facebook pixelCodiga Analysis Python Rules, severity error
BACK TO LIST

Python rules

The Codiga Static Analysis engine is powered by the best open-source tools to check your Python code. Make sure your code does not have any security issues and follow design and other best practices. Automate your code reviews today and merge with confidence with Codiga.

B102

Security
Error

Detect use of exec (security issue)

Learn more

B103

Security
Error

Chmod setting a permissive mask 0o755 on file (entryfile).

B104

Security
Error

Possible binding to all interfaces.

B108

Security
Error

Insecure usage of file or directory

B301

Security
Error

Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data

B302

Security
Error

Deserialization with the marshal module is possibly dangerous.

B305

Security
Error

Use of insecure cipher mode cryptography.hazmat.primitives.ciphers.modes.ECB.

B306

Security
Error

Use of insecure and deprecated function (mktemp).

B307

Security
Error

Use of possibly insecure function - consider using safer ast.literal\_eval.

B308

Security
Error

Use of mark\_safe() may expose cross-site scripting vulnerabilities and should be reviewed.

B309

Security
Error

Use of HTTPSConnection on older versions of Python prior to 2.7.9 and 3.4.3 do not provide security

B310

Security
Error

Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.

B313

Security
Error

Using xml.etree.cElementTree.fromstring to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.etree.cElementTree.fromstring with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called

B314

Security
Error

Using xml.etree.ElementTree.iterparse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.etree.ElementTree.iterparse with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called

B317

Security
Error

Using xml.sax.make\_parser to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.sax.make\_parser with its defusedxml equivalent function or make sure defusedxml.defuse\_stdlib() is called

B318

Security
Error

Using xml.dom.minidom.parseString to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parseString with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called

B320

Security
Error

Using lxml.etree.parse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace lxml.etree.parse with its defusedxml equivalent function.

B323

Security
Error

Detect unsecure use of HTTPS connexion

B324

Security
Error

Use of insecure MD4 or MD5 hash function.

B506

Security
Error

Use of unsafe yaml load. Allows instantiation of arbitrary objects. Consider yaml.safe_load().

B601

Security
Error

Possible shell injection via Paramiko call

B608

Security
Error

Possible SQL injection vector through string-based query construction.

B702

Security
Error

Mako templates allow HTML/JS rendering by default and are inherently open to XSS attacks. Ensure variables in all templates are properly sanitized via the 'n'

B703

Security
Error

Potential XSS on mark\_safe function.

C0205

Best practice
Error

Ensure that __slots__ is an iterable and not a base type

C0321

Error prone
Error

More than one statement on a single line

C1801

Error prone
Error

Use len() without explicit argument

E0011

Code style
Error

Unrecognized options

E0012

Unknown
Error

Bad option value

E0101

Code style
Error

Use of return in init

E0102

Error prone
Error

Detect functions that already exist

E0103

Error prone
Error

break or continue used outside a loop

E0104

Error prone
Error

Return outside function

E0105

Error prone
Error

The yield keyword is used outside a function

E0107

Error prone
Error

Use of operator that does not exist

E0110

Error prone
Error

Abstract class instantiation attempt

E0111

Error prone
Error

Bad argument passed to reversed()

E0117

Error prone
Error

A nonlocal variable does not have an attached name somewhere in the parent scopes.

E0202

Safety
Error

Method has the same name as an attribute

E0203

Safety
Error

Access to members before they are defined

E0211

Code style
Error

A method which should have the bound instance as first argument has no argument defined.

E0213

Code style
Error

Method should have self as first argument

E0237

Error prone
Error

Assigning an attribute not defined in the class slots

E0239

Error prone
Error

Detect class that inherit non-classes

E0242

Error prone
Error

Value conflict with __slots__

E0301

Error prone
Error

__iter__ returns non-iterator

E0302

Error prone
Error

The special method __int__ should have 0 parameter

E0306

Safety
Error

__repr__ does not return str

E0401

Safety
Error

Module that cannot be imported

E0402

Safety
Error

Attempted relative import beyond top-level package

E0602

Code style
Error

Undefined variable is trying to be accessed

E0603

Error prone
Error

Undefined variable name referenced in __all\__

E0604

Error prone
Error

Invalid object referenced in __all__

E0633

Error prone
Error

Attempting to unpack a non-sequence

E0702

Safety
Error

Raising int while only classes or instances are allowed

E0704

Error prone
Error

The raise statement is not inside an except clause

E0710

Error prone
Error

Raising a new style class which doesn't inherit from BaseException

E0711

Error prone
Error

NotImplemented raised and should raise NotImplementedError instead

E1003

Error prone
Error

Another argument than the current class is given as first argument of the super builtin

E1125

Error prone
Error

Missing mandatory keyword argument in function call

E1126

Error prone
Error

Sequence type is indexed with an invalid type

E1129

Error prone
Error

Context manager doesn't implement __enter__ and __exit__

E1130

Error prone
Error

Unary operand is used on an object which does not support this type of operation.

