[code-quality] Static checker for common Python programming errors

[Ben Finney]

Stefan Bucur <stefan.bucur at gmail.com>
writes:

> For instance, a path-sensitive analysis detects that the following
> snippet of code would raise an AttributeError exception:
>
> if object is None: # If the True branch is taken, we know the object is None
>   object.doSomething() # ... so this statement would always fail

Be careful with this. The above example would behave as you say; but it
is a special case because re-binding ‘None’ is a SyntaxError.

For most other built-ins, and for most other names, the above type of
check cannot be done with static analysis.

> I wanted first to tap into people's experience and get a sense of what
> common pitfalls in the language & its standard library such a static
> checker should look for.

Prior art to investigate includes PyLint and PyFlakes. You probably
already know, but it bears saying explicitly.

> My preliminary list of Python checks is quite rudimentary […]

Obvious ones:

* Mutable-value argument defaults (should instead use the ‘None’ or a
  custom sentinel). I think you can only detect this when the default is
  specified as some literal value of a built-in type.

* Comparing to None by equality (should be comparing by identity).

* A single value in parens (author might mistakenly believe it's a
  tuple).

Heck, any of the Idiomatic Python warnings that you can detect
<URL:http://python.net/~goodger/projects/pycon/2007/idiomatic/>.

-- 
 \     “[The RIAA] have the patience to keep stomping. They're playing |
  `\         whack-a-mole with an infinite supply of tokens.” —kennon, |
_o__)                                             http://kuro5hin.org/ |
Ben Finney