Pylint plugin to enforce some secure coding standards for Python
Pylint Secure Coding Standard Plugin
pylint plugin that enforces some secure coding standards.
Installation
pip install pylint-secure-coding-standard
Pylint codes
| Code | Description |
|---|---|
| R8000 | Use os.path.realpath() instead of os.path.abspath() and os.path.relpath() |
| E8001 | Avoid using exec() and eval() |
| E8002 | Avoid using os.sytem() |
| E8003 | Avoid using shell=True in subprocess functions or using functions that internally set this |
| R8004 | Avoid using tempfile.mktemp(), prefer tempfile.mkstemp() instead |
| E8005 | Avoid using unsafe PyYAML loading functions |
| E8006 | Avoid using jsonpickle.decode() |
| C8007 | Avoid debug statement in production code |
| C8008 | Avoid assert statements in production code |
| R8009 | Use of builtin open for writing is discouraged in favor of os.open to allow for setting file permissions |
| E8010 | Avoid using os.popen() as it internally uses
|