E1132

Error prone
Error

Got multiple values for keyword argument in function call

E1134

Error prone
Error

Non-mapping value is used in a mapping context

E1136

Error prone
Error

Value is unsubscriptable

E1139

Error prone
Error

Invalid metaclass used

E1301

Code style
Error

Format string ends in middle of conversion specifier

E1307

Error prone
Error

Incorrect format string

E1310

Error prone
Error

The argument to a str.{l,r,}strip call contains a duplicate character

R0123

Error prone
Error

Invalid literal comparison

R1707

Error prone
Error

Misplacing comma that creates a tuple

R1708

Design
Error

Do not raise StopIteration in generator

R1710

Design
Error

Inconsistent return type in function

R1712

Best practice
Error

Consider using tuple unpacking for swapping variables

R1713

Best practice
Error

Consider using str.join() for concatenating strings from an iterable

R1715

Best practice
Error

Consider using dict.get for getting values from a dict if a key is present or a default if not

R1719

Design
Error

Conditions can be simplified

W0102

Safety
Error

Dangerous default value as argument

W0104

Error prone
Error

Statement have no effect

W0105

Performance
Error

String statement has no effect

W0106

Performance
Error

Expression not assigned

W0108

Design
Error

Lambda may not be necessary

W0124

Error prone
Error

With statement returns multiple values

W0126

Error prone
Error

Conditional statement with potentially wrong function or method call due to missing parentheses

W0127

Design
Error

Assigning a variable to itself

W0128

Safety
Error

Redeclared variable in assignment

W0201

Design
Error

Attribute defined outside __init__

W0211

Design
Error

Static method with self as first argument

W0221

Design
Error

Parameters differ from overridden method

W0223

Design
Error

Abstract method not overriden

W0233

Design
Error

An __init__ method is called on a class which is not in the direct ancestors for the analyzed class

W0236

Design
Error

Invalid overridden method

W0402

Best practice
Error

Uses of deprecated modules

W0601

Safety
Error

Global variable used but not defined

W0604

Design
Error

Using the global statement at the module level

W0621

Design
Error

Redefining name from outer scope

W0622

Design
Error

Redefining built-in from Python

W0631

Safety
Error

Loop variable used outside a loop

W0632

Error prone
Error

Possible unbalanced tuple unpacking with sequence

W0640

Design
Error

Use variable in closure when defined in a loop

W0702

Design
Error

Not using specific exception in an except statement

W0703

Design
Error

Catching too general exception

W0705

Design
Error

Catching the same exception twice

W0706

Design
Error

Use the right exception when raising an exception in an except block

W0715

Best practice
Error

Passing multiple incorrect arguments to an exception constructor

W1116

Error prone
Error

Argument of isinstance is not a type

W1203

Best practice
Error

Use %s in logging function

W1302

Error prone
Error

Invalid format string

W1303

Error prone
Error

Missing format() argument key

W1304

Best practice
Error

Unused format argument

W1309

Best practice
Error

Using an f-string that does not have any interpolated variables

W1403

Error prone
Error

Implicit string concatenation found in list

W1404

Safety
Error

Implicit string concatenation

W1501

Best practice
Error

Invalid file open mode

W1508

Safety
Error

Invalid default value when getting the environment

W1510

Security
Error

Using subprocess.run without explicitly set `check` is not recommended.

W0237

Best practice
Error

Method parameter has a different name than in the implemented interface or in an overridden method

C0104

Best practice
Error

Disallowed name (e.g. foo, bar, etc)

R1714

Best practice
Error

Use in instead of iterating over value and using equal

R1727

Error prone
Error

Boolean value has always the same value

E1142

Best practice
Error

'await' should be used within an async function

E4702

Safety
Error

Iterated dict is being modified inside for loop body, iterate through a copy of it instead.

B319

Security
Error

Blacklist Python calls known to be dangerous

B610

Security
Error

Potential SQL injection on extra function

B611

Security
Error

Potential SQL injection on RawSQL function

B507

Security
Error

Paramiko call with policy set to automatically trust the unknown host key.

W4902

Best practice
Error

Using deprecated method

W3101

Safety
Error

Missing timeout argument can cause your program to hang indefinitely

W1115

Safety
Error

Non-string value assigned

W0246

Design
Error

Useless parent or super() delegation

E1143

Error prone
Error

Member is unhashable