Imprecise assert¶
ID: py/imprecise-assertKind: problemSecurity severity: Severity: recommendationPrecision: very-highTags: - quality - maintainability - readabilityQuery suites: - python-security-and-quality.qls
Click to see the query in the CodeQL repository
The classunittest.TestCase provides a range of assertion methods. As well as the general formsassertTrue() andassertFalse() more specific forms such asassertGreaterEquals() andassertNotIn() are provided. By using the more specific forms it is possible to get more precise and informative failure messages in the event of a test failing. This can speed up the debugging process.
Recommendation¶
Replace all calls toassertTrue() andassertFalse() that do not provide a custom failure message with a more specific variant. Alternatively, provide a tailored failure message using theassertTrue(condition,message) form.
Example¶
In this example,assertTrue() andassertFalse() are used.
fromunittestimportTestCaseclassMyTest(TestCase):deftestInts(self):self.assertTrue(1==1)self.assertFalse(1>2)self.assertTrue(1in[])#This will fail
This will make it more difficult to determine what has gone wrong whenself.assertTrue(1in[]) fails. The failure message “AssertionError: False is not true” is not very helpful.
A more useful error message can be generated by changing the asserts to the more specific forms as in the following example.
fromunittestimportTestCaseclassMyTest(TestCase):deftestInts(self):self.assertEqual(1,1)self.assertLessEqual(1,2)self.assertIn(1,[])#This will fail
In this case, the failure message “AssertionError: 1 not found in []” is much more informative.
References¶
Python library reference:TestCase.assertEqual.