[pavel_lishin]

Would you mind posting the script? I'd love to run it against our codebase and see what it comes up with.

It might be a fun thing to open source as part of a "I've inherited a project, what now?" toolkit that helps you decide what to fix.

[jasonmoo]

Sure. It's a simple tool but the concept could be augmented toward something like the scenario you described.

https://gist.github.com/jasonmoo/06691c8fea09b62aa35235fc93e...

[ubernostrum]

IIRC Instagram released a plugin for Bandit (the OpenStack static analyzer for Python) that does this.