Flake8 extension to validate (lack of) logging format strings
Python logging supports a special extra keyword
for passing a dictionary of user-defined attributes to include in a logging event. One way to ensure consistency and
rigor in logging is to always use extra to pass non-constant data and, therefore, to never use format strings,
concatenation, or other similar techniques to construct a log string.
In other words, do this:
logger.info(
"Hello {world}",
extra=dict(
world="Earth"
)
)
Instead of:
logger.info(
"Hello {world}".format(world=Earth)
)
As a further level of rigor, we can enforce that extra dictionaries only use keys from a well-known whitelist.
Usage:
flake8 --enable-extra-whitelist
The built-in Whitelist supports plugins using entry_points with a key of "logging.extra.whitelist". Each
registered entry point must be a callable that returns an iterable of string.
In some cases you may want to log sensitive data only in debugging senarios. This is supported in 2 ways:
- We do not check the logging.extra.whitelist for lines logged at the
debuglevel - You may also prefix a keyword with 'debug_' and log it at another level. You can safely assume these will be filtered out of shipped logs.
G001Logging statements should not usestring.format()for their first argumentG002Logging statements should not use%formatting for their first argumentG003Logging statements should not use+concatenation for their first argumentG010Logging statements should not usewarn(usewarninginstead)G100Logging statements should not useextraarguments unless whitelisted