Skip to content

core-quality-leftover-print

Pack: core-quality Default severity: MINOR Languages: Python Lifecycle: experimental Confidence: 0.75

What it catches

Bare print(...) and pprint.pprint(...) calls in production-style Python. Almost always a debug breadcrumb someone forgot to remove.

Test files are exempted (path matches test_*.py, *_test.py, tests/, conftest.py, etc.) — debug-printing during tests is fine.

Why this matters for vibe-coded apps

In a vibe-coded FastAPI / Streamlit / Modal app, leftover print() ends up in stdout, sometimes carrying sensitive payload, and contributes nothing to structured logging.

Example — flagged

def setup():
    print("server starting")          # ← flag

def cleanup():
    print("server stopping")          # ← flag

import pprint
def dump_state(state):
    pprint.pprint(state)              # ← flag

Example — not flagged

import logging
logger = logging.getLogger(__name__)
def setup():
    logger.info("server starting")    # structured logger — silent

# tests/test_app.py — test file basename → silent
def test_thing():
    print("debug from a test")

Suggested fix

Replace with a structured logger or delete the line:

import logging
logger = logging.getLogger(__name__)
logger.info("server starting", extra={"phase": "boot"})

Suppressing

# Reason: this CLI tool intentionally prints status to stdout (it IS the UX).
# codemore-ignore-next-line: core-quality-leftover-print
print("scan complete")

The directive must be on the line immediately before the target.

Implementation

Tree-sitter-python AST. Walks every call node whose callee dotted-path is print or pprint.pprint.

Source: `shared/packs/core-quality/core-quality-leftover-print.ts` Fixtures: `corpus/rules/core-quality-leftover-print/`

Next →
Back to the catalog
See the other 57 rules — grouped by pack, with lifecycle gates.