From cd6413ca096d58a5b877f14dce1b2196b5b85f02 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ville=20Skytt=C3=A4?= <ville.skytta@iki.fi>
Date: Mon, 27 Feb 2023 23:38:23 +0200
Subject: [PATCH] Match non-lowercase with S105 again (#3258)

---
 .../test/fixtures/flake8_bandit/S105.py       |   4 +
 .../ruff/src/rules/flake8_bandit/helpers.rs   |   6 +-
 ...s__flake8_bandit__tests__S105_S105.py.snap | 184 ++++++++++--------
 3 files changed, 110 insertions(+), 84 deletions(-)

diff --git a/crates/ruff/resources/test/fixtures/flake8_bandit/S105.py b/crates/ruff/resources/test/fixtures/flake8_bandit/S105.py
index bc84ea6da1..6287a68a51 100644
--- a/crates/ruff/resources/test/fixtures/flake8_bandit/S105.py
+++ b/crates/ruff/resources/test/fixtures/flake8_bandit/S105.py
@@ -19,6 +19,8 @@ token = "s3cr3t"
 secrete = "s3cr3t"
 safe = password = "s3cr3t"
 password = safe = "s3cr3t"
+PASSWORD = "s3cr3t"
+PassWord = "s3cr3t"
 
 d["password"] = "s3cr3t"
 d["pass"] = "s3cr3t"
@@ -68,6 +70,8 @@ passed_msg = "You have passed!"
 compassion = "Please don't match!"
 impassable = "You shall not pass!"
 passwords = ""
+PASSWORDS = ""
 passphrases = ""
+PassPhrases = ""
 tokens = ""
 secrets = ""
diff --git a/crates/ruff/src/rules/flake8_bandit/helpers.rs b/crates/ruff/src/rules/flake8_bandit/helpers.rs
index eb58f12248..2f33ee6e4a 100644
--- a/crates/ruff/src/rules/flake8_bandit/helpers.rs
+++ b/crates/ruff/src/rules/flake8_bandit/helpers.rs
@@ -4,8 +4,9 @@ use rustpython_parser::ast::{Constant, Expr, ExprKind};
 
 use crate::checkers::ast::Checker;
 
-static PASSWORD_CANDIDATE_REGEX: Lazy<Regex> =
-    Lazy::new(|| Regex::new(r"(^|_)(pas+wo?r?d|pass(phrase)?|pwd|token|secrete?)($|_)").unwrap());
+static PASSWORD_CANDIDATE_REGEX: Lazy<Regex> = Lazy::new(|| {
+    Regex::new(r"(^|_)(?i)(pas+wo?r?d|pass(phrase)?|pwd|token|secrete?)($|_)").unwrap()
+});
 
 pub fn string_literal(expr: &Expr) -> Option<&str> {
     match &expr.node {
@@ -17,7 +18,6 @@ pub fn string_literal(expr: &Expr) -> Option<&str> {
     }
 }
 
