- Notifications
You must be signed in to change notification settings - Fork16
Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.
License
dlint-py/dlint
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.
The most important thing I have done as a programmer in recent years is toaggressively pursue static code analysis. Even more valuable than thehundreds of serious bugs I have prevented with it is the change in mindsetabout the way I view software reliability and code quality.
For a static analysis project to succeed, developers must feel they benefitfrom and enjoy using it.
For documentation and a list of rules seedocs.
$ python -m pip install dlint
And double check that it was installed correctly:
$ python -m flake8 -hUsage: flake8 [options] file file ......Installed plugins: dlint: 0.16.0, mccabe: 0.5.3, pycodestyle: 2.2.0, pyflakes: 1.3.0
Note thedlint: 0.16.0.
Dlint builds onflake8 to perform its linting. This provides manyuseful features without re-inventing the wheel.
Let's run a simple check:
$ cat<<EOF > test.pyprint("TEST1")exec('print("TEST2")')EOF
$ python test.pyTEST1TEST2
$ python -m flake8 --select=DUO test.pytest.py:2:1: DUO105 use of"exec" is insecure- Why is this insecure? To learn more visit
/docs/linters/DUO105.md. - Why
DUO? Dlint was originally developed by theDuo Labs team.
The--select=DUO flag tellsflake8 to only run Dlint lint rules.
From here, we can easily run Dlint against a directory of Python code:
$ python -m flake8 --select=DUO /path/to/code
To fine-tune your linting, check out theflake8 help:
$ python -m flake8 --help
Dlint results can also be included inline in your editor for fast feedback.This typically requires an editor plugin or extension. Here are some startingpoints for common editors:
- Vim:https://github.com/vim-syntastic/syntastic
- Emacs:https://github.com/flycheck/flycheck
- Sublime:https://github.com/SublimeLinter/SublimeLinter-flake8
- PyCharm:https://foxmask.net/post/2016/02/17/pycharm-running-flake8/
- Atom:https://atom.io/packages/linter-flake8
- Visual Studio Code:https://code.visualstudio.com/docs/python/linting#_flake8
Dlint can easily be integrated into CI pipelines, or anything really.
For more information and examples see'How can I integrate Dlint into XYZ?'.
Dlint's custom plugins are built on asimple naming convention,and rely onPython modules.To make a Dlint custom plugin use the following conventions:
- The Python module namemust start with
dlint_plugin_. - The linter class namemust start with
Dlint. - The linter classshould inherit from
dlint.linters.base.BaseLinter.- If for some reason you'd like to avoid this, then youmust implementthe
get_resultsfunction appropriately and inherit fromast.NodeVisitor.
- If for some reason you'd like to avoid this, then youmust implementthe
See anexample plugin for further details.
First, install development packages:
$ python -m pip install -r requirements.txt$ python -m pip install -r requirements-dev.txt$ python -m pip install -e.$ pytest
$ flake8
$ pytest --cov
$ pytest -k test_benchmark_run --benchmark-py-file /path/to/file.py tests/test_benchmark/
Or get benchmark results for linters individually:
$ pytest -k test_benchmark_individual --benchmark-py-file /path/to/file.py tests/test_benchmark/
Or run against a single linter:
$ pytest -k test_benchmark_individual[DUO138-BadReCatastrophicUseLinter] --benchmark-py-file /path/to/file.py tests/test_benchmark/
About
Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.
Topics
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Packages0
Uh oh!
There was an error while loading.Please reload this page.