Python Code Analysis with Kiuwan

Published May 16, 2017

kiuwan teamWRITTEN BY THE KIUWAN TEAM
Experienced developers, cyber-security experts, ALM consultants, DevOps gurus and some other dangerous species.

Kiuwan’s latest release now includes coverage for Python.

Python was conceived in the late 1980s, and its implementation began in December 1989 by Guido van Rossum.

Van Rossum is Python’s principal author, and his continuing central role in deciding the direction of Python is reflected in the title given to him by the Python community, benevolent dictator for life (BDFL).

Python 2.0 was released on 16 October 2000 and had many major new features, including a cycle-detecting garbage collector and support for Unicode. With this release the development process was changed and became more transparent and community-backed.

Python 3.0 (which early in its development was commonly referred to as Python 3000 or py3k), a major, backwards-incompatible release, was released on 3 December 2008 after a long period of testing. Many of its major features have been backported to the backwards-compatible Python 2.6.x and 2.7.x version series.

Kiuwan Code Security and Kiuwan Insights now support over 50 rules for Python analysis, including, among others:

  • Avoid hardcoding IP addresses
  • Duplicated code
  • Avoid using default mutable parameters
  • Avoid using exec() function
  • Avoid assignments to True or False
  • Avoid chained comparisons containing equality operator
  • Avoid too complex functions
  • Open files using the with statement
  • Avoid using deprecated modules
  • _init_ method cannot be a generator

We are constantly improving our support and we will be adding more security features in the future!

Analyze your Python source code for security vulnerabilities today, with a free trial of Kiuwan Code Security or Kiuwan Insights.