Python: FastAPI Depends() not tracked, causes false dead code positives #27
Description
Bug
Functions used via FastAPI's Depends() show in_degree=0 and appear as dead code, despite being called on every request.
Root Cause
async def endpoint(user: UserSchema = Depends(get_current_user)):
...get_current_user is passed as a reference, not called directly. No CALLS or USAGE edge is created, so it looks uncalled.
Confirmed False Positives (FastAPI project)
get_current_user— used viaDepends()in every protected routeget_current_user_optional— same, 4 routers- All
dependencies.pyfactory functions (get_paper_action_service,get_user_service, etc.)
Suggested Fix
Detect Depends(func_ref) in parameter default values via tree-sitter and emit a USAGE edge from the handler to func_ref.
Impact
High — marks live auth functions as dead code, risking incorrect deletion.