B102
Security
Error
Detect use of exec (security issue)
BACK TO LIST
Python rules
The Codiga Static Analysis engine is powered by the best open-source tools to check your Python code. Make sure your code does not have any security issues and follow design and other best practices. Automate your code reviews today and merge with confidence with Codiga.
B103
Security
Error
Chmod setting a permissive mask 0o755 on file (entryfile).
B104
Security
Error
Possible binding to all interfaces.
B108
Security
Error
Insecure usage of file or directory
B301
Security
Error
Pickle and modules that wrap it can be unsafe when used to deserialize untrusted data
B302
Security
Error
Deserialization with the marshal module is possibly dangerous.
B303
Security
Error
Use of insecure MD2
B305
Security
Error
Use of insecure cipher mode cryptography.hazmat.primitives.ciphers.modes.ECB.
B306
Security
Error
Use of insecure and deprecated function (mktemp).
B307
Security
Error
Use of possibly insecure function - consider using safer ast.literal\_eval.
B308
Security
Error
Use of mark\_safe() may expose cross-site scripting vulnerabilities and should be reviewed.
B309
Security
Error
Use of HTTPSConnection on older versions of Python prior to 2.7.9 and 3.4.3 do not provide security
B310
Security
Error
Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
B313
Security
Error
Using xml.etree.cElementTree.fromstring to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.etree.cElementTree.fromstring with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called
B314
Security
Error
Using xml.etree.ElementTree.iterparse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.etree.ElementTree.iterparse with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called
B317
Security
Error
Using xml.sax.make\_parser to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.sax.make\_parser with its defusedxml equivalent function or make sure defusedxml.defuse\_stdlib() is called
B318
Security
Error
Using xml.dom.minidom.parseString to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parseString with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called
B320
Security
Error
Using lxml.etree.parse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace lxml.etree.parse with its defusedxml equivalent function.
B323
Security
Error
Detect unsecure use of HTTPS connexion
B324
Security
Error
Use of insecure MD4 or MD5 hash function.
B506
Security
Error
Use of unsafe yaml load. Allows instantiation of arbitrary objects. Consider yaml.safe_load().
B601
Security
Error
Possible shell injection via Paramiko call
B608
Security
Error
Possible SQL injection vector through string-based query construction.
B702
Security
Error
Mako templates allow HTML/JS rendering by default and are inherently open to XSS attacks. Ensure variables in all templates are properly sanitized via the 'n'
B703
Security
Error
Potential XSS on mark\_safe function.
C0205
Best practice
Error
Ensure that __slots__ is an iterable and not a base type
C0321
Error prone
Error
More than one statement on a single line
C1801
Error prone
Error
Use len() without explicit argument
E0011
Code style
Error
Unrecognized options
E0012
Unknown
Error
Bad option value
E0101
Code style
Error
Use of return in init
E0102
Error prone
Error
Detect functions that already exist
E0103
Error prone
Error
break or continue used outside a loop
E0104
Error prone
Error
Return outside function
E0105
Error prone
Error
The yield keyword is used outside a function
E0107
Error prone
Error
Use of operator that does not exist
E0110
Error prone
Error
Abstract class instantiation attempt
E0111
Error prone
Error
Bad argument passed to reversed()
E0117
Error prone
Error
A nonlocal variable does not have an attached name somewhere in the parent scopes.
E0202
Safety
Error
Method has the same name as an attribute
E0203
Safety
Error
Access to members before they are defined
E0211
Code style
Error
A method which should have the bound instance as first argument has no argument defined.
E0213
Code style
Error
Method should have self as first argument
E0237
Error prone
Error
Assigning an attribute not defined in the class slots
E0239
Error prone
Error
Detect class that inherit non-classes
E0242
Error prone
Error
Value conflict with __slots__
E0301
Error prone
Error
__iter__ returns non-iterator
E0302
Error prone
Error
The special method __int__ should have 0 parameter
E0306
Safety
Error
__repr__ does not return str
E0401
Safety
Error
Module that cannot be imported
E0402
Safety
Error
Attempted relative import beyond top-level package
E0602
Code style
Error
Undefined variable is trying to be accessed
E0603
Error prone
Error
Undefined variable name referenced in __all\__
E0604
Error prone
Error
Invalid object referenced in __all__
E0633
Error prone
Error
Attempting to unpack a non-sequence
E0702
Safety
Error
Raising int while only classes or instances are allowed
E0704
Error prone
Error
The raise statement is not inside an except clause
E0710
Error prone
Error
Raising a new style class which doesn't inherit from BaseException
E0711
Error prone
Error
NotImplemented raised and should raise NotImplementedError instead
E1003
Error prone
Error
Another argument than the current class is given as first argument of the super builtin
E1125
Error prone
Error
Missing mandatory keyword argument in function call
E1126
Error prone
Error
Sequence type is indexed with an invalid type
E1129
Error prone
Error
Context manager doesn't implement __enter__ and __exit__
E1130
Error prone
Error
Unary operand is used on an object which does not support this type of operation.
