LGTM.com - false positive

github / codeql

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

https://codeql.github.com

MIT License

7.51k stars 1.49k forks source link

LGTM.com - false positive #3971

Open jxnu-liguobin opened 4 years ago

jxnu-liguobin commented 4 years ago

Description of the false positive

I think this is wrong

https://lgtm.com/projects/g/jxnu-liguobin/cs-summary-reflection/alerts/?mode=list

https://lgtm.com/projects/g/jxnu-liguobin/cs-summary-reflection/snapshot/b7b15d5bb273a65f0aa7057dcc6f8e057d48279f/files/python-leetcode/solution/tree/leetcode_98_.py#x7d357e194b0defcd:1

RasmusWL commented 4 years ago

Thanks for your report. I agree that it is a false positive.

I boiled down your example to this, just to confirm the behavior of nonlocal :stuck_out_tongue:

class MyClass:
    def test(self, arg_foo) -> bool:
        temp = -(2 ** 32)

        def inner(arg):
            nonlocal temp
            print(arg, temp)

        inner(arg_foo)

o = MyClass()
o.test(42)

We're currently busy reworking large parts of the Python QL libraries, so we won't be focusing on fixing this until later this year.

jxnu-liguobin commented 4 years ago

Ok, thank you