Re: static analysis and other tools for checking Python code

To: debian-python@lists.debian.org
Subject: Re: static analysis and other tools for checking Python code
From: Paul Wise <pabs@debian.org>
Date: Thu, 3 Mar 2016 08:06:52 +0800
Message-id: <[🔎] CAKTje6FQ1STcN3JDVtDvQ_o6cJ=tsr+dqWQN+G0g5HvTXQSjFg@mail.gmail.com>
In-reply-to: <[🔎] 20160302132331.GB20628@volans.logilab.fr>
References: <[🔎] CAKTje6Hjp+RA666ey=mi7mwsTnxOor2LS85pSU7krziM0Z6=Yw@mail.gmail.com> <[🔎] 20160302132331.GB20628@volans.logilab.fr>

On Wed, Mar 2, 2016 at 9:23 PM, Nicolas Chauvat wrote:

> Maybe add pylint?

As I understand it:

pylint runs code from the source tree so it isn't suitable for running
by default as that could be a security issue for people reviewing
potentially untrusted code.

pylint isn't able to be run automatically, it needs a human to come up
with the right command-line.

c-a-t-t could certainly print a suggestion to run pylint like it does
for fuzzers like afl/zzuf.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Reply to:

Follow-Ups:
- Re: static analysis and other tools for checking Python code
  - From: "Paul R. Tagliamonte" <paultag@gmail.com>
- Re: static analysis and other tools for checking Python code
  - From: Nicolas Chauvat <nicolas.chauvat@logilab.fr>

References:
- static analysis and other tools for checking Python code
  - From: Paul Wise <pabs@debian.org>
- Re: static analysis and other tools for checking Python code
  - From: Nicolas Chauvat <nicolas.chauvat@logilab.fr>

Prev by Date: Re: Using 'pyvenv' or 'python3 -m venv' on unstable
Next by Date: Re: static analysis and other tools for checking Python code
Previous by thread: Re: static analysis and other tools for checking Python code
Next by thread: Re: static analysis and other tools for checking Python code
Index(es):
- Date
- Thread