16f6c0aecf
Inline adoc files when they are included exactly once. Also fix language tags because this inlining gives us better information on what language the code is written in.
90 lines
2.0 KiB
Plaintext
90 lines
2.0 KiB
Plaintext
== Why is this an issue?
|
|
|
|
include::../description.adoc[]
|
|
|
|
=== Noncompliant code example
|
|
|
|
[source,python]
|
|
----
|
|
# pass
|
|
try:
|
|
# ...
|
|
except:
|
|
pass # Noncompliant
|
|
|
|
# continue
|
|
for i in tab:
|
|
try:
|
|
# ...
|
|
except:
|
|
continue # Noncompliant
|
|
----
|
|
|
|
=== Compliant solution
|
|
|
|
[source,python]
|
|
----
|
|
def can_raise_exception():
|
|
try:
|
|
# ...
|
|
except:
|
|
raise # Compliant
|
|
----
|
|
|
|
[source,python]
|
|
----
|
|
try:
|
|
# ...
|
|
except:
|
|
# comment explaining why taking no action is appropriate; Compliant
|
|
----
|
|
|
|
[source,python]
|
|
----
|
|
try:
|
|
# ...
|
|
except:
|
|
logging.error('...')
|
|
pass # Compliant
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
=== Message
|
|
|
|
Handle this exception or don't catch it at all.
|
|
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
=== on 28 Jan 2020, 18:01:07 Nicolas Harraudeau wrote:
|
|
\[~pierre-loup.tristant] I don't think that we can apply this rule for Python as it is specified. Contrary to other languages, python follows the EAFP (easier to ask for forgiveness than permission) coding style. This means that trying an operation and catching exceptions is preferred to checking beforehand that an operation is possible. Thus we would probably raise a lot of issues.
|
|
|
|
|
|
Example of good practice https://docs.quantifiedcode.com/python-anti-patterns/readability/asking_for_permission_instead_of_forgiveness_when_working_with_files.html#best-practice[from QuantifiedCode]:
|
|
|
|
----
|
|
import os
|
|
|
|
try:
|
|
os.unlink("file.txt")
|
|
# raised when file does not exist
|
|
except OSError:
|
|
pass
|
|
----
|
|
|
|
=== on 29 Jan 2020, 11:15:47 Nicolas Harraudeau wrote:
|
|
I think we could improve this rule by focusing on specific security exceptions. Example: Django's https://docs.djangoproject.com/en/3.0/ref/exceptions/#permissiondenied[``++PermissionDenied++``] exception, but this might be a Security Hotspot instead.
|
|
|
|
include::../comments-and-links.adoc[]
|
|
|
|
endif::env-github,rspecator-view[]
|