Re: static analysis and other tools for checking Python code

2016-03-06 Thread Paul Wise
On Sat, Mar 5, 2016 at 10:03 PM, Nicolas Chauvat wrote: > Would "pylint -E *.py" do what you want? That is essentially what the added check does now. > Or maybe use find with 'file' as a filter? MIME support is in progress in c-a-t-t. -- bye, pabs https://wiki.debian.org/PaulWise

Re: static analysis and other tools for checking Python code

2016-03-05 Thread Nicolas Chauvat
On Sat, Mar 05, 2016 at 11:16:28AM +0800, Paul Wise wrote: > On Fri, Mar 4, 2016 at 11:11 PM, Nicolas Chauvat wrote: > > > It does recursively scan for Python files: > > That doesn't pick up Python scripts that don't have .py in their name. I had not noticed that. > I couldn't get it to work

Re: static analysis and other tools for checking Python code

2016-03-04 Thread Paul Wise
On Fri, Mar 4, 2016 at 11:11 PM, Nicolas Chauvat wrote: > It does recursively scan for Python files: That doesn't pick up Python scripts that don't have .py in their name. I couldn't get it to work with files in the current directory: $ touch __init__.py $ echo 'a = b+1' > bar.py $ pylint -E .

Re: static analysis and other tools for checking Python code

2016-03-04 Thread Paul Wise
On Fri, Mar 4, 2016 at 10:14 PM, Daniel Stender wrote: > BTW there's also Prospector which provides a uniform interface to many > individual linters: > https://packages.qa.debian.org/p/prospector.html Already on the TODO list:

Re: static analysis and other tools for checking Python code

2016-03-04 Thread Nicolas Chauvat
On Fri, Mar 04, 2016 at 09:33:17PM +0800, Paul Wise wrote: > Do you know if pylint can recursively scan for Python files rather > than being passed the names of Python files? It does recursively scan for Python files: $ tree bar/ bar/ ├── baz │   ├── gloo.py │   └── __init__.py ├── foo.py └──

Re: static analysis and other tools for checking Python code

2016-03-04 Thread Daniel Stender
On 03.03.2016 01:38, Paul Wise wrote: > On Thu, Mar 3, 2016 at 7:52 AM, Jeremy Stanley wrote: >> ... > > All of flake8, hacking, bandit, pep257, clonedigger and more are on > the TODO list: > > https://anonscm.debian.org/cgit/collab-maint/check-all-the-things.git/tree/data/python > > FYI pep257

Re: static analysis and other tools for checking Python code

2016-03-04 Thread Paul Wise
On Fri, Mar 4, 2016 at 5:24 PM, Nicolas Chauvat wrote: > I hope this helps making clearer what pylint can be used for. I had a > look at the README and I suppose the intro section at the top could > state the above goal with more clarity. It does, thanks. Do you know if pylint can recursively

Re: static analysis and other tools for checking Python code

2016-03-04 Thread Nicolas Chauvat
Hi, On Fri, Mar 04, 2016 at 01:03:17PM +0800, Paul Wise wrote: > > That would be https://pypi.python.org/pypi/PyChecker > > > > Pylint has never run code from the source tree. > > I wonder where I got that impression from. > > What about from the module it is checking? > > > "pylint " should

Re: static analysis and other tools for checking Python code

2016-03-03 Thread Paul Wise
On Thu, 2016-03-03 at 12:52 +0100, Nicolas Chauvat wrote: > That would be https://pypi.python.org/pypi/PyChecker > > Pylint has never run code from the source tree. I wonder where I got that impression from. What about from the module it is checking? > "pylint " should work fine.

Re: static analysis and other tools for checking Python code

2016-03-03 Thread Nicolas Chauvat
/Disclaimer: I started pylint with Sylvain Thénault back in 2001, but the project has had new maintainers for a few years./ On Thu, Mar 03, 2016 at 08:06:52AM +0800, Paul Wise wrote: > On Wed, Mar 2, 2016 at 9:23 PM, Nicolas Chauvat wrote: > > > Maybe add pylint? > > As I understand it: > >

Re: static analysis and other tools for checking Python code

2016-03-02 Thread Jeremy Stanley
On 2016-03-03 08:38:40 +0800 (+0800), Paul Wise wrote: [...] > FYI pep257 is definitely packaged: > > https://packages.debian.org/search?keywords=pep257 [...] Whoops! Thanks--I almost certainly fat-fingered my package search on that one. -- Jeremy Stanley

Re: static analysis and other tools for checking Python code

2016-03-02 Thread Paul Wise
On Thu, Mar 3, 2016 at 7:52 AM, Jeremy Stanley wrote: > ... All of flake8, hacking, bandit, pep257, clonedigger and more are on the TODO list: https://anonscm.debian.org/cgit/collab-maint/check-all-the-things.git/tree/data/python FYI pep257 is definitely packaged:

Re: static analysis and other tools for checking Python code

2016-03-02 Thread Jeremy Stanley
On 2016-03-02 11:22:52 +0800 (+0800), Paul Wise wrote: [...] > One of the things it has checks for is Python. So far it runs pyflakes > and pep8 and a few hacky greps for some things that shouldn't be done > in Python in my experience. [...] The "flake8" framework basically incorporates the

Re: static analysis and other tools for checking Python code

2016-03-02 Thread Paul R. Tagliamonte
flake8 has the most mindshare these days :) On Mar 2, 2016 7:07 PM, "Paul Wise" wrote: > On Wed, Mar 2, 2016 at 9:23 PM, Nicolas Chauvat wrote: > > > Maybe add pylint? > > As I understand it: > > pylint runs code from the source tree so it isn't suitable for running > by default

Re: static analysis and other tools for checking Python code

2016-03-02 Thread Paul Wise
On Wed, Mar 2, 2016 at 9:23 PM, Nicolas Chauvat wrote: > Maybe add pylint? As I understand it: pylint runs code from the source tree so it isn't suitable for running by default as that could be a security issue for people reviewing potentially untrusted code. pylint isn't able to be run

Re: static analysis and other tools for checking Python code

2016-03-02 Thread Nicolas Chauvat
Hi, On Wed, Mar 02, 2016 at 11:22:52AM +0800, Paul Wise wrote: > One of the things it has checks for is Python. So far it runs pyflakes > and pep8 Maybe add pylint? -- Nicolas Chauvat logilab.fr - services en informatique scientifique et gestion de connaissances

Re: static analysis and other tools for checking Python code

2016-03-01 Thread Paul Wise
On Wed, Mar 2, 2016 at 12:38 PM, Scott Kitterman wrote: > It's probably worth looking at [1] to see if there's anything worth salvaging > for what you're doing. ... > [1] http://snapshot.debian.org/package/lintian4python/0.28.4/ If someone were to revive upstream development of lintian4python

Re: static analysis and other tools for checking Python code

2016-03-01 Thread Scott Kitterman
On Wednesday, March 02, 2016 11:22:52 AM Paul Wise wrote: > Hi all, > > Some of you may have noticed I'm working on a tool called > check-all-the-things that does what it says on the tin. > > https://anonscm.debian.org/cgit/collab-maint/check-all-the-things.git >

static analysis and other tools for checking Python code

2016-03-01 Thread Paul Wise
Hi all, Some of you may have noticed I'm working on a tool called check-all-the-things that does what it says on the tin. https://anonscm.debian.org/cgit/collab-maint/check-all-the-things.git https://anonscm.debian.org/cgit/collab-maint/check-all-the-things.git/tree/doc/README One of the things