facebook pixelCodiga Analysis Python Rules
BACK TO LIST

Python rules

The Codiga Static Analysis engine is powered by the best open-source tools to check your Python code. Make sure your code does not have any security issues and follow design and other best practices. Automate your code reviews today and merge with confidence with Codiga.

B102

Security
Error

Detect use of exec (security issue)

Learn more

B103

Security
Error

Chmod setting a permissive mask 0o755 on file (entryfile).

B104

Security
Error

Possible binding to all interfaces.

B108

Security
Error

Insecure usage of file or directory

B201

Security
Critical

A Flask app appears to be run with debug=True

B301

Security
Error

Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data

B302

Security
Error

Deserialization with the marshal module is possibly dangerous.

B305

Security
Error

Use of insecure cipher mode cryptography.hazmat.primitives.ciphers.modes.ECB.

B306

Security
Error

Use of insecure and deprecated function (mktemp).

B307

Security
Error

Use of possibly insecure function - consider using safer ast.literal\_eval.

B308

Security
Error

Use of mark\_safe() may expose cross-site scripting vulnerabilities and should be reviewed.

B309

Security
Error

Use of HTTPSConnection on older versions of Python prior to 2.7.9 and 3.4.3 do not provide security

B310

Security
Error

Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.

B312

Security
Critical

Telnet-related functions are being called. Telnet is considered insecure. Use SSH or some other encrypted protocol.

B313

Security
Error

Using xml.etree.cElementTree.fromstring to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.etree.cElementTree.fromstring with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called

B314

Security
Error

Using xml.etree.ElementTree.iterparse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.etree.ElementTree.iterparse with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called

B317

Security
Error

Using xml.sax.make\_parser to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.sax.make\_parser with its defusedxml equivalent function or make sure defusedxml.defuse\_stdlib() is called

B318

Security
Error

Using xml.dom.minidom.parseString to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parseString with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called

B320

Security
Error

Using lxml.etree.parse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace lxml.etree.parse with its defusedxml equivalent function.

B321

Security
Critical

FTP-related functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.

B322

Security
Critical

The input method in Python 2 will read from standard input

B323

Security
Error

Detect unsecure use of HTTPS connexion

B324

Security
Error

Use of insecure MD4 or MD5 hash function.

B401

Security
Critical

A telnet-related module is being imported. Telnet is considered insecure. Use SSH or some other encrypted protocol.

B402

Security
Critical

A FTP-related module is being imported. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.

B411

Security
Critical

Using MAXINT to parse untrusted XML data is known to be vulnerable to XML attacks. Use defused.xmlrpc.monkey_patch() function to monkey-patch xmlrpclib and mitigate XML vulnerabilities.

B413

Security
Critical

The pyCrypto library and its module SHA256 are no longer actively maintained and have been deprecated. Consider using pyca/cryptography library.

B501

Security
Critical

Requests call with verify=False disabling SSL certificate checks

B506

Security
Error

Use of unsafe yaml load. Allows instantiation of arbitrary objects. Consider yaml.safe_load().

B601

Security
Error

Possible shell injection via Paramiko call

B602

Security
Critical

subprocess call with shell=True identified

B605

Security
Critical

Starting a process with a shell

B608

Security
Error

Possible SQL injection vector through string-based query construction.

B701

Security
Critical

Using jinja2 templates with autoescape=False is dangerous and can lead to XSS. Ensure autoescape=True or use the select\_autoescape function to mitigate XSS vulnerabilities.

B702

Security
Error

Mako templates allow HTML/JS rendering by default and are inherently open to XSS attacks. Ensure variables in all templates are properly sanitized via the 'n'

B703

Security
Error

Potential XSS on mark\_safe function.

C0111

Documentation
Informational

Missing docstring on module, function, class or method

C0112

Code style
Informational

Module, function, class or method have an empty docstring

C0113

Best practice
Informational

Detect inappropriate use of the not keyword

C0116

Documentation
Informational

Missing docstring on a function

C0121

Best practice
Informational

Check when valid is compared to True, False or None (and can be replaced by simpler expressions)

C0122

Code style
Warning

Check correct use of constants in comparisons.

C0123

Best practice
Warning

Using type() instead of isinstance() for a typecheck.

