Skip to content

[NEW QUERY] Python bare except clause detection#2

Draft
Copilot wants to merge 3 commits intomainfrom
copilot/fix-bare-except-query
Draft

[NEW QUERY] Python bare except clause detection#2
Copilot wants to merge 3 commits intomainfrom
copilot/fix-bare-except-query

Conversation

Copy link
Copy Markdown

Copilot AI commented Jan 26, 2026
edited
Loading

📝 Query Information

  • Language: Python
  • Query ID: py/bare-except
  • Category: maintainability, code-quality
  • Severity: warning
  • CWE/CVE (if applicable): CWE-396

🎯 Description

What This Query Detects

Bare except: clauses catch all exceptions including SystemExit and KeyboardInterrupt, obscuring bugs and breaking signal handling.

Example Vulnerable Code

def parse_int(s: str) -> int:
    try:
        return int(s)
    except:  # Catches KeyboardInterrupt, SystemExit, etc.
        return 0

Example Safe Code

def parse_int(s: str) -> int:
    try:
        return int(s)
    except ValueError:  # Catches only expected error
        return 0

🧪 Testing

  • Positive test cases included
  • Negative test cases included
  • Edge cases covered
  • All tests pass

📋 Checklist

  • Query compiles without errors
  • Documentation complete (.md and .qhelp)
  • Metadata properly set (@name, @id, @kind, etc.)
  • Tests validate query behavior
  • No false positives in test cases

🔗 References

Note: This query was developed using Test-Driven Development methodology.

Original prompt

This section details on the original issue you should resolve

<issue_title>[Query Create]:</issue_title>
<issue_description>### Target Language

python

Query Name (Optional)

Bare Except

Query Type

Code Quality

Query Description

Bare except: (overly broad exception handling)

Why it’s a quality problem
Catching everything (including KeyboardInterrupt, SystemExit, etc.) can:

hide real bugs,
make failures harder to debug,
lead to incorrect behavior by swallowing critical exceptions.

Expected Severity

Medium

Code Examples

//should be detected
def parse_int(s: str) -> int:
try:
return int(s)
except: # <- too broad
return 0

//should NOT be detected
def parse_int(s: str) -> int:
try:
return int(s)
except ValueError:
return 0

CWE/CVE Reference (Optional)

No response

References (Optional)

No response

Code of Conduct

  • I agree to follow this project's Code of Conduct</issue_description>

Comments on the Issue (you are @copilot in this section)

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI added 2 commits January 26, 2026 19:44
Add BareExcept query for Python to detect overly broad exception hand…
0213319 
…ling

- Detects bare 'except:' clauses that catch all exceptions
- Helps identify code quality issues where specific exceptions should be caught
- Includes comprehensive test cases with both compliant and non-compliant examples
- Query metadata: @id py/bare-except, @problem.severity warning, @precision high
- All tests passing (6 bare except clauses detected in test cases)
Format BareExcept.ql query with codeql query format
fff6d4f
Copilot AI changed the title [WIP] Fix bare except issue in exception handling [NEW QUERY] Python bare except clause detection Jan 26, 2026
Copilot AI requested a review from apsscolari January 26, 2026 19:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@apsscolari apsscolari Awaiting requested review from apsscolari

Assignees

@apsscolari apsscolari

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Query Create]:

2 participants

@apsscolari