SSH libraries make it possible to remotely execute commands. This can be a source of command injection if user-controlled data is able to flow to these sites.
Feel free to add coverage for any other SSH libraries you find that aren't listed!
Also, since this task covers multiple libraries, it's OK for several to work on this concurrently and add coverage for different libraries.
Submitting a PR
We use the following linters internally, so to save everyone's time, please make sure you run the following linters locally and fix errors related to the files you modified before submitting a PR:
black && usort format . && flake8
To install the linters, you can run the following command:
SSH libraries make it possible to remotely execute commands. This can be a source of command injection if user-controlled data is able to flow to these sites.
We have some existing models for SSH libraries like
paramikoandpexpect(see https://github.com/facebook/pyre-check/blob/main/stubs/third_party_taint/rce_sinks.pysa). The goal of this task is to add coverage for other SSH libraries that we're missing.Some libraries to get you started:
Feel free to add coverage for any other SSH libraries you find that aren't listed!
Also, since this task covers multiple libraries, it's OK for several to work on this concurrently and add coverage for different libraries.
Submitting a PR
We use the following linters internally, so to save everyone's time, please make sure you run the following linters locally and fix errors related to the files you modified before submitting a PR:
To install the linters, you can run the following command: