45 lines
1.3 KiB
Markdown
45 lines
1.3 KiB
Markdown
### Python Best Practices
|
|
|
|
#### Code Style
|
|
- Follow PEP 8 style guide
|
|
- Use type hints for function signatures
|
|
- Use `black` for formatting, `ruff` or `flake8` for linting
|
|
- Prefer `pathlib.Path` over `os.path` for path operations
|
|
- Use context managers (`with`) for file operations
|
|
|
|
#### Error Handling
|
|
```python
|
|
# GOOD: Specific exceptions with context
|
|
def read_config(path: Path) -> dict:
|
|
try:
|
|
with open(path, 'r', encoding='utf-8') as f:
|
|
return json.load(f)
|
|
except FileNotFoundError:
|
|
raise ConfigError(f"Config file not found: {path}")
|
|
except json.JSONDecodeError as e:
|
|
raise ConfigError(f"Invalid JSON in {path}: {e}")
|
|
|
|
# BAD: Bare except or swallowing errors
|
|
def read_config(path):
|
|
try:
|
|
return json.load(open(path))
|
|
except: # Don't do this
|
|
return {}
|
|
```
|
|
|
|
#### Security
|
|
- Never use `eval()` or `exec()` on user input
|
|
- Use `subprocess.run()` with explicit args, never `shell=True` with user input
|
|
- Use parameterized queries for SQL (never f-strings)
|
|
- Validate and sanitize all external input
|
|
|
|
#### Dependencies
|
|
- Pin dependency versions in `requirements.txt`
|
|
- Use virtual environments (`venv` or `poetry`)
|
|
- Run `pip-audit` to check for vulnerabilities
|
|
|
|
#### Testing
|
|
- Use `pytest` for testing
|
|
- Aim for high coverage with `pytest-cov`
|
|
- Mock external dependencies with `unittest.mock`
|