rspec/rules/S2486/python/rule.adoc

== Why is this an issue?

include::../description.adoc[]

=== Noncompliant code example

[source,python]
----
# pass
try:
    # ...
except:
    pass # Noncompliant

# continue
for i in tab:
    try:
         # ...
    except:
        continue # Noncompliant
----

=== Compliant solution

[source,python]
----
def can_raise_exception():
    try:
        # ...
    except:
        raise # Compliant
----

[source,python]
----
try:
    # ...
except:
    # comment explaining why taking no action is appropriate; Compliant
----

[source,python]
----
try:
    # ...
except:
     logging.error('...')
     pass  # Compliant
----

include::../see.adoc[]

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

=== Message

Handle this exception or don't catch it at all.


'''
== Comments And Links
(visible only on this page)

=== on 28 Jan 2020, 18:01:07 Nicolas Harraudeau wrote:
\[~pierre-loup.tristant] I don't think that we can apply this rule for Python as it is specified. Contrary to other languages, python follows the EAFP (easier to ask for forgiveness than permission) coding style. This means that trying an operation and catching exceptions is preferred to checking beforehand that an operation is possible. Thus we would probably raise a lot of issues.


Example of good practice https://docs.quantifiedcode.com/python-anti-patterns/readability/asking_for_permission_instead_of_forgiveness_when_working_with_files.html#best-practice[from QuantifiedCode]:

----
import os

try:
    os.unlink("file.txt")
# raised when file does not exist
except OSError:
    pass
----

=== on 29 Jan 2020, 11:15:47 Nicolas Harraudeau wrote:
I think we could improve this rule by focusing on specific security exceptions. Example: Django's https://docs.djangoproject.com/en/3.0/ref/exceptions/#permissiondenied[``++PermissionDenied++``] exception, but this might be a Security Hotspot instead.

include::../comments-and-links.adoc[]

endif::env-github,rspecator-view[]