Home Developer Python Static Analysis Tools Review

Python Static Analysis Tools Review




Click here to access the updated version of “Which Python Static Analysis Tools Should I Use?”

Here are what we consider the best Python Static Analysis tools:

1: Pylint


Pylint is by far the best tool. Not that the others on the list aren’t worth your time, because they are, but Pylint’s range of features and the fact that it is highly active and maintained make it the absolute must have tool for the job.

It supports a number of features, from coding standards to error detection, and it also helps with refactoring (by detecting duplicated code).

Pylint is overly pedantic out of the box and benefits from a minimal effort of configuration, but it is fully customizable through a pylintrc file where you select which errors or conventions are relevant to you.

Running Pylint on a piece of code will result in something like this (which will be followed by some statistics):

$ pylint cards.py
************* Module python_cards.cards
W:  4, 0: Found indentation with tabs instead of spaces (mixed-indentation) 
C:  1, 0: Missing module docstring (missing-docstring)
C:  3, 0: Missing class docstring (missing-docstring)
C:  3, 0: Old-style class defined. (old-style-class)
R:  3, 0: Too few public methods (0/2) (too-few-public-methods)
W:  9,20: Redefining built-in 'list' (redefined-builtin)

Most messages will be self-explanatory.

The first letter in each line will map to Convention, Refactor, Warning, or Error.

Regarding coding style, Pylint follows the PEP8 style guide.

Pylint ships with Pyreverse, with which it creates UML diagrams for your code.

You can automate Pylint with Apycot, Hudson or Jenkins; it also integrates with several editors.

You can also write small plugins to add personal features.

The support for Pylint is very broad.

Pylint is also the oldest tool in this list: it’ll turn 13 years old this year.

2: pyflakes

Another similar tool, pyflakes’ approach is to try very hard not to emit false positives. This, of course, brings its own advantages and disadvantages.

pyflakes only examines the syntax tree of each file individually; that, combined with a limited set of errors, makes it faster than Pylint. On the other hand, pyflakes is more limited in terms of the things it can check.

There’s a very good reason for this, however. In the context of its creation, the author was working in an environment where all the developers had “years of experience and not a single intern in sight.” He also adds that the code quality was “very high”, meaning that the tool he created only had to catch minor issues.

While pyflakes doesn’t do any stylistic checks, there is another tool that combines pyflakes with style checks against PEP8: Flake8. Flake8, aside from combining pyflakes and pep8, also adds per-project configuration ability.

3: Mypy

Mypy is a static type checker for Python.

The requirement here is that your code is annotated, using Python 3 function annotation syntax (PEP 484 notation). Then, mypy can type check your code and find common bugs. You can find some examples here.

def fib(n: int) -> Iterator[int]:
    a, b = 0, 1
    while a < n:
        yield a
        a, b = b, a+b

The goal is to combine the benefits of dynamic typing and static typing.

While mypy is still in development, it already supports a significant subset of Python features.

Mypy’s type checking is done in compile-time.

Type declarations act as machine-checked documentation and static typing makes your code easier to understand and easier to modify without introducing bugs.

You can find the documentation here. There’s also a list of planned features.

It should be noted that mypy currently supports Python 3 syntax and that Python 2 support is still in early stages of development.

Also, and unfortunately, Mypy is still considered experimental, meaning that future changes may break backward compatibility.

Which one should I use?

It really depends on the scenario, as they all have stronger and weaker points.

Pylint is currently the strongest tool, but both pyflakes and mypy have interesting features that warrant some investigation.

If you’re looking for a simple and time-saving way to integrate Pylint you should also check Codacy. With Codacy you can easily point to your git repository and get additional reports and deltas per commit.


There are also other Python static analysis tools worth mentioning, such as PySonar2 (a type inferences and indexer), AutoPep8 (which automatically fixes Pep8)

Don’t forget to check the Code Quality mailing list, which currently serves for pep8, pyflakes, mccabe and flake8 and pylint.

Check out this page for reviews on static analysis tools in different coding languages.

Edit: We just published an ebook: “The Ultimate Guide to Code Review” based on a survey of 680+ developers. Enjoy!

About Codacy

Codacy is used by thousands of developers to analyze billions of lines of code every day!

Getting started is easy – and free! Just use your  GitHub, Bitbucket or Google account to sign up.



Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

Recent posts

Becoming a Code Review Master

On September 20th, we did a webinar called Becoming a Code Review Master. Guest speaker Curtis Einsmann, former AWS engineer and...

Announcing our Series B

Hi there.  Today we’re glad to announce that we raised our Series B of $15M led by...

How to tackle technical debt (for teams using Scrum)

Technical debt happens in all software projects, regardless of the programming languages, frameworks, or project methodologies used. It is a common...

Who should care about code coverage

Code coverage tells us what percentage of our code is covered by tests. There are different code coverage types, and a...

9 challenges of managing PRs and how to solve them

Developers have been using Pull Requests to review code on branches before it reaches master for a very long time. However,...