CodeQL query help for Python¶
Visit the articles below to see the documentation for the queries included in the following query suites:
code-scanning
: queries run by default in CodeQL code scanning on GitHub.security-extended
: queries fromcode-scanning
, plus extra security queries with slightly lower precision and severity.security-and-quality
: queries fromcode-scanning
,security-extended
, plus extra maintainability and reliability queries.
For shorter queries that you can use as building blocks when writing your own queries, see the example queries in the CodeQL repository.
- ‘slots’ in old-style class
- ‘apply’ function used
- ‘import *’ may pollute namespace
- ‘input’ function used in Python 2
- ‘super’ in old style class
- Accepting unknown SSH host keys when using Paramiko
- An assert statement has a side-effect
- Asserting a tuple
- Backspace escape in regular expression
- Binding a socket to all network interfaces
- Clear-text logging of sensitive information
- Clear-text storage of sensitive information
- Code injection
- Comparison of constants
- Comparison of identical values
- Comparison using is when operands support eq
- Conflicting attributes in base classes
- Constant in conditional expression or statement
- Default version of SSL/TLS may be insecure
- Deprecated slice method
- Deserializing untrusted input
- Duplicate key in dict literal
- Duplication in regular expression character class
- Encoding error
- Except block handles ‘BaseException’
- Explicit export is not defined
- First argument to super() is not enclosing class
- First parameter of a method is not named ‘self’
- Flask app is run in debug mode
- Formatted object is not a mapping
- Formatting string mixes implicitly and explicitly numbered fields
- Illegal raise
- Implicit string concatenation in a list
- Import of deprecated module
- Imprecise assert
- Incomplete URL substring sanitization
- Incomplete ordering
- Incomplete regular expression for hostnames
- Inconsistent equality and hashing
- Inconsistent equality and inequality
- Inconsistent method resolution order
- Information exposure through an exception
- Insecure temporary file
- Iterable can be either a string or a sequence
- Iterator does not return self from iter method
- Lines of code in files
- Lines of commented-out code in files
- Lines of comments in files
- List comprehension variable used in enclosing scope
- Loop variable capture
- Maybe missing ‘self’ in comparison
- Membership test with a non-container
- Mismatch between signature and use of an overriding method
- Mismatch in multiple assignment
- Missing call to del during object destruction
- Missing call to init during object initialization
- Missing named arguments in formatting call
- Missing part of special group in regular expression
- Modification of dictionary returned by locals()
- Modification of parameter with default
- Module imports itself
- Module is imported more than once
- Module is imported with ‘import’ and ‘import from’
- Module-level cyclic import
- Multiple calls to del during object destruction
- Multiple calls to init during object initialization
- Mutation of descriptor in get or set method.
- Nested loops with same variable
- Nested loops with same variable reused after inner loop body
- Non-callable called
- Non-exception in ‘except’ clause
- Non-iterable used in for loop
- Non-standard exception raised in special method
- NotImplemented is not an Exception
- Number of tests
- Property in old-style class
- Raising a tuple
- Redundant assignment
- Redundant comparison
- Reflected server-side cross-site scripting
- Result of integer division may be truncated
- SQL query built from user-controlled sources
- Should use a ‘with’ statement
- Signature mismatch in overriding method
- Special method has incorrect signature
- Superclass attribute shadows subclass method
- Suspicious unused loop iteration variable
- Syntax error
- Testing equality to None
- Too few arguments in formatting call
- URL redirection from remote source
- Uncontrolled command line
- Uncontrolled data used in path expression
- Unguarded next in generator
- Unhashable object hashed
- Unmatchable caret in regular expression
- Unmatchable dollar in regular expression
- Unnecessary ‘else’ clause in loop
- Unnecessary delete statement in function
- Unnecessary pass
- Unreachable ‘except’ block
- Unreachable code
- Unsupported format character
- Unused argument in a formatting call
- Unused exception object
- Unused import
- Unused local variable
- Unused named argument in formatting call
- Use of ‘global’ at module level
- Use of a broken or weak cryptographic algorithm
- Use of exit() or quit()
- Use of insecure SSL/TLS version
- Use of the return value of a procedure
- Use of weak cryptographic key
- Variable defined multiple times
- Wrong name for an argument in a call
- Wrong name for an argument in a class instantiation
- Wrong number of arguments for format
- Wrong number of arguments in a call
- Wrong number of arguments in a class instantiation
- del is called explicitly
- eq not overridden when adding attributes
- init method calls overridden method
- init method is a generator
- init method returns a value
- iter method returns a non-iterator