mirror of
https://github.com/github/codeql.git
synced 2025-12-24 12:46:34 +01:00
41 lines
1.7 KiB
XML
41 lines
1.7 KiB
XML
<!DOCTYPE qhelp PUBLIC
|
|
"-//Semmle//qhelp//EN"
|
|
"qhelp.dtd">
|
|
<qhelp>
|
|
|
|
<overview>
|
|
<p> Syntax errors prevent a module being evaluated and thus imported.
|
|
An attempt to import a module with invalid syntax will fail; a <code>SyntaxError</code> will be raised.</p>
|
|
|
|
<p> A common cause of syntax errors is the difference in syntax between Python 2
|
|
and Python 3. In particular, a syntax error may be alerted if a Python 3 file is
|
|
assumed to be compatible with Python 2 (or vice versa). Explicitly specifying
|
|
the expected Python version can help prevent this.
|
|
</p>
|
|
|
|
<p>The existence of a syntax error in a module may suggest other problems as well.
|
|
Either the module is never imported in practice and could be deleted or a
|
|
<code>try</code> statement around the import is mistakenly discarding the <code>SyntaxError</code>.
|
|
</p>
|
|
|
|
|
|
</overview>
|
|
<recommendation>
|
|
<p>Fixing the syntax error is the obvious fix.
|
|
However, it is worth investigating why a module containing a syntax error
|
|
was able to persist and address that problem as well.
|
|
</p>
|
|
<p>If you suspect that the syntax error is caused by the analysis using the
|
|
wrong version of Python, consider specifying the version explicitly. When
|
|
you run code scanning using the CodeQL action, you can configure the Python
|
|
version to use. For more information, see
|
|
<a href="https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#analyzing-python-dependencies">Analyzing Python dependencies</a>.
|
|
</p>
|
|
</recommendation>
|
|
<references>
|
|
|
|
<li>Python Tutorial: <a href="http://docs.python.org/tutorial/errors.html#syntax-errors">SyntaxErrors.</a></li>
|
|
|
|
</references>
|
|
</qhelp>
|