AUTHOR
Julien Delange, Founder and CEO
Julien is the CEO of Codiga. Before starting Codiga, Julien was a software engineer at Twitter and Amazon Web Services.
Julien has a PhD in computer science from Universite Pierre et Marie Curie in Paris, France.
What is a default parameter in Python?
A default parameter in Python is a default value assigned to a function
parameter. If I define the function foo
with a parameter bar = 3
,
it ensures that if no value is passed for this parameter, the default
value 3
will be used.
def foo(bar=3):
return bar + 2
n = foo() # returns 5
n = foo(10) # return 12
The major caveat is that default parameters are only evaluated once and may cause problems when a function is called more than once.
Why does an empty array as a default parameter in Python may cause a problem?
As parameters are evaluated only ONCE, returning or using an array with a default parameter may create an issue, as the value from a previous call may be reused in a later call.
Let's look at a concrete example.
import typing
def foo(bar: typing.List[int] = []):
bar.append(42)
return bar
l1 = foo()
print(l1)
l2 = foo()
print(l2)
When executing the code above, at the second call, the value of the first call was reused, which is (almost) never what we want.
$ python pythoncode.py
[42]
[42, 42]
This is a common issue in Python code already documented (see the Common Gotchas for Python).
How to avoid having issues with an empty array as default parameter in Python?
The idea is not to use an array as a default parameter and instead is None
. Then, inside the function,
we check if a value has been passed and assign it.
There is the corrected version of the code shown above.
import typing
def foo(bar: typing.Optional[typing.List[int]]=None):
if bar is None:
res = []
else:
res = bar
res.append(42)
return res
l1 = foo()
print(l1)
l2 = foo()
print(l2)
When executing the code, we have the correct result.
$ python pythoncode.py
[42]
[42]
Automatically empty array as default parameter in Python
Codiga provides IDE plugins and integrations with GitHub, GitLab, or Bitbucket to detect empty arrays as default parameters. The Codiga static code analysis detects this issue directly in your IDE or code reviews.
In particular, this analysis rule produces a warning each time there is an empty array as a default parameter in a function definition.
To use this rule consistently, all you need to do is to install the integration in your IDE (for VS Code or JetBrains) or code management system and add a codiga.yml
file at the root of your profile with the following content:
rulesets:
- python-security
It will then check all your Python code against 100+ rules that detect unsafe and insecure code and suggests fixes for each of them.