minor code smells in static code analysis
zacharyburnett opened this issue · 4 comments
when running SonarQube scanning on asdf in the bench repository, it found some minor code smells:
duplicates in regex character class
asdf/asdf/_jsonschema/tests/_suite.py
Line 176 in ecb4d4f
variable name shadows builtin
https://plsonarqube.stsci.edu/project/issues?tags=pitfall&branch=sonarscan&id=spacetelescope-bench
asdf/asdf/_jsonschema/_legacy_validators.py
Line 138 in ecb4d4f
asdf/asdf/_jsonschema/_legacy_validators.py
Line 154 in ecb4d4f
Line 284 in ecb4d4f
Line 101 in ecb4d4f
Line 265 in ecb4d4f
Line 888 in ecb4d4f
Line 897 in ecb4d4f
Line 902 in ecb4d4f
Do these cause any issue for the benchmarking?
Looking over the "smells" I see:
- several in the copied/vendorized jsonschema
- uses of the word 'buffer'. I guess this is too generic of a word for sonarqubes liking?
Do these cause any issue for the benchmarking?
Looking over the "smells" I see:
- several in the copied/vendorized jsonschema
- uses of the word 'buffer'. I guess this is too generic of a word for sonarqubes liking?
There weren't any issues with benchmarking; it had a bunch of even more minor (minor-er?) suggestions that I ignored, but in this case it said cmp, type, and buffer are apparently already built-in functions / object names, so that might cause insidious errors
If these aren't an issue for the benchmarking I'm inclined to leave the code as-is. The cmp and type uses are within the vendorized jsonschema which will hopefully be replaced with a dependency if jsonschema re-adds the features required by asdf.
As far as I'm aware,buffer is a builtin only in python 2, perhaps sonarqube isn't scanning for only python 3 issues?
ok, sounds good to me then! I'll mark the issues as "ignore" in sonarqube