-// Maybe use regex for this?
 pub fn matches_password_name(string: &str) -> bool {
     PASSWORD_CANDIDATE_REGEX.is_match(string)
 }
diff --git a/crates/ruff/src/rules/flake8_bandit/snapshots/ruff__rules__flake8_bandit__tests__S105_S105.py.snap b/crates/ruff/src/rules/flake8_bandit/snapshots/ruff__rules__flake8_bandit__tests__S105_S105.py.snap
index 3a69610352..b6b286d4d0 100644
--- a/crates/ruff/src/rules/flake8_bandit/snapshots/ruff__rules__flake8_bandit__tests__S105_S105.py.snap
+++ b/crates/ruff/src/rules/flake8_bandit/snapshots/ruff__rules__flake8_bandit__tests__S105_S105.py.snap
@@ -1,5 +1,5 @@
 ---
-source: src/rules/flake8_bandit/mod.rs
+source: crates/ruff/src/rules/flake8_bandit/mod.rs
 expression: diagnostics
 ---
 - kind:
@@ -105,46 +105,46 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 23
-    column: 16
-  end_location:
-    row: 23
-    column: 24
-  fix: ~
-  parent: ~
-- kind:
-    HardcodedPasswordString:
-      string: s3cr3t
-  location:
-    row: 24
-    column: 12
-  end_location:
-    row: 24
-    column: 20
-  fix: ~
-  parent: ~
-- kind:
-    HardcodedPasswordString:
-      string: s3cr3t
-  location:
-    row: 25
-    column: 14
-  end_location:
-    row: 25
-    column: 22
-  fix: ~
-  parent: ~
-- kind:
-    HardcodedPasswordString:
-      string: s3cr3t
-  location:
-    row: 26
+    row: 22
     column: 11
   end_location:
-    row: 26
+    row: 22
     column: 19
   fix: ~
   parent: ~
+- kind:
+    HardcodedPasswordString:
+      string: s3cr3t
+  location:
+    row: 23
+    column: 11
+  end_location:
+    row: 23
+    column: 19
+  fix: ~
+  parent: ~
+- kind:
+    HardcodedPasswordString:
+      string: s3cr3t
+  location:
+    row: 25
+    column: 16
+  end_location:
+    row: 25
+    column: 24
+  fix: ~
+  parent: ~
+- kind:
+    HardcodedPasswordString:
+      string: s3cr3t
+  location:
+    row: 26
+    column: 12
+  end_location:
+    row: 26
+    column: 20
+  fix: ~
+  parent: ~
 - kind:
     HardcodedPasswordString:
       string: s3cr3t
@@ -161,9 +161,31 @@ expression: diagnostics
       string: s3cr3t
   location:
     row: 28
-    column: 13
+    column: 11
   end_location:
     row: 28
+    column: 19
+  fix: ~
+  parent: ~
+- kind:
+    HardcodedPasswordString:
+      string: s3cr3t
+  location:
+    row: 29
+    column: 14
+  end_location:
+    row: 29
+    column: 22
+  fix: ~
+  parent: ~
+- kind:
+    HardcodedPasswordString:
+      string: s3cr3t
+  location:
+    row: 30
+    column: 13
+  end_location:
+    row: 30
     column: 21
   fix: ~
   parent: ~
@@ -171,10 +193,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 29
+    row: 31
     column: 15
   end_location:
-    row: 29
+    row: 31
     column: 23
   fix: ~
   parent: ~
@@ -182,10 +204,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 30
+    row: 32
     column: 23
   end_location:
-    row: 30
+    row: 32
     column: 31
   fix: ~
   parent: ~
@@ -193,10 +215,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 31
+    row: 33
     column: 23
   end_location:
-    row: 31
+    row: 33
     column: 31
   fix: ~
   parent: ~
@@ -204,10 +226,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 35
+    row: 37
     column: 15
   end_location:
-    row: 35
+    row: 37
     column: 23
   fix: ~
   parent: ~
@@ -215,10 +237,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 39
+    row: 41
     column: 19
   end_location:
-    row: 39
+    row: 41
     column: 27
   fix: ~
   parent: ~
@@ -226,10 +248,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 40
+    row: 42
     column: 16
   end_location:
-    row: 40
+    row: 42
     column: 24
   fix: ~
   parent: ~
@@ -237,10 +259,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 41
+    row: 43
     column: 17
   end_location:
-    row: 41
+    row: 43
     column: 25
   fix: ~
   parent: ~
@@ -248,10 +270,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 42
+    row: 44
     column: 14
   end_location:
-    row: 42
+    row: 44
     column: 22
   fix: ~
   parent: ~
@@ -259,10 +281,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 43
+    row: 45
     column: 17
   end_location:
-    row: 43
+    row: 45
     column: 25
   fix: ~
   parent: ~
@@ -270,10 +292,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 44
+    row: 46
     column: 16
   end_location:
-    row: 44
+    row: 46
     column: 24
   fix: ~
   parent: ~
@@ -281,10 +303,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 45
+    row: 47
     column: 18
   end_location:
-    row: 45
+    row: 47
     column: 26
   fix: ~
   parent: ~
@@ -292,10 +314,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 47
+    row: 49
     column: 12
   end_location:
-    row: 47
+    row: 49
     column: 20
   fix: ~
   parent: ~
@@ -303,10 +325,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 48
+    row: 50
     column: 9
   end_location:
-    row: 48
+    row: 50
     column: 17
   fix: ~
   parent: ~
@@ -314,10 +336,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 49
+    row: 51
     column: 10
   end_location:
-    row: 49
+    row: 51
     column: 18
   fix: ~
   parent: ~
@@ -325,10 +347,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 50
+    row: 52
     column: 7
   end_location:
-    row: 50
+    row: 52
     column: 15
   fix: ~
   parent: ~
@@ -336,10 +358,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 51
+    row: 53
     column: 10
   end_location:
-    row: 51
+    row: 53
     column: 18
   fix: ~
   parent: ~
@@ -347,10 +369,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 52
+    row: 54
     column: 9
   end_location:
-    row: 52
+    row: 54
     column: 17
   fix: ~
   parent: ~
@@ -358,10 +380,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 53
+    row: 55
     column: 11
   end_location:
-    row: 53
+    row: 55
     column: 19
   fix: ~
   parent: ~
@@ -369,10 +391,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: s3cr3t
   location:
-    row: 54
+    row: 56
     column: 20
   end_location:
-    row: 54
+    row: 56
     column: 28
   fix: ~
   parent: ~
@@ -380,10 +402,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: "1\n2"
   location:
-    row: 56
+    row: 58
     column: 12
   end_location:
-    row: 56
+    row: 58
     column: 18
   fix: ~
   parent: ~
@@ -391,10 +413,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: "3\t4"
   location:
-    row: 59
+    row: 61
     column: 12
   end_location:
-    row: 59
+    row: 61
     column: 18
   fix: ~
   parent: ~
@@ -402,10 +424,10 @@ expression: diagnostics
     HardcodedPasswordString:
       string: "5\r6"
   location:
-    row: 62
+    row: 64
     column: 12
   end_location:
-    row: 62
+    row: 64
     column: 18
   fix: ~
   parent: ~