Release: Permanently silence issues in code
Not every code convention violation in your code is something that you would want to take an action on. Take an example from Python — mark_safe, a function that considers all input passed as valid, would open security vulnerabilities in a view that deals with user input. But it makes complete sense if used in an environment where the user input is guaranteed to be trusted. Administrator views are a perfect example of this. DeepSource raises an issue for this violation, regardless of the context it is used in.
In the latest release, we have introduced a new keyword that you can add to your code as a comment. This will allows you to silence one or more issues in that line of code permanently.
Meet, skipcq (which stands for skip continuous quality)— a unified way to silence issues from source code that works across all analyzers available on DeepSource. This special keyword can be used as part of a comment in the same line or surrounding lines where the violation has occurred to silence it.
Silencing a specific issue
Add skipcq as a comment with the issue's short-code at the end of the line, or one the line above it to silence the issue.
Doing so will suppress PYL-W0622 on this line, which is raised because the inbuilt function input has been redefined.
Silencing multiple issues
To silence multiple issues on a line, add a comma separated list of issue short-codes after the skipcq: keyword.
Silencing all issues on a line
To silence all issues that could be raised on a line, simply use the keyword skipcq in the comment corresponding to the line.
A word of caution, though — this would prevent all issues from being raised on this line, which is probably not something you want. We recommend using the keyword explicitly for the issues you want to suppress.
What if I have comments?
Great question! Just add skipcq at the end of your comment for the line.
In case the skipcq comment is placed above the line, you can place as many comments or newlines above the concerned line.
We're super thrilled about this release and we hope it helps reduce false-positives and enables you tweak DeepSource's results to suit your context easily, so you can do what you do best — ship good code.
Got feedback? Tweet to us @DeepSourceHQ.