We use a variety of tools to check for errors and vulerabilities, and to enforce a coding standard and coding style.
To check the quality of your pull request, go to the top level of the edx- platform codebase and run the following command.
$ paver run_quality
The following topics provide additional details on the tools that we use.
Here are the primary tools we use to keep our code clean.
Our codebase is far from perfect, but the goal is to steadily improve its quality over time. To do this, we wrote a pypi package called diff-cover, which includes the tool diff-quality. The diff-quality tool reports on quality violations only on lines that have changed in a pull request. Using this tool, we can ensure that pull requests do not introduce new quality violations, and also clean up existing violations in the process of introducing other changes.
To run diff-quality along with our other quality based tools, go to the top level of the edx-platform codebase and run the following command.
$ paver run_quality
You can also use the
paver run_pep8 and
paver run_pylint commands to
run only pep8 or pylint.
This will print a report of the quality violations that your branch has made.
Although we try to be vigilant in resolving all quality violations, some Pylint violations are too challenging to resolve, so we opt to ignore them via use of a pragma. A pragma tells Pylint to ignore the violation in the given line. An example is:
self.assertEquals(msg, form._errors['course_id']) # pylint: disable=protected-access
The pragma starts with a
# two spaces after the end of the line. We prefer
that you use the full name of the error (
as opposed to
pylint: disable=W0613), to make more clear what you are
disabling in the line.
To keep our code safe from Cross Site Scripting (XSS) vulnerabilities,
the XSS Linter is also run as part of
To run the XSS Linter against your current branch, run the following command.
For more options for running the XSS Linter, or instructions for fixing violations, see XSS Linter.