Pylint plugin to enforce some secure coding standards for Python

Pylint Secure Coding Standard Plugin

pylint plugin that enforces some secure coding standards.

Installation

pip install pylint-secure-coding-standard

Pylint codes

Code Description
R8000 Use os.path.realpath() instead of os.path.abspath() and os.path.relpath()
E8001 Avoid using exec() and eval()
E8002 Avoid using os.sytem()
E8003 Avoid using shell=True in subprocess functions or using functions that internally set this
R8004 Avoid using tempfile.mktemp(), prefer tempfile.mkstemp() instead
E8005 Avoid using unsafe PyYAML loading functions
E8006 Avoid using jsonpickle.decode()
C8007 Avoid debug statement in production code
C8008 Avoid assert statements in production code
R8009 Use of builtin open for writing is discouraged in favor of os.open to allow for setting file permissions
E8010 Avoid using os.popen() as it internally uses

 

 

 

To finish reading, please visit source site