Python language logo

Python static code analysis

  • Detect Bugs Bug
  • Detect Security Vulnerability Security Vulnerability
  • Detect Hotspots Security Hotspot
  • Detect Code Smell Code Smell
Get started for free

Fast, accurate analysis with minimal configuration and clear, helpful results.

Unique rules find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your Python code using

green check

Control-flow and data-flow analysis

green check

Cross-file analysis

green check

Type checking

Focus on the logic, not the tooling

We provide comprehensive static analysis for Python. We’ve made it our mission to root out false positives, and you can get started with zero configuration. That means taking control of your Code Quality and Security is effortless.

You get double arrow

A great experience
out of the box

Sophisticated rules to find
highly valuable issues

More reliable and
secure code

See the benefits for yourself!

  • 1:34min

    A sample of available Maintainability rules

  • 5:10min

    Reliability rules

  • 7:28min

    Security Vulnerability rules

  • 10:24min

    Security Hotspot rules

  • 13:32min

    Where analysis is available

  • 16:07min

    Demo

Security

Rooting out security problems is important to you, your users, and your reputation. We give developers the tools to find, understand and fix security issues.

Security shield
Security

Hotspots chevron Code review

Security Hotspots highlight sensitive pieces of code that require human review to determine whether they represent real vulnerabilities.

We offer Security Hotspot detection for seven of the OWASP Top 10 categories:

green check

A1 Injection

green check

A2 Broken Authentication

green check

A3 Sensitive Data Exposure

green check

A5 Broken Access Control

green check

A6 Security Misconfiguration

green check

A7 Cross-Site Scripting (XSS)

green check

A10 Insufficient Logging & Monitoring

Security lock
Security

Vulnerabilities chevron Code change/fix

Security Vulnerabilities require immediate action. SonarQube provides detailed issue descriptions and code highlights that explain why your code is at risk.

We cover nine of the OWASP Top 10 categories:


green check

A1 Injection

green check

A2 Broken Authentication

green check

A3 Sensitive Data Exposure

green check

A4 XML External Entities (XXE)

green check

A5 Broken Access Control

green check

A6 Security Misconfiguration

green check

A7 Cross-Site Scripting (XSS)

green check

A8 Insecure Deserialization

green check

A9 Components with Known Vulnerabilities

We support

SonarQube analysis integrates seamlessly into your environment.

Your frameworks
green check

Flask, Django,

green check

Jinja2, DTL

Your language version
green check

Python 2.7-3.9

Your ORM
green check

Django ORM, Flask-SQLAlchemy

Your needs
green check

Flake8 imports

green check

Custom rules

Get started analyzing your Python projects today!

Get started for free
All the languages in your project

Most modern projects are multi-language. Our static analysis is too! That means you get a consolidated, consistently great experience across the board, no matter how many of our 27 languages you use.

Java language logo
C# language logo
C language logo
C++ language logo
JavaScript language logo
TypeScript language
Python language logo
Go language logo
Swift language logo
Cobol language
Apex language logo
PHP language logo
Kotlin language logo
Ruby language logo
Scala language logo
HTML language logo
CSS language logo
ABAP language
Flex language logo
PL/I language
PL/SQL language
RPG language
T-SQL language
VB.NET language logo
VB6 language
XML language

Product announcements delivered directly to your inbox!

We will never share your email address or spam you

A SonarSource™ Product

Get Started

Features

Get Involved

About SonarQube

© 2008-2019, SonarSource S.A, Switzerland. All content is copyright protected. SONARQUBE and SONARSOURCE are trademarks of SonarSource SA.

All other trademarks and copyrights are the property of their respective owners. All rights are expressly reserved.

Privacy Policy | Distributed under LGPL v3