Pyaphid
Description
Pyaphid is a static analysis tool for detecting unwanted function calls in Python code.
Installation and usage
Installation: pip install pyaphid
Usage: python -m pyaphid <files and/or directories to analyze> or pyaphid <files and/or directories to analyze>
Configuration
Forbidden function calls can be configured via the pyproject.toml:
[tool.pyaphid]
forbidden = [
"print", # forbid print(...)
"pdb.run", # forbid pdb.run(...)
"werkzeug.debug.*", # forbid werkzeug.debug.DebuggedApplication(...), werkzeug.debug.get_machine_id(...), ...
"datetime.datetime.now" # forbid datetime.now()
]With datetime.now for example you usually want to ignore one call to it for implementing a project-wide default function. You can use # pyaphid: ignore to ignore a line:
from dateutil.tz import tzlocal
from datetime import datetime
def get_now():
# allowed
return datetime.now(tzlocal()) # pyaphid: ignore
datetime.now() # forbiddenCLI Options
- -n / --names:
Look-up all func calls and print their identifier
As a pre-commit hook
- repo: https://github.com/jvllmr/pyaphid
rev: v0.3.1
hooks:
- id: pyaphidLimitations
# Pyaphid cannot work with star imports
from os.path import *
dirname(".") # undetected
# Pyaphid doesn't track assignments
my_print = print
my_print("Hello world") # undetected
![renovate[bot]](https://avatars.githubusercontent.com/u/29139614?size=120)
![dependabot[bot]](https://avatars.githubusercontent.com/u/49699333?size=120)
![pre-commit-ci[bot]](https://avatars.githubusercontent.com/u/66853113?size=120)