Tooling for Static Analysis of Python Programs

serge sans_paille

Compiler and Interpreters

See in schedule

In spite of the dynamic nature of their favorite language, some Python developer have a huge desire to statically analyse it. This can indeed be useful for linters, type inference, auto-completion and all the tooling some developers expect from modern IDE.
We all know that lazy binding prevents even the simplest function call or attribute lookup to be reliably analyzed. Yet we try. And Python as this fabulous ``ast`` module, saving us from writing a parser! Isn't that a strong incentive to do static analysis?

This talk presents two modules developers can build upon to build such analyzers:

- gast, a generalization of the Python AST that provides a common API for all the variant of the Python AST, from python 2.7 to Python 3.8
- beniget, an analyzer of the Python AST (built upon gast) that provides a useful and well-known abstraction to understand programs: use-def chains

Built upon these two modules, memestra is a static analyzer of deprecated function calls, developed in partnership with QuantStack. A tool which, given a module, reports any use of deprecated APIs. Let's explore how such a module can be built and unveil the mysteries of static analysis.

Type: Talk (30 mins); Python level: Intermediate; Domain level: Beginner


serge sans_paille

me = random.choices(["pythonist", "compiler developer", "wood worker", "wizard (of the coast)"])