All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.sonar.l10n.py.rules.python.ExecStatementUsage.html Maven / Gradle / Ivy

There is a newer version: 4.23.0.17664
Show newest version

This rule raises an issue when the exec statement is used.

Why is this an issue?

Use of the exec statement could be dangerous, and should be avoided. Moreover, the exec statement was removed in Python 3.0. Instead, the built-in exec() function can be used.

Use of the exec statement is strongly discouraged for several reasons such as:

  • Security Risks: Executing code from a string opens up the possibility of code injection attacks.
  • Readability and Maintainability: Code executed with exec statement is often harder to read and understand since it is not explicitly written in the source code.
  • Performance Implications: The use of exec statement can have performance implications since the code is compiled and executed at runtime.
  • Limited Static Analysis: Since the code executed with exec statement is only known at runtime, static code analysis tools may not be able to catch certain errors or issues, leading to potential bugs.

Code examples

Noncompliant code example

exec 'print 1' # Noncompliant

Compliant solution

exec('print 1')




© 2015 - 2024 Weber Informatics LLC | Privacy Policy