C0144

Best practice
Informational

Detect when a name contains at least one non-ASCII unicode character

C0200

Best practice
Warning

Consider using enumerate instead of iterating with range and len

C0201

Best practice
Warning

Consider iterating the dictionary directly instead of calling .keys()

C0202

Code style
Informational

Detect when a class method has a first argument named differently than the value specified in valid-classmethod-first-arg option

C0203

Code style
Informational

Detect when a metaclass method has a first argument named differently than the value specified in valid-classmethod-first-arg option.

C0204

Code style
Informational

Metaclass class method __new__ should have 'cls' as first argument

C0205

Best practice
Error

Ensure that __slots__ is an iterable and not a base type

C0302

Code style
Informational

Too many lines in a module

C0304

Code style
Informational

Final newline missing

C0305

Best practice
Informational

Trailing newlines

C0321

Error prone
Error

More than one statement on a single line

C0325

Code style
Warning

Unnecessary parens

C0326

Code style
Informational

Bad whitespace

C0327

Code style
Informational

Mixed line endings (between LF and CRLF)

C0330

Code style
Informational

Wrong indentation

C0410

Best practice
Warning

Multiple imports on one line

C0411

Best practice
Warning

Wrong import order

C0412

Best practice
Informational

Imports are not grouped

C0413

Best practice
Informational

Import and code are mixed

C0414

Best practice
Informational

Import alias is same as original package

C0415

Best practice
Warning

Import not put at the top level of the file

C1801

Error prone
Error

Use len() without explicit argument

E0011

Code style
Error

Unrecognized options

E0012

Unknown
Error

Bad option value

E0101

Code style
Error

Use of return in init

E0102

Error prone
Error

Detect functions that already exist

E0103

Error prone
Error

break or continue used outside a loop

E0104

Error prone
Error

Return outside function

E0105

Error prone
Error

The yield keyword is used outside a function

E0107

Error prone
Error

Use of operator that does not exist

E0110

Error prone
Error

Abstract class instantiation attempt

E0111

Error prone
Error

Bad argument passed to reversed()

E0117

Error prone
Error

A nonlocal variable does not have an attached name somewhere in the parent scopes.

E0202

Safety
Error

Method has the same name as an attribute

E0203

Safety
Error

Access to members before they are defined

E0211

Code style
Error

A method which should have the bound instance as first argument has no argument defined.

E0213

Code style
Error

Method should have self as first argument

E0237

Error prone
Error

Assigning an attribute not defined in the class slots

E0239

Error prone
Error

Detect class that inherit non-classes

E0242

Error prone
Error

Value conflict with __slots__

E0301

Error prone
Error

__iter__ returns non-iterator

E0302

Error prone
Error

The special method __int__ should have 0 parameter

E0306

Safety
Error

__repr__ does not return str

E0307

Safety
Critical

__str__ does not return str

E0309

Safety
Critical

__hash__ does not return an int

E0401

Safety
Error

Module that cannot be imported

E0402

Safety
Error

Attempted relative import beyond top-level package

E0601

Safety
Critical

Using variable before assignment

E0602

Code style
Error

Undefined variable is trying to be accessed

E0603

Error prone
Error

Undefined variable name referenced in __all\__

E0604

Error prone
Error

Invalid object referenced in __all__

E0611

Code style
Critical

Invalid name in module

E0633

Error prone
Error

Attempting to unpack a non-sequence

E0701

Safety
Warning

Bad except clauses order

E0702

Safety
Error

Raising int while only classes or instances are allowed

E0704

Error prone
Error

The raise statement is not inside an except clause

E0710

Error prone
Error

Raising a new style class which doesn't inherit from BaseException

E0711

Error prone
Error

NotImplemented raised and should raise NotImplementedError instead

E0712

Safety
Critical

Catching an exception which doesn't inherit from Exception.

E1003

Error prone
Error

Another argument than the current class is given as first argument of the super builtin

E1101

Safety
Critical

Detect members or attributes that do not exists

E1102

Error prone
Critical

Object is not callable

E1111

Safety
Critical

Assigning result of a function call with no return

E1120

Safety
Critical

No value for argument in function call

E1121

Error prone
Critical

Too many arguments for method call

E1123

Error prone
Critical

Unexpected keyword argument in method call

E1124

Error prone
Critical

Argument passed by position and keyword in method call

E1125

Error prone
Error

Missing mandatory keyword argument in function call

E1126

Error prone
Error

Sequence type is indexed with an invalid type

E1128

Safety
Critical

Assigning result of a function call that returns nothing but None.

