pylint
Comprehensive Python static code analyzer — checks for errors, enforces coding standards, and detects code smells. pylint features: error detection (undefined names, wrong types, attribute errors), convention violations (PEP 8, naming), refactoring hints (too-many-arguments, too-complex), warning detection, score out of 10, message categorization (C/R/W/E/F), --disable/--enable for selective rules, pylintrc/pyproject.toml configuration, plugin system (pylint-django, pylint-celery), --output-format for CI integration, --fail-under for quality gates, and --jobs for parallel linting. More thorough than flake8 but slower.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Static analysis tool that can catch security-relevant code issues (e.g., undefined variable used as SQL query). No network calls during analysis. GPL-2.0 license — check compatibility if distributing pylint as part of commercial tooling. Use pylint-security plugin for additional security checks.
⚡ Reliability
Best When
Comprehensive Python code quality analysis — pylint's thorough checks catch real bugs (undefined variables, wrong method signatures) that faster linters miss, worth the slower runtime for CI pipelines.
Avoid When
You need fast linting (use ruff), style-only checks (use pycodestyle), or runtime type checking (use beartype).
Use Cases
- • Agent code quality gate — subprocess.run(['pylint', '--fail-under=8.0', 'src/'], check=True) — fail if score below 8.0; agent CI pipeline enforces minimum code quality; --fail-under sets threshold; exit code 0 for pass, 4 for score too low; integrate in pre-commit or CI
- • Agent targeted linting — subprocess.run(['pylint', '--disable=all', '--enable=E', 'src/agent.py'], capture_output=True) — errors only; agent runs pylint only for error-class messages (E prefix); disables convention/refactoring/warning noise; focused on actual bugs
- • Agent pylint output parsing — result = subprocess.run(['pylint', '--output-format=json', 'src/'], capture_output=True, text=True); issues = json.loads(result.stdout); errors = [i for i in issues if i['type'] == 'error'] — JSON output for programmatic processing; agent analyzes lint results to identify files needing attention
- • Agent pre-commit lint — in .pre-commit-config.yaml: repos: - repo: local, hooks: - id: pylint, entry: pylint, language: system, types: [python] — pre-commit integration; agent-developed code linted before commit; pylint as quality gate in development workflow
- • Agent module scoring — result = subprocess.run(['pylint', 'src/'], capture_output=True, text=True); score_line = [l for l in result.stdout.split('\n') if 'rated at' in l][0]; score = float(re.search(r'([0-9.]+)/10', score_line).group(1)) — extract score; agent tracks code quality score over time; regression detection when score drops
Not For
- • Fast lightweight linting — pylint is slower than flake8/ruff; for fast linting use ruff (100x faster)
- • Style-only linting — pylint does much more than style; for PEP 8 style only use pycodestyle or ruff
- • Runtime type checking — pylint does static analysis without executing code; for runtime validation use beartype or typeguard
Interface
Authentication
No auth — local CLI tool and Python library.
Pricing
pylint is GPL-2.0 licensed. Free for all use.
Agent Metadata
Known Gotchas
- ⚠ Exit codes are bitmask not simple pass/fail — pylint exit code 0: no errors; exit code 1: fatal message; exit code 2: error message; exit code 4: warning; exit code 8: refactor; exit code 16: convention; codes are bitwise ORed; exit code 28 means error+refactor+convention; agent CI using check=True fails on any non-zero exit; use subprocess.run(['pylint', ...]) and check returncode manually
- ⚠ False positives on dynamic attributes — pylint E1101 'has no member' for dynamically-added attributes (SQLAlchemy columns, Django fields, dataclasses); agent code using ORM models gets many false positives; disable with # pylint: disable=no-member or use pylint-django/pylint-sqlalchemy plugins
- ⚠ pylintrc must be in project root or home — pylint searches for pylintrc from current directory upward; agent invoking pylint from different directory may not find config; use --rcfile=/path/to/.pylintrc explicitly; or pyproject.toml [tool.pylint] section in project root
- ⚠ Inline disable comments are verbose — # pylint: disable=too-many-arguments for one line; # pylint: disable=too-many-arguments at top of function disables for whole function; # pylint: disable=too-many-arguments ... # pylint: enable=too-many-arguments for block; agent code review tools must understand these comments
- ⚠ --jobs parallel mode may miss some checks — pylint --jobs=4 runs worker processes but some cross-module checks require single process; agent CI using --jobs for speed should verify all checks run; --jobs=0 uses CPU count automatically; certain import-graph checks work only in single-process mode
- ⚠ pylint score can be gamed by disabling messages — disabling many checks artificially raises score; agent using pylint score as quality metric must audit which messages are disabled in pylintrc; a project with score 10.0 but disable-all in config has no quality signal; check enabled messages not just score
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for pylint.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-07.