Pattern: Avoid use of assert
keyword
Issue: -
assert
is removed with compiling to optimized byte code (python -o
producing *.pyo
files). This causes various protections to be removed. It was discovered that some projects used assert
to enforce interface constraints. Consider raising a semantically meaningful error or AssertionError
instead.
Example of insecure code:
assert logged_in
display_assets()
Example of secure code:
if logged_in:
display_assets()