Skip to content

Static Code Analysis For Python


Today, we write  a lot of code and many people is working in the same project that you are, that makes difficult to ensure the quality of the code. That is when static code analysis, also called linting  appears, finding failures and security vulnerabilities.

Static code analysis checks your program without running it. Isn’t  it nice while you are coding that the Linter warn you what are you doing wrong?. Finding bugs in an early state will increase  success in your program. It doesn’t mean that the Linter will tell us if the program is correct, also it will not ensure high program quality.

The first static code analysis was Lint in 1970, a tool to examine C source programs that had compiled without errors and to find bugs that had escaped detection.Then other languages have release their own Linters,  and so they were increasing until today becoming so popular nowadays with many tools for different languages.

Benefits of using a Linting:

  • Clean code: read the code would be easier.
  • Find Syntax errors: don’t miss a semicolon anymore
  • Provide style guide to follow
  • Get notified instantly of every mistake
  • Save Time

There are many Linters for Every language, those tools have different  focuses, some of them are specialist in finding security vulnerabilities and specifics types of errors, other works finding style guide issues and code quality improvements.  for instance, Python have the followings:

  • PyLint
  • Pep8
  • Flake8
  • MyPy
  • Pylama
  • Bandit
  • Coala

The python linters are based in PEP 8 (Python Enhancement Proposals) documentation, specifically about Style guide for python.

Let’s see some code type errors that could appear:


In the following image we have an example using Pylint, which it inform us that  parenthesis is need it for print function.

WhiteSpace ( type 200):

We should end every file with a line.

Blank Lines (type 302):

We must have 2 blank lines before class statement

Imports (Type 400):

Import should be on separates lines

Syntax Error (type 900):

If We have Indentation errors our code won’t run, It is very important to correct this type of error.

Reduce bugs and errors are one of the biggest priorities when you are a developer, you should ensure your code will no fault. Writing test is one way to avoid it and static code analysis helps you to achieve it too.