-
Notifications
You must be signed in to change notification settings - Fork 1.9k
Expand file tree
/
Copy pathUnintentionalImport.ql
More file actions
35 lines (31 loc) · 1.08 KB
/
UnintentionalImport.ql
File metadata and controls
35 lines (31 loc) · 1.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
/**
* @name 'import *' may pollute namespace
* @description Importing a module using 'import *' may unintentionally pollute the global
* namespace if the module does not define `__all__`
* @kind problem
* @tags quality
* maintainability
* readability
* @problem.severity recommendation
* @sub-severity high
* @precision very-high
* @id py/polluting-import
*/
import python
private import LegacyPointsTo
private import semmle.python.types.ImportTime
predicate import_star(ImportStar imp, ModuleValue exporter) {
exporter.importedAs(imp.getImportedModuleName())
}
predicate all_defined(ModuleValue exporter) {
exporter.isBuiltin()
or
exporter.getScope().(ImportTimeScope).definesName("__all__")
or
exporter.getScope().getInitModule().(ImportTimeScope).definesName("__all__")
}
from ImportStar imp, ModuleValue exporter
where import_star(imp, exporter) and not all_defined(exporter) and not exporter.isAbsent()
select imp,
"Import pollutes the enclosing namespace, as the imported module $@ does not define '__all__'.",
exporter, exporter.getName()