Mark Azer: Using Static Analysis to Elevate Your Python Code @ PyCon Ireland 2023 скачать в хорошем качестве

Mark Azer: Using Static Analysis to Elevate Your Python Code @ PyCon Ireland 2023

Using Static Analysis to Elevate Your Python Code: Static Analysis is a software testing method that checks your code for maintainability issues and security vulnerabilities without needing to execute your code. While Static Analysis tools have existed for some time, modern tools have adapted to better integrate with developers’ workflows. The goal is to help developers write higher quality, more secure code without disrupting their day-to-day workflows. Since the advent of agile software development, a heavy emphasis has always been placed on delivery speed and quick iteration in order to maximize the new value being provided to end users through new features. However, going too fast can mean taking shortcuts that, in the best case, makes your code messy and difficult to understand, or in the worst case can open your organization to security risks. Thus, Static Analysis is a critical tool to add to your organization’s workflow to minimize these issues without taking a major hit to developer productivity. In this talk, we’ll cover: The importance of shifting left and catching issues earlier to save developers time later in the software development life cycle Overview of common issues and security vulnerabilities that can easily go missed in Python code (with examples) What Static Analysis and Software Composition Analysis are, and how they help you shift left when looking for issues How modern Static Analysis tools integrate with common developer tools (IDEs, Git Repos, CI) to be less disruptive while maintaining their impact