E1129

Error prone
Error

Context manager doesn't implement __enter__ and __exit__

E1130

Error prone
Error

Unary operand is used on an object which does not support this type of operation.

E1132

Error prone
Error

Got multiple values for keyword argument in function call

E1133

Error prone
Critical

Non-iterable value used in an iterating context

E1134

Error prone
Error

Non-mapping value is used in a mapping context

E1135

Error prone
Critical

Value doesn't support membership test

E1136

Error prone
Error

Value is unsubscriptable

E1137

Safety
Critical

Unsupported assignment operation

E1138

Safety
Critical

Unsupported delete operation

E1139

Error prone
Error

Invalid metaclass used

E1141

Error prone
Critical

Invalid iteration over dictionary items

E1205

Error prone
Critical

Too many arguments for logging format string

E1206

Error prone
Critical

Not enough arguments in logging call

E1301

Code style
Error

Format string ends in middle of conversion specifier

E1305

Error prone
Warning

Too many arguments for format string

E1306

Error prone
Critical

Not enough arguments for format string

E1307

Error prone
Error

Incorrect format string

E1310

Error prone
Error

The argument to a str.{l,r,}strip call contains a duplicate character

I1101

Error prone
Warning

Variable is accessed for non-existent member of C extension

R0123

Error prone
Error

Invalid literal comparison

R0124

Design
Warning

Comparison with same value

R0201

Design
Informational

Does not use self

R0202

Design
Warning

No classmethod decorator

R0205

Design
Informational

Class inherits from object

R0206

Design
Informational

Cannot have defined parameters for properties

R0801

Design
Informational

Similar lines detection

R0901

Design
Informational

Too many ancestors

R0902

Design
Informational

Too many instance attributes

R0903

Design
Informational

Too few public methods

R0904

Design
Informational

Too many public methods

R0911

Design
Informational

Too many return statements

R0912

Design
Informational

Too many branches

R0913

Design
Informational

Too many arguments for a function or method

R0914

Design
Warning

Too many local variables

R0915

Design
Warning

Too many statements, split your functions in smaller functions

R0916

Design
Warning

Too many boolean expressions in if statement

R1701

Design
Informational

Multiple calls of isinstance calls can be merged

R1702

Design
Warning

Too many nested blocks

R1703

Design
Warning

The if statement can be replaced with a return and a boolean expression

R1704

Design
Informational

Redefining argument with local name

R1705

Design
Warning

Unnecessary else after return

R1706

Design
Informational

Consider using ternary operator

R1707

Error prone
Error

Misplacing comma that creates a tuple

R1708

Design
Error

Do not raise StopIteration in generator

R1710

Design
Error

Inconsistent return type in function

R1711

Design
Informational

Useless return at end of function or method

R1712

Best practice
Error

Consider using tuple unpacking for swapping variables

R1713

Best practice
Error

Consider using str.join() for concatenating strings from an iterable

R1715

Best practice
Error

Consider using dict.get for getting values from a dict if a key is present or a default if not

R1716

Design
Warning

Simplify chained comparison between the operands

R1717

Design
Informational

Consider using a dictionary comprehension

R1718

Design
Informational

Consider using a set comprehension

R1719

Design
Error

Conditions can be simplified

R1720

Design
Warning

Unnecessary else after raise

R1721

Design
Warning

Unnecessary use of a comprehension

R1722

Best practice
Informational

Use sys.exit()

R1723

Design
Warning

Unnecessary elif after break

R1724

Design
Warning

Unnecessary elif after continue

W0101

Error prone
Critical

Unreachable code

W0102

Safety
Error

Dangerous default value as argument

W0104

Error prone
Error

Statement have no effect

W0105

Performance
Error

String statement has no effect

W0106

Performance
Error

Expression not assigned

W0107

Design
Warning

Unnecessary pass statement

W0108

Design
Error

Lambda may not be necessary

W0109

Error prone
Critical

Duplicate key in dictionary

W0124

Error prone
Error

With statement returns multiple values

W0125

Design
Warning

Conditional statement with a constant value

W0126

Error prone
Error

Conditional statement with potentially wrong function or method call due to missing parentheses

W0127

Design
Error

Assigning a variable to itself

W0128

Safety
Error

Redeclared variable in assignment

W0129

Error prone
Warning

Assert statement has a string literal as its first argument and the assert will never fail.

