What is a default parameter in Python?
A default parameter in Python is a default value assigned to a function
parameter. If I define the function
foo with a parameter
bar = 3,
it ensures that if no value is passed for this parameter, the default
3 will be used.
def foo(bar=3): return bar + 2 n = foo() # returns 5 n = foo(10) # return 12
The major caveat is that default parameters are only evaluated once and may cause problems when a function is called more than once.
Why does an empty array as a default parameter in Python may cause a problem?
As parameters are evaluated only ONCE, returning or using an array with a default parameter may create an issue, as the value from a previous call may be reused in a later call.
Let's look at a concrete example.
import typing def foo(bar: typing.List[int] = ): bar.append(42) return bar l1 = foo() print(l1) l2 = foo() print(l2)
When executing the code above, at the second call, the value of the first call was reused, which is (almost) never what we want.
$ python pythoncode.py  [42, 42]
This is a common issue in Python code already documented (see the Common Gotchas for Python).
How to avoid having issues with an empty array as default parameter in Python?
The idea is not to use an array as a default parameter and instead is
None. Then, inside the function,
we check if a value has been passed and assign it.
There is the corrected version of the code shown above.
import typing def foo(bar: typing.Optional[typing.List[int]]=None): if bar is None: res =  else: res = bar res.append(42) return res l1 = foo() print(l1) l2 = foo() print(l2)
When executing the code, we have the correct result.
$ python pythoncode.py  
Automatically empty array as default parameter in Python
Codiga provides IDE plugins and integrations with GitHub, GitLab, or Bitbucket to detect empty arrays as default parameters. The Codiga static code analysis detects this issue directly in your IDE or code reviews.
In particular, this analysis rule produces a warning each time there is an empty array as a default parameter in a function definition.
To use this rule consistently, all you need to do is to install the integration in your IDE (for VS Code or JetBrains) or code management system and add a
codiga.yml file at the root of your profile with the following content:
rulesets: - python-security
It will then check all your Python code against 100+ rules that detect unsafe and insecure code and suggests fixes for each of them.