitting
+def on_submit(self):
+	if self.value_of_goods == 0:
+		frappe.throw(_('Value of goods cannot be 0'))
+	x = "y"
+	self.status = x
+	self.db_set('status', x)
+
+
+# ok: frappe-modifying-but-not-comitting
+def on_submit(self):
+	x = "y"
+	self.status = x
+	self.save()
+
+# ruleid: frappe-modifying-but-not-comitting-other-method
+class DoctypeClass(Document):
+	def on_submit(self):
+		self.good_method()
+		self.tainted_method()
+
+	def tainted_method(self):
+		self.status = "uptate"
+
+
+# ok: frappe-modifying-but-not-comitting-other-method
+class DoctypeClass(Document):
+	def on_submit(self):
+		self.good_method()
+		self.tainted_method()
+
+	def tainted_method(self):
+		self.status = "update"
+		self.db_set("status", "update")
+
+# ok: frappe-modifying-but-not-comitting-other-method
+class DoctypeClass(Document):
+	def on_submit(self):
+		self.good_method()
+		self.tainted_method()
+		self.save()
+
+	def tainted_method(self):
+		self.status = "uptate"
diff --git a/erpnext/report.py b/erpnext/report.py
@@ -0,0 +1,14 @@
+from frappe import _
+
+# ruleid: frappe-missing-translate-function-in-report-python
+{"label": "Field Label"}
+
+# ruleid: frappe-missing-translate-function-in-report-python
+dict(label="Field Label")
+
+
+# ok: frappe-missing-translate-function-in-report-python
+{"label": _("Field Label")}
+
+# ok: frappe-missing-translate-function-in-report-python
+dict(label=_("Field Label"))
diff --git a/erpnext/security.py b/erpnext/security.py
@@ -0,0 +1,6 @@
+def function_name(input):
+	# ruleid: frappe-codeinjection-eval
+	eval(input)
+
+# ok: frappe-codeinjection-eval
+eval("1 + 1")
diff --git a/erpnext/translate.py b/erpnext/translate.py
@@ -0,0 +1,61 @@
+# Examples taken from https://frappeframework.com/docs/user/en/translations
+# This file is used for testing the tests.
+
+from frappe import _
+
+full_name = "Jon Doe"
+# ok: frappe-translation-python-formatting
+_('Welcome {0}, get started with ERPNext in just a few clicks.').format(full_name)
+
+# ruleid: frappe-translation-python-formatting
+_('Welcome %s, get started with ERPNext in just a few clicks.' % full_name)
+# ruleid: frappe-translation-python-formatting
+_('Welcome %(name)s, get started with ERPNext in just a few clicks.' % {'name': full_name})
+
+# ruleid: frappe-translation-python-formatting
+_('Welcome {0}, get started with ERPNext in just a few clicks.'.format(full_name))
+
+
+subscribers = ["Jon", "Doe"]
+# ok: frappe-translation-python-formatting
+_('You have {0} subscribers in your mailing list.').format(len(subscribers))
+
+# ruleid: frappe-translation-python-splitting
+_('You have') + len(subscribers) + _('subscribers in your mailing list.')
+
+# ruleid: frappe-translation-python-splitting
+_('You have {0} subscribers \
+    in your mailing list').format(len(subscribers))
+
+# ok: frappe-translation-python-splitting
+_('You have {0} subscribers') \
+    + 'in your mailing list'
+
+# ruleid: frappe-translation-trailing-spaces
+msg = _(" You have {0} pending invoice ")
+# ruleid: frappe-translation-trailing-spaces
+msg = _("You have {0} pending invoice ")
+# ruleid: frappe-translation-trailing-spaces
+msg = _(" You have {0} pending invoice")
+
+# ok: frappe-translation-trailing-spaces
+msg = ' ' + _("You have {0} pending invoices") + ' '
+
+# ruleid: frappe-translation-python-formatting
+_(f"can not format like this - {subscribers}")
+# ruleid: frappe-translation-python-splitting
+_(f"what" + f"this is also not cool")
+
+
+# ruleid: frappe-translation-empty-string
+_("")
+# ruleid: frappe-translation-empty-string
+_('')
+
+
+class Test:
+	# ok: frappe-translation-python-splitting
+	def __init__(
+			args
+			):
+		pass
diff --git a/erpnext/ux.py b/erpnext/ux.py
@@ -0,0 +1,30 @@
+import frappe
+from frappe import _, msgprint, throw
+
+# ruleid: frappe-missing-translate-function-python
+throw("Error Occured")
+
+# ruleid: frappe-missing-translate-function-python
+frappe.throw("Error Occured")
+
+# ruleid: frappe-missing-translate-function-python
+frappe.msgprint("Useful message")
+
+# ruleid: frappe-missing-translate-function-python
+msgprint("Useful message")
+
+
+# ok: frappe-missing-translate-function-python
+translatedmessage = _("Hello")
+
+# ok: frappe-missing-translate-function-python
+throw(translatedmessage)
+
+# ok: frappe-missing-translate-function-python
+msgprint(translatedmessage)
+
+# ok: frappe-missing-translate-function-python
+msgprint(_("Helpful message"))
+
+# ok: frappe-missing-translate-function-python
+frappe.throw(_("Error occured"))