What's New
29 new rules across 8 popular Python libraries — patterns that no existing linter (including Ruff) detects:
New Rule Sets
| Library | Rules | Highlights |
|---|---|---|
| Pydantic | 6 | V1/V2 API mixing, Optional without default, validator missing return |
| SQLAlchemy | 4 | SQL injection in execute()/text(), is None in .filter(), mutable Column defaults |
| Celery | 4 | Missing bind=True, self.retry() without exc=, broad autoretry |
| requests/httpx | 3 | Missing timeout, no status check, verify=False |
| logging | 3 | f-string in logging, root logger, error without exc_info |
| pandas | 3 | Chained indexing, inplace=True assignment, NaN comparison |
| pytest | 3 | assert(x, msg) tuple bug, try/except instead of pytest.raises, float equality |
| numpy | 3 | Array equality in boolean context, builtins on array, NaN in int array |
Other Improvements
- Multi-framework detection: Projects using FastAPI + Pydantic + SQLAlchemy get all rules activated automatically
- Circular import fix: No longer flags lazy imports inside functions or
TYPE_CHECKINGblocks - Dead code detection: Ignore dirs synced with file discovery (
.venv,node_modules, etc.) - 60 new tests, all passing on Python 3.10–3.13
- Self-check: 100/100
Install / Upgrade
uvx pycodegate .
# or
pip install --upgrade pycodegate