Pyre-check: Performant Type-Checking and Static Analysis for Python
Summary
Pyre-check is a high-performance type checker for Python, compliant with PEP 484, designed for incremental analysis of large codebases. It features Pysa, a security-focused static analysis tool for identifying data flow issues in Python applications, enhancing code quality and security.
Repository Info
Tags
Click on any tag to explore related repositories
Introduction
Pyre-check is a performant type checker for Python, developed by Facebook, that ensures your Python code adheres to type hints as defined by PEP 484. It excels at analyzing large codebases, providing incremental type-checking for rapid feedback. Beyond basic type-checking, Pyre-check integrates Pysa, a powerful security-focused static analysis tool. Pysa helps identify potential security vulnerabilities by reasoning about data flows within Python applications, making it an invaluable asset for maintaining robust and secure code.
Installation
To get started with Pyre-check, ensure you have Python 3.8 or later and Watchman installed on your system.
Requirements
- Python 3.8+: https://www.python.org/getit/
- Watchman: https://facebook.github.io/watchman/
For macOS users, you can install both with Homebrew:
$ brew install python3 watchman
For Ubuntu, Mint, or Debian users, use apt-get for Python and Homebrew for Watchman:
$ sudo apt-get install python3 python3-pip python3-venv
$ brew install watchman
Project Setup
Once the requirements are met, set up a new project and install Pyre-check:
$ mkdir my_project && cd my_project
$ python3 -m venv ~/.venvs/venv
$ source ~/.venvs/venv/bin/activate
(venv) $ pip install pyre-check
Next, initialize Pyre-check in your project directory. This creates the necessary configuration files (.pyre_configuration and .watchmanconfig):
(venv) $ pyre init
Examples
After setting up your project, you can immediately run Pyre-check to find type errors. Let's create a simple Python file with an intentional type mismatch:
(venv) $ echo "i: int = 'string'" > test.py
Now, execute Pyre-check:
(venv) $ pyre
You will see output similar to this, indicating the type error:
? Found 1 type error!
test.py:1:0 Incompatible variable type [9]: i is declared to have type `int` but is used as type `str`.
The first run starts a daemon for incremental analysis, making subsequent checks much faster as you modify your code.
Why Use Pyre-check?
Pyre-check offers several compelling reasons for Python developers to integrate it into their workflow:
- Performance: Designed for large-scale applications, Pyre-check provides incremental type-checking, delivering near-instantaneous feedback as you write code.
- Enhanced Security with Pysa: The integrated Pysa tool goes beyond simple type-checking, offering advanced static analysis to detect security vulnerabilities related to data flows, helping you build more secure applications.
- PEP 484 Compliance: It fully supports Python's official type hinting standard, ensuring your codebase adheres to modern best practices.
- Robustness: Developed by Facebook, Pyre-check is a mature and well-supported tool, trusted by large organizations for maintaining code quality.
Links
- GitHub Repository: https://github.com/facebook/pyre-check
- Official Documentation: https://pyre-check.org/docs/
- Pyre Playground: https://pyre-check.org/play
- Pysa GitHub Action: https://github.com/marketplace/actions/pysa-action