E1132
Error prone
Error
Got multiple values for keyword argument in function call
E1134
Error prone
Error
Non-mapping value is used in a mapping context
E1136
Error prone
Error
Value is unsubscriptable
E1139
Error prone
Error
Invalid metaclass used
E1301
Code style
Error
Format string ends in middle of conversion specifier
E1307
Error prone
Error
Incorrect format string
E1310
Error prone
Error
The argument to a str.{l,r,}strip call contains a duplicate character
R0123
Error prone
Error
Invalid literal comparison
R1707
Error prone
Error
Misplacing comma that creates a tuple
R1708
Design
Error
Do not raise StopIteration in generator
R1710
Design
Error
Inconsistent return type in function
R1712
Best practice
Error
Consider using tuple unpacking for swapping variables
R1713
Best practice
Error
Consider using str.join() for concatenating strings from an iterable
R1715
Best practice
Error
Consider using dict.get for getting values from a dict if a key is present or a default if not
R1719
Design
Error
Conditions can be simplified
W0102
Safety
Error
Dangerous default value as argument
W0104
Error prone
Error
Statement have no effect
W0105
Performance
Error
String statement has no effect
W0106
Performance
Error
Expression not assigned
W0108
Design
Error
Lambda may not be necessary
W0120
Design
Error
Useless else on loop
W0122
Security
Error
Use of exec
W0124
Error prone
Error
With statement returns multiple values
W0126
Error prone
Error
Conditional statement with potentially wrong function or method call due to missing parentheses
W0127
Design
Error
Assigning a variable to itself
W0128
Safety
Error
Redeclared variable in assignment
W0201
Design
Error
Attribute defined outside __init__
W0211
Design
Error
Static method with self as first argument
W0221
Design
Error
Parameters differ from overridden method
W0223
Design
Error
Abstract method not overriden
W0233
Design
Error
An __init__ method is called on a class which is not in the direct ancestors for the analyzed class
W0236
Design
Error
Invalid overridden method
W0402
Best practice
Error
Uses of deprecated modules
W0601
Safety
Error
Global variable used but not defined
W0604
Design
Error
Using the global statement at the module level
W0621
Design
Error
Redefining name from outer scope
W0622
Design
Error
Redefining built-in from Python
W0631
Safety
Error
Loop variable used outside a loop
W0632
Error prone
Error
Possible unbalanced tuple unpacking with sequence
W0640
Design
Error
Use variable in closure when defined in a loop
W0702
Design
Error
Not using specific exception in an except statement
W0703
Design
Error
Catching too general exception
W0705
Design
Error
Catching the same exception twice
W0706
Design
Error
Use the right exception when raising an exception in an except block
W0715
Best practice
Error
Passing multiple incorrect arguments to an exception constructor
W1116
Error prone
Error
Argument of isinstance is not a type
W1203
Best practice
Error
Use %s in logging function
W1302
Error prone
Error
Invalid format string
W1303
Error prone
Error
Missing format() argument key
W1304
Best practice
Error
Unused format argument
W1309
Best practice
Error
Using an f-string that does not have any interpolated variables
W1403
Error prone
Error
Implicit string concatenation found in list
W1404
Safety
Error
Implicit string concatenation
W1501
Best practice
Error
Invalid file open mode
W1508
Safety
Error
Invalid default value when getting the environment
W1510
Security
Error
Using subprocess.run without explicitly set `check` is not recommended.
W0237
Best practice
Error
Method parameter has a different name than in the implemented interface or in an overridden method
C0104
Best practice
Error
Disallowed name (e.g. foo, bar, etc)
R1714
Best practice
Error
Use in instead of iterating over value and using equal
R1727
Error prone
Error
Boolean value has always the same value
E1142
Best practice
Error
'await' should be used within an async function
E4702
Safety
Error
Iterated dict is being modified inside for loop body, iterate through a copy of it instead.
B319
Security
Error
Blacklist Python calls known to be dangerous
B610
Security
Error
Potential SQL injection on extra function
B611
Security
Error
Potential SQL injection on RawSQL function
B507
Security
Error
Paramiko call with policy set to automatically trust the unknown host key.
W4904
Design
Error
Using deprecated class
W4902
Best practice
Error
Using deprecated method
W4901
Design
Error
Using deprecated module
W3101
Safety
Error
Missing timeout argument can cause your program to hang indefinitely
W1115
Safety
Error
Non-string value assigned
W0246
Design
Error
Useless parent or super() delegation
E1143
Error prone
Error
Member is unhashable