diff options
author | Daniƫl van Noord <13665637+DanielNoord@users.noreply.github.com> | 2022-09-22 13:54:57 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-22 13:54:57 +0200 |
commit | ea86fcf71af6f2e39ce1fdcab5f8bf05b4d32082 (patch) | |
tree | f6994bfa098c003121d2651d11b9a729d122ecfd | |
parent | 30947ad2c61220bb05f4ed39e7f5e5bbe2330341 (diff) | |
download | pylint-git-ea86fcf71af6f2e39ce1fdcab5f8bf05b4d32082.tar.gz |
A collection of documentation updates (#7512)
* Update ``exec--used`` documentation
Closes https://github.com/PyCQA/pylint/issues/7039
* Be more explicit about third party plugins
Closes https://github.com/PyCQA/pylint/issues/6900
* Document behaviour of config file generators
Refs. https://github.com/PyCQA/pylint/issues/7478
Co-authored-by: Mark Byrne <31762852+mbyrnepr2@users.noreply.github.com>
Co-authored-by: Pierre Sassoulas <pierre.sassoulas@gmail.com>
-rw-r--r-- | README.rst | 15 | ||||
-rw-r--r-- | doc/data/messages/e/exec-used/details.rst | 11 | ||||
-rw-r--r-- | doc/development_guide/how_tos/plugins.rst | 2 | ||||
-rw-r--r-- | doc/user_guide/configuration/index.rst | 9 |
4 files changed, 32 insertions, 5 deletions
diff --git a/README.rst b/README.rst index e6e20b43e..3d99a0965 100644 --- a/README.rst +++ b/README.rst @@ -59,10 +59,19 @@ will know that ``argparse.error(...)`` is in fact a logging call and not an argp .. _`code smells`: https://martinfowler.com/bliki/CodeSmell.html Pylint is highly configurable and permits to write plugins in order to add your -own checks (for example, for internal libraries or an internal rule). Pylint has an -ecosystem of existing plugins for popular frameworks such as `pylint-django`_ or -`pylint-sonarjson`_. +own checks (for example, for internal libraries or an internal rule). Pylint also has an +ecosystem of existing plugins for popular frameworks and third party libraries. +.. note:: + + Pylint supports the Python standard library out of the box. Third-party + libraries are not always supported, so a plugin might be needed. A good place + to start is ``PyPI`` which often returns a plugin by searching for + ``pylint <library>``. `pylint-pydantic`_, `pylint-django`_ and + `pylint-sonarjson`_ are examples of such plugins. More information about plugins + and how to load them can be found at :ref:`plugins <plugins>`. + +.. _`pylint-pydantic`: https://pypi.org/project/pylint-pydantic .. _`pylint-django`: https://github.com/PyCQA/pylint-django .. _`pylint-sonarjson`: https://github.com/omegacen/pylint-sonarjson diff --git a/doc/data/messages/e/exec-used/details.rst b/doc/data/messages/e/exec-used/details.rst index 2a61975f2..246857f32 100644 --- a/doc/data/messages/e/exec-used/details.rst +++ b/doc/data/messages/e/exec-used/details.rst @@ -1 +1,10 @@ -The available methods and variables used in ``exec()`` may introduce a security hole. You can restrict the use of these variables and methods by passing optional globals and locals parameters (dictionaries) to the ``exec()`` method. +The available methods and variables used in ``exec()`` may introduce a security hole. +You can restrict the use of these variables and methods by passing optional globals +and locals parameters (dictionaries) to the ``exec()`` method. + +However, use of ``exec`` is still insecure. For example, consider the following call +that writes a file to the user's system: + +.. code-block:: python + + exec("""\nwith open("file.txt", "w", encoding="utf-8") as file:\n file.write("# code as nefarious as imaginable")\n""") diff --git a/doc/development_guide/how_tos/plugins.rst b/doc/development_guide/how_tos/plugins.rst index bc2c0f14c..3940f2481 100644 --- a/doc/development_guide/how_tos/plugins.rst +++ b/doc/development_guide/how_tos/plugins.rst @@ -1,5 +1,7 @@ .. -*- coding: utf-8 -*- +.. _plugins: + How To Write a Pylint Plugin ============================ diff --git a/doc/user_guide/configuration/index.rst b/doc/user_guide/configuration/index.rst index d039b4445..ffe8c51a3 100644 --- a/doc/user_guide/configuration/index.rst +++ b/doc/user_guide/configuration/index.rst @@ -9,7 +9,7 @@ various projects and a lot of checks to activate if they suit your style. You can generate a sample configuration file with ``--generate-toml-config`` or ``--generate-rcfile``. Every option present on the command line before this -will be included in the file +will be included in the file. For example:: @@ -18,6 +18,13 @@ For example:: In practice, it is often better to create a minimal configuration file which only contains configuration overrides. For all other options, Pylint will use its default values. +.. note:: + + The internals that create the configuration files fall back to the default values if + no other value was given. This means that some values depend on the interpreter that + was used to generate the file. Most notably ``py-version`` which defaults to the + current interpreter. + .. toctree:: :maxdepth: 2 :titlesonly: |