W0143

Error prone
Warning

Comparing against a callable (parenthesis needed)

W0150

Design
Warning

return statement in finally block may swallow exception

W0201

Design
Error

Attribute defined outside __init__

W0211

Design
Error

Static method with self as first argument

W0212

Design
Warning

Access to a protected member of a client class

W0221

Design
Error

Parameters differ from overridden method

W0222

Design
Warning

Signature is different than in the implemented interface or in an overridden method

W0223

Design
Error

Abstract method not overriden

W0231

Design
Warning

__init__ method from base class is not called in inherited class

W0232

Code style
Warning

Class has no __init__ method

W0233

Design
Error

An __init__ method is called on a class which is not in the direct ancestors for the analyzed class

W0235

Design
Warning

Useless super delegation

W0236

Design
Error

Invalid overridden method

W0301

Code style
Warning

Unnecessary semicolon

W0401

Best practice
Warning

Use of wildcard imports

W0402

Best practice
Error

Uses of deprecated modules

W0404

Best practice
Warning

Module imported twice

W0511

Best practice
Informational

Use TODO, not FIXME

W0601

Safety
Error

Global variable used but not defined

W0602

Error prone
Warning

Global variable used but not assigned

W0603

Best practice
Warning

Using the global statement

W0604

Design
Error

Using the global statement at the module level

W0612

Best practice
Warning

Unused variable

W0614

Error prone
Warning

Unused import from another module

W0621

Design
Error

Redefining name from outer scope

W0622

Design
Error

Redefining built-in from Python

W0631

Safety
Error

Loop variable used outside a loop

W0632

Error prone
Error

Possible unbalanced tuple unpacking with sequence

W0640

Design
Error

Use variable in closure when defined in a loop

W0641

Error prone
Warning

Variable defined but not used

W0642

Design
Warning

Invalid assignment to cls or self

W0702

Design
Error

Not using specific exception in an except statement

W0703

Design
Error

Catching too general exception

W0705

Design
Error

Catching the same exception twice

W0706

Design
Error

Use the right exception when raising an exception in an except block

W0711

Safety
Critical

Operation is raising exception

W0715

Best practice
Error

Passing multiple incorrect arguments to an exception constructor

W1113

Design
Warning

Keyword argument before variable positional arguments list

W1114

Design
Warning

Positional arguments appear to be out of order

W1116

Error prone
Error

Argument of isinstance is not a type

W1201

Best practice
Warning

Do not use lazy formatting

W1202

Best practice
Warning

Do not use format() in logging function

W1203

Best practice
Error

Use %s in logging function

W1302

Error prone
Error

Invalid format string

W1303

Error prone
Error

Missing format() argument key

W1304

Best practice
Error

Unused format argument

W1305

Error prone
Warning

Invalid combined format specification

W1306

Best practice
Warning

Missing format attribute

W1308

Best practice
Warning

Duplicate string formatting argument

W1309

Best practice
Error

Using an f-string that does not have any interpolated variables

W1401

Best practice
Warning

Anomalous backslash in string

W1403

Error prone
Error

Implicit string concatenation found in list

W1404

Safety
Error

Implicit string concatenation

W1501

Best practice
Error

Invalid file open mode

W1503

Best practice
Warning

Redundant use of unit test assert

W1505

Best practice
Warning

Use of deprecated method

W1506

Best practice
Warning

Thread needs the target function

W1508

Safety
Error

Invalid default value when getting the environment

W1509

Safety
Warning

Using preexec_fn keyword which may be unsafe in the presence of threads

W1510

Security
Error

Using subprocess.run without explicitly set `check` is not recommended.

C0102

Code style
Informational

Detect blacklisted names (toto, foo, etc)

C0209

Code style
Informational

Use a f-string

W0237

Best practice
Error

Method parameter has a different name than in the implemented interface or in an overridden method

W0238

Error prone
Warning

Unused private member

C0104

Best practice
Error

Disallowed name (e.g. foo, bar, etc)

C0206

Best practice
Warning

Consider iterating with .items()

R1714

Best practice
Error

Use in instead of iterating over value and using equal

C0207

Best practice
Warning

Accessing only the first or last element of str.split() and should be done more efficiently.

