Result

(venv) vaibhav@vaibhav-HP-Notebook:~/coala1/coala-bears/tests/python/requirements$ pytest
============================= test session starts ==============================
platform linux -- Python 3.5.2, pytest-3.4.1, py-1.5.2, pluggy-0.6.0
rootdir: /home/vaibhav/coala1/coala-bears, inifile: setup.cfg
plugins: xdist-1.22.1, timeout-1.2.1, forked-0.2, env-0.6.2, cov-2.5.1
timeout: 35.0s method: signal
collected 14 items

PinRequirementsBearTest.py ....                                          [ 28%]
PySafetyBearTest.py .....                                                [ 64%]
PySafetyBearWithoutMockTest.py F....                                     [100%]

=================================== FAILURES ===================================
_________________ PySafetyBearTest.test_with_cve_vulnerability _________________

self = <tests.python.requirements.PySafetyBearWithoutMockTest.PySafetyBearTest testMethod=test_with_cve_vulnerability>

    def test_with_cve_vulnerability(self):
        file_name = 'requirement.txt'
        file_contents = load_testfile(file_name)
        self.maxDiff = None
        self.check_results(
            self.uut,
            file_contents,
            [Result.from_values('PySafetyBear',
                'bottle<0.12.10 is vulnerable to CVE-2016-9964 and your project is using 0.10.0.',
                file =get_testfile_path(file_name),
                line=1,
                column=9,
                end_line=1,
                end_column=15,
                severity=RESULT_SEVERITY.NORMAL,
                )],
>           filename=get_testfile_path(file_name))

PySafetyBearWithoutMockTest.py:47:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
../../../../venv/lib/python3.5/site-packages/coalib/testing/LocalBearTestHelper.py:264: in check_results
    sorted(bear_output), sorted(results))
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <tests.python.requirements.PySafetyBearWithoutMockTest.PySafetyBearTest testMethod=test_with_cve_vulnerability>
observed_result = [<Result object(id=0x6492086769ca49578e4ffd83a78198fa, origin='PySafetyBear', affected_code=(<SourceRange object(start...ulnerable to CVE-2016-9964 and your project is using 0.10.0.', aspect=NoneType, applied_actions={}) at 0x7fc2fe42c0f0>]
expected_result = [<Result object(id=0xc582638777584692b3352be3088ead2e, origin='PySafetyBear', affected_code=(<SourceRange object(start...ulnerable to CVE-2016-9964 and your project is using 0.10.0.', aspect=NoneType, applied_actions={}) at 0x7fc2fe432da0>]

    def assertComparableObjectsEqual(self, observed_result, expected_result):
        if len(observed_result) == len(expected_result):
            messages = ''
            for observed, expected in zip(observed_result, expected_result):
                if (isinstance(observed, Comparable)
                    and isinstance(expected, Comparable)) and (
                            type(observed) is type(expected)):
                    for attribute in type(observed).__compare_fields__:
                        try:
                            self.assertEqual(
                                getattr(observed, attribute),
                                getattr(expected, attribute),
                                msg='{} mismatch.'.format(attribute))
                        except AssertionError as ex:
                            messages += (str(ex) + '\n\n')
                else:
                    self.assertEqual(observed_result, expected_result)
            if messages:
>               raise AssertionError(messages)
E               AssertionError: 'redirect() in bottle.py in bottle 0.12.10[133 chars]all.' != ''
E               - redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call.
E               +
E                : additional_info mismatch.

../../../../venv/lib/python3.5/site-packages/coalib/testing/LocalBearTestHelper.py:132: AssertionError
===================== 1 failed, 13 passed in 19.24 seconds =====================
(venv) vaibhav@vaibhav-HP-Notebook:~/coala1/coala-bears/tests/python/requirements$ coala --bears PySafetyBear --files requirement.txt -V --flush-cache
[WARNING][19:42:23] Default coafile '.coafile' not found!
Here's what you can do:
* add `--save` to generate a config file with your current options
* add `-I` to suppress any use of config files

[DEBUG][19:42:23] Registered VCS backend: git
[DEBUG][19:42:23] Registered VCS backend: hg
[DEBUG][19:42:24] Registered VCS backend: svn
[DEBUG][19:42:24] Registered VCS backend: bzr
[DEBUG][19:42:24] Platform Linux -- Python 3.5.2, coalib 0.12.0.dev99999999999999
[DEBUG][19:42:24] The file cache was successfully flushed.
Executing section cli...
[WARNING][19:42:24] No files matching '/home/vaibhav/coala1/coala-bears/tests/python/requirements/requirement.txt' were found. If this rule is not required, you can remove it from section [cli] in your .coafile to deactivate this warning.
[DEBUG][19:42:24] Files that will be checked:

(venv) vaibhav@vaibhav-HP-Notebook:~/coala1/coala-bears/tests/python/requirements$ cd PySafety_test_files/^C^Cou may use the `--flush-cache` flag to see them.
(venv) vaibhav@vaibhav-HP-Notebook:~/coala1/coala-bears/tests/python/requirements$ cd PySafety_test_files/
(venv) vaibhav@vaibhav-HP-Notebook:~/coala1/coala-bears/tests/python/requirements/PySafety_test_files$ coala --bears PySafetyBear --files requirement.txt -V --flush-cache
[WARNING][19:42:47] Default coafile '.coafile' not found!
Here's what you can do:
* add `--save` to generate a config file with your current options
* add `-I` to suppress any use of config files

[DEBUG][19:42:48] Registered VCS backend: git
[DEBUG][19:42:48] Registered VCS backend: hg
[DEBUG][19:42:48] Registered VCS backend: svn
[DEBUG][19:42:48] Registered VCS backend: bzr
[DEBUG][19:42:48] Platform Linux -- Python 3.5.2, coalib 0.12.0.dev99999999999999
[DEBUG][19:42:48] The file cache was successfully flushed.
Executing section cli...
[DEBUG][19:42:48] Files that will be checked:
/home/vaibhav/coala1/coala-bears/tests/python/requirements/PySafety_test_files/requirement.txt
[DEBUG][19:42:49] coala is run only on changed files, bears' log messages from previous runs may not appear. You may use the `--flush-cache` flag to see them.
[DEBUG][19:42:49] Running bear PySafetyBear...
[DEBUG][19:42:49] Starting new HTTPS connection (1): raw.githubusercontent.com
[DEBUG][19:42:49] https://raw.githubusercontent.com:443 "GET /pyupio/safety-db/master/data/insecure.json HTTP/1.1" 200 5290
[DEBUG][19:42:49] Starting new HTTPS connection (1): raw.githubusercontent.com
[DEBUG][19:42:50] https://raw.githubusercontent.com:443 "GET /pyupio/safety-db/master/data/insecure_full.json HTTP/1.1" 200 53183

requirement.txt
[   1] bottle==0.10.0
**** PySafetyBear [Section: cli | Severity: NORMAL] ****
!    ! bottle<0.12.10 is vulnerable to CVE-2016-9964 and your project is using 0.10.0.
[    ] *0. Do (N)othing
[    ]  1. (O)pen file
[    ]  2. Print (M)ore info
[    ]  3. Add (I)gnore comment
[    ] Enter number (Ctrl-D to exit): 2
redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call.
[    ] The action was executed successfully.
[    ] *0. Do (N)othing
[    ]  1. (O)pen file
[    ]  2. Print (M)ore info
[    ]  3. Add (I)gnore comment
[    ] Enter number (Ctrl-D to exit):