Skip to content
unfault

Python Rules

Unfault includes 60 rules for Python, covering core language patterns and popular frameworks like FastAPI, Django, Flask, SQLAlchemy, Redis, and Pydantic.

Core Rules (32 rules)

Section titled “Core Rules (32 rules)”
RuleDimensionSeverity
sql_injectionSecurityCritical
bare_exceptCorrectnessMedium
unbounded_retryStabilityHigh
naive_datetimeCorrectnessMedium
global_mutable_stateCorrectnessHigh
unbounded_cacheScalabilityMedium
unbounded_concurrencyScalabilityHigh
cpu_in_event_loopPerformanceMedium
n_plus_one_queriesPerformanceHigh
async_task_no_error_handlingStabilityMedium
missing_structured_loggingObservabilityLow
grpc_no_deadlineStabilityHigh
sync_dns_lookupPerformanceMedium
unsafe_evalSecurityCritical
halstead_complexityMaintainabilityLow
async_resource_cleanupStabilityHigh
asyncio_timeoutStabilityMedium
circuit_breakerStabilityMedium
code_duplicationMaintainabilityLow
db_timeoutStabilityHigh
ephemeral_filesystem_writeStabilityMedium
graceful_shutdownStabilityHigh
http_blocking_asyncPerformanceHigh
http_retryStabilityMedium
http_timeoutStabilityHigh
idempotency_keyCorrectnessMedium
io_in_hot_pathPerformanceMedium
large_response_memoryScalabilityHigh
missing_correlation_idObservabilityMedium
missing_tracingObservabilityLow
race_conditionCorrectnessHigh
recursive_no_base_caseCorrectnessHigh
regex_compilePerformanceLow
transaction_boundaryCorrectnessHigh
unbounded_memoryScalabilityHigh
uncancelled_tasksStabilityMedium

Framework Rules

Section titled “Framework Rules”

FastAPI (7 rules)

Section titled “FastAPI (7 rules)”
RuleDimensionSeverity
missing_corsSecurityMedium
missing_health_checkStabilityMedium
exception_handlerStabilityMedium
input_validationCorrectnessHigh
rate_limitingScalabilityMedium
request_body_unboundedScalabilityHigh
missing_request_timeoutStabilityMedium

Django (5 rules)

Section titled “Django (5 rules)”
RuleDimensionSeverity
orm_select_relatedPerformanceMedium
allowed_hostsSecurityHigh
missing_csrfSecurityHigh
secure_settingsSecurityHigh
session_settingsSecurityMedium

Flask (3 rules)

Section titled “Flask (3 rules)”
RuleDimensionSeverity
cookie_settingsSecurityMedium
secret_keySecurityCritical
session_timeoutSecurityMedium

SQLAlchemy (5 rules)

Section titled “SQLAlchemy (5 rules)”
RuleDimensionSeverity
connection_poolScalabilityHigh
lazy_loadingPerformanceMedium
pgvector_optimizationPerformanceMedium
query_timeoutStabilityHigh
session_managementStabilityHigh

Redis (2 rules)

Section titled “Redis (2 rules)”
RuleDimensionSeverity
missing_ttlScalabilityMedium
unbounded_keysScalabilityHigh

Pydantic (2 rules)

Section titled “Pydantic (2 rules)”
RuleDimensionSeverity
arbitrary_typesCorrectnessMedium
missing_validatorsCorrectnessMedium