From 51fb74873e43cdd83e6aabe32dac1291d3c20388 Mon Sep 17 00:00:00 2001
From: Charlie Marsh <charlie.r.marsh@gmail.com>
Date: Wed, 3 Jan 2024 16:33:51 -0500
Subject: [PATCH] Tweaks

---
 .../test/fixtures/flake8_bandit/S504.py       |  7 +++---
 crates/ruff_linter/src/registry/rule_set.rs   |  2 +-
 .../rules/ssl_with_no_version.rs              | 22 +++++++++----------
 ...s__flake8_bandit__tests__S504_S504.py.snap | 18 ++++++++-------
 4 files changed, 24 insertions(+), 25 deletions(-)

diff --git a/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S504.py b/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S504.py
index e1f1b4b893082..1de96762a5a9f 100644
--- a/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S504.py
+++ b/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S504.py
@@ -1,16 +1,15 @@
 import ssl
 from ssl import wrap_socket
 
-
 ssl.wrap_socket()  # S504
 wrap_socket()  # S504
 ssl.wrap_socket(ssl_version=ssl.PROTOCOL_TLSv1_2)  # OK
 
 
-class Foo:
+class Class:
     def wrap_socket(self):
         pass
 
 
-f = Foo()
-f.wrap_socket()  # OK
+obj = Class()
+obj.wrap_socket()  # OK
diff --git a/crates/ruff_linter/src/registry/rule_set.rs b/crates/ruff_linter/src/registry/rule_set.rs
index e5214d5e447b3..ff6561740d774 100644
--- a/crates/ruff_linter/src/registry/rule_set.rs
+++ b/crates/ruff_linter/src/registry/rule_set.rs
@@ -3,7 +3,7 @@ use ruff_macros::CacheKey;
 use std::fmt::{Debug, Formatter};
 use std::iter::FusedIterator;
 
-const RULESET_SIZE: usize = 12;
+const RULESET_SIZE: usize = 13;
 
 /// A set of [`Rule`]s.
 ///
diff --git a/crates/ruff_linter/src/rules/flake8_bandit/rules/ssl_with_no_version.rs b/crates/ruff_linter/src/rules/flake8_bandit/rules/ssl_with_no_version.rs
index 1aa3f22c889b2..ca8623dca8b42 100644
--- a/crates/ruff_linter/src/rules/flake8_bandit/rules/ssl_with_no_version.rs
+++ b/crates/ruff_linter/src/rules/flake8_bandit/rules/ssl_with_no_version.rs
@@ -6,11 +6,11 @@ use ruff_text_size::Ranged;
 use crate::checkers::ast::Checker;
 
 /// ## What it does
-/// Checks for calls to `ssl.wrap_socket()` with no version set
+/// Checks for calls to `ssl.wrap_socket()` without an `ssl_version`.
 ///
 /// ## Why is this bad?
-/// This method is known to provide a default value that maximizes compatibility, but permits use
-/// of the aforementioned broken protocol versions.
+/// This method is known to provide a default value that maximizes
+/// compatibility, but permits use of insecure protocols.
 ///
 /// ## Example
 /// ```python
@@ -31,23 +31,21 @@ pub struct SslWithNoVersion;
 impl Violation for SslWithNoVersion {
     #[derive_message_formats]
     fn message(&self) -> String {
-        format!("`ssl.wrap_socket` called with no `ssl_version` set`")
+        format!("`ssl.wrap_socket` called without an `ssl_version``")
     }
 }
 
 /// S504
 pub(crate) fn ssl_with_no_version(checker: &mut Checker, call: &ExprCall) {
-    if !checker
+    if checker
         .semantic()
         .resolve_call_path(call.func.as_ref())
         .is_some_and(|call_path| matches!(call_path.as_slice(), ["ssl", "wrap_socket"]))
     {
-        return;
-    };
-
-    if call.arguments.find_keyword("ssl_version").is_none() {
-        checker
-            .diagnostics
-            .push(Diagnostic::new(SslWithNoVersion, call.range()));
+        if call.arguments.find_keyword("ssl_version").is_none() {
+            checker
+                .diagnostics
+                .push(Diagnostic::new(SslWithNoVersion, call.range()));
+        }
     }
 }
diff --git a/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S504_S504.py.snap b/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S504_S504.py.snap
index 76b357ef2b72a..aeaa2578d2952 100644
--- a/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S504_S504.py.snap
+++ b/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S504_S504.py.snap
@@ -1,20 +1,22 @@
 ---
 source: crates/ruff_linter/src/rules/flake8_bandit/mod.rs
 ---
-S504.py:5:1: S504 `ssl.wrap_socket` called with no `ssl_version` set`
+S504.py:4:1: S504 `ssl.wrap_socket` called without an `ssl_version``
   |
-5 | ssl.wrap_socket()  # S504
+2 | from ssl import wrap_socket
+3 | 
+4 | ssl.wrap_socket()  # S504
   | ^^^^^^^^^^^^^^^^^ S504
-6 | wrap_socket()  # S504
-7 | ssl.wrap_socket(ssl_version=ssl.PROTOCOL_TLSv1_2)  # OK
+5 | wrap_socket()  # S504
+6 | ssl.wrap_socket(ssl_version=ssl.PROTOCOL_TLSv1_2)  # OK
   |
 
-S504.py:6:1: S504 `ssl.wrap_socket` called with no `ssl_version` set`
+S504.py:5:1: S504 `ssl.wrap_socket` called without an `ssl_version``
   |
-5 | ssl.wrap_socket()  # S504
-6 | wrap_socket()  # S504
+4 | ssl.wrap_socket()  # S504
+5 | wrap_socket()  # S504
   | ^^^^^^^^^^^^^ S504
-7 | ssl.wrap_socket(ssl_version=ssl.PROTOCOL_TLSv1_2)  # OK
+6 | ssl.wrap_socket(ssl_version=ssl.PROTOCOL_TLSv1_2)  # OK
   |