C1802

Best practice
Warning

Use implicit boolean with len()

C1803

Error prone
Warning

Make use of implicit boolean

C0208

Best practice
Warning

Use a sequence type when iterating over values When iterating over values, sequence types (e.g., lists, tuples, ranges) are more efficient than sets.

R0203

Best practice
Warning

Consider using a decorator instead of calling staticmethod

R1709

Design
Warning

https://vald-phoenix.github.io/pylint-errors/plerr/errors/refactoring/R1709

R1725

Best practice
Warning

Consider using Python 3 style super() without arguments

R1726

Design
Warning

Boolean expression can be simplified

R1727

Error prone
Error

Boolean value has always the same value

R1728

Performance
Warning

Consider using a generator instead for better performance

R1729

Performance
Warning

Comprehension inside of 'any' or 'all' is unnecessary. A generator would be sufficient and faster.

R1731

Best practice
Informational

Using the max builtin instead of a conditional improves readability and conciseness

R1732

Best practice
Warning

Consider using 'with' for resource-allocating operations

R1733

Performance
Warning

Iterating over the dictionary items (key-item pairs) and accessing the value by index lookup when the value can be accessed directly instead

R1735

Best practice
Informational

Using dict() to create an empty dictionary instead of the literal {}. The literal is faster as it avoids an additional function call.

W0177

Best practice
Warning

An expression is compared to NaNvalues like numpy.NaN and float('nan')

W1310

Error prone
Informational

String that does not have any interpolation variables, in which case it can be either a normal string without formatting or a bug in the code.

W1406

Best practice
Warning

Used when we detect a string with a u prefix. These prefixes were necessary in Python 2 to indicate a string was Unicode, but since Python 3.0 strings are Unicode by default.

W1512

Best practice
Warning

Using deprecated module

W1513

Best practice
Warning

Use deprecated decorator

W1514

Error prone
Warning

Using open without explicitly specifying an encoding

R1730

Error prone
Warning

Use the min builtin instead of using an if condition

E1142

Best practice
Error

'await' should be used within an async function

W0410

Code style
Informational

__future__ import is not the first non docstring statement

W0199

Error prone
Warning

Assert called on a 2-item-tuple.

E4702

Safety
Error

Iterated dict is being modified inside for loop body, iterate through a copy of it instead.

C2801

Best practice
Warning

Unnecessarily calls dunder method %s. %s.

C3001

Error prone
Warning

Lambda expression assigned to a variable. Define a function using the "def" keyword instead.

W1515

Best practice
Warning

Leaving functions creating breakpoints in production code is not recommended.

E2502

Best practice
Informational

Contains control characters that can permit obfuscated code executed differently than displayed.

R0022

Error prone
Warning

Useless option value.

R1736

Best practice
Warning

Unnecessary list index lookup, use '%s' instead.

W0012

Error prone
Warning

Unknown option value.

W0245

Error prone
Critical

Super call without brackets.

W2301

Documentation
Warning

Unnecessary ellipsis constant.

R0133

Performance
Critical

Comparison between constants has a constant value

W1518

Best practice
Warning

cache will keep all method args alive indefinitely, including 'self'

C0105

Code style
Informational

Name doesn't conform to naming rules associated to its type

B319

Security
Error

Blacklist Python calls known to be dangerous

B610

Security
Error

Potential SQL injection on extra function

B611

Security
Error

Potential SQL injection on RawSQL function

E2515

Security
Warning

Invalid unescaped character zero-width-space, use "u200B" instead.

W4701

Safety
Critical

Iterated list is being modified inside for loop body

B507

Security
Error

Paramiko call with policy set to automatically trust the unknown host key.

W0130

Best practice
Warning

Duplicate value in set

C2403

Error prone
Warning

Import a module with non-ASCII characters

E4703

Safety
Critical

Iterated set is being modified inside for loop body, iterate through a copy of it instead.

W4902

Best practice
Error

Using deprecated method

W3101

Safety
Error

Missing timeout argument can cause your program to hang indefinitely

W1115

Safety
Error

Non-string value assigned

W0246

Design
Error

Useless parent or super() delegation

E1143

Error prone
Error

Member is unhashable