LowFile-scopePython Plug & play

Replace print statements with logging framework

Use the standard logging module (or your app's logger) instead of print() in committed code.

Why this matters

Structured logging supports levels, handlers, correlation IDs, and can be filtered/aggregated in production.

Bad vs. good

Side-by-side examples engineers can pattern-match during review.

Avoid

def handle():
    print('starting handler')
    ...
    print('done')

Prefer

import logging
logger = logging.getLogger(__name__)

def handle():
    logger.info('starting handler', extra={'op': 'handle'})
    ...
    logger.info('done', extra={'op': 'handle'})

More snippets

Bad

print('error:', e)

Good

logger.exception('operation failed')

Related rules

From the same buckets as this rule.

Critical
Check consent and role-based authorization before returning ePHI
Handlers must verify the requester’s role and a valid consent/relationship (e.g., care team assignment) before disclosing ePHI; include Purpose-Of-Use in the decision and audit the outcome.
compliance-hipaasecurity-hardening+2
Critical
Mask PAN and exclude SAD from logs
Never emit Primary Account Number (PAN) or Sensitive Authentication Data (SAD: CVV/CVC, full track data, PIN) to application or audit logs. Per PCI DSS 4.0 Req. 3 and 10, always mask PAN as first6last4 and fully redact SAD before logging.
compliance-pci-dssobservability-logging+1
High
Add comprehensive error logging
Log failures with operation name, key identifiers, and exception; prefer structured logging (fields).
error-handlingobservability-logging

Why this matters

Bad vs. good

More snippets

Related rules

Check consent and role-based authorization before returning ePHI

Mask PAN and exclude SAD from logs

Add comprehensive error logging

Why this matters

Bad vs. good

More snippets

Related rules

Check consent and role-based authorization before returning ePHI

Mask PAN and exclude SAD from logs

Add comprehensive error logging