https://github.com/jvllmr/pyaphid

Find unwanted function calls in your python projects
https://github.com/jvllmr/pyaphid

pre-commit-hook static-analysis

Last synced: 5 months ago
JSON representation

Find unwanted function calls in your python projects

• Host: GitHub
• URL: https://github.com/jvllmr/pyaphid
• Owner: jvllmr
• License: mit
• Archived: true
• Created: 2022-08-29T18:13:16.000Z (almost 4 years ago)
• Default Branch: master
• Last Pushed: 2024-04-26T21:17:24.000Z (about 2 years ago)
• Last Synced: 2025-09-07T01:30:12.155Z (9 months ago)
• Topics: pre-commit-hook, static-analysis
• Language: Python
• Homepage:
• Size: 141 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 11
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Pyaphid

[![PyPI version](https://badge.fury.io/py/pyaphid.svg)](https://badge.fury.io/py/pyaphid)

[![GitHub license](https://img.shields.io/github/license/jvllmr/pyaphid)](https://github.com/jvllmr/pyaphid/blob/master/LICENSE)

[![GitHub issues](https://img.shields.io/github/issues/jvllmr/pyaphid)](https://github.com/jvllmr/pyaphid/issues)

![PyPI - Downloads](https://img.shields.io/pypi/dd/pyaphid)

![Tests](https://github.com/jvllmr/pyaphid/actions/workflows/main.yml/badge.svg)

![Codecov](https://img.shields.io/codecov/c/github/jvllmr/pyaphid?style=plastic)

## Description

Pyaphid is a static analysis tool for detecting unwanted function calls in Python code.

## Installation and usage

Installation: `pip install pyaphid`

Usage: `python -m pyaphid ` or `pyaphid `

### Configuration

Forbidden function calls can be configured via the `pyproject.toml`:

```toml

[tool.pyaphid]

forbidden = [

    "print", # forbid print(...)

    "pdb.run", # forbid pdb.run(...)

    "werkzeug.debug.*", # forbid werkzeug.debug.DebuggedApplication(...), werkzeug.debug.get_machine_id(...), ...

    "datetime.datetime.now" # forbid datetime.now()

]

```

With datetime.now for example you usually want to ignore one call to it for implementing a project-wide default function. You can use `# pyaphid: ignore` to ignore a line:

```python

from dateutil.tz import tzlocal

from datetime import datetime

def get_now():

  # allowed

  return datetime.now(tzlocal()) # pyaphid: ignore

datetime.now() # forbidden

```

### CLI Options

- -n / --names: `Look-up all func calls and print their identifier`

## As a pre-commit hook

```yaml

- repo: https://github.com/jvllmr/pyaphid

  rev: v0.3.1

  hooks:

    - id: pyaphid

```

## Limitations

```python

# Pyaphid cannot work with star imports

from os.path import *

dirname(".") # undetected

# Pyaphid doesn't track assignments

my_print = print

my_print("Hello world") # undetected

```