-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Code and repo audit #160
Comments
A more context could be given in the readme, i.e. why namegaurd could be useful. Some potential use-cases would be valuable. |
In the impersonation section giving actual comparison between safe and unsafe names would be very valuable. |
and got:
My env is as follows: |
If the pypi package is not yet available, maybe extend the README to include instruction on how to install the lib currently, using poetry. |
Add |
Lines 5 to 10 in daafc6a
|
Why nameguard/api/nameguard/grapheme_normalization.py Lines 5 to 7 in daafc6a
Why not grapheme? |
I would suggest merging There's also |
Setting nameguard/api/nameguard/logging.py Line 5 in daafc6a
|
This regex is not resistant against new-line injection. nameguard/api/nameguard/nameguard.py Line 87 in daafc6a
The anchors should be changed int \A and \z .
|
Since the addresses have different meaning, why not use a dictionary? nameguard/api/nameguard/nameguard.py Lines 82 to 85 in daafc6a
|
Consider missing key error, which would generate obscure error massage for a nested key: nameguard/api/nameguard/nameguard.py Lines 89 to 92 in daafc6a
Maybe there should be error showing all elements of the keys list or a None value, if the path does not exist?
|
Two-letter instance variable which is not documented: nameguard/api/nameguard/nameguard.py Line 100 in daafc6a
Hard to understand it's meaning from the name itself (name-service?).
|
Missing return value type: nameguard/api/nameguard/nameguard.py Lines 108 to 109 in daafc6a
|
The doc says namehashes won't be analyzed, while in fact they might be resolved (according to the argument): nameguard/api/nameguard/nameguard.py Lines 112 to 116 in daafc6a
Consider changing the doc. |
What about names such as nameguard/api/nameguard/nameguard.py Line 123 in daafc6a
Shall the empty labels always be removed? Or for that case an empty string is ok? |
I would suggest changing nameguard/api/nameguard/nameguard.py Lines 136 to 143 in daafc6a
Currently there's little difference between label_analysis and labels_analysis which makes the code harder to understand. The call lable.graphemes would be even more natural.
|
The same remark applies to the following code: nameguard/api/nameguard/nameguard.py Lines 146 to 150 in daafc6a
|
Does the DNA checks require previous aggregation of results? nameguard/api/nameguard/nameguard.py Lines 170 to 176 in daafc6a
I don't understand why the application and organization of these checks differs from the other checks. A short comment would be helpful. |
Taking into account that this a constructor: nameguard/api/nameguard/nameguard.py Lines 180 to 184 in daafc6a
it's very strange the single call to that method occupies more than 60 lines. Have you considered a fluent API, a factory pattern or preparation of the argumetns up-front? |
The part of the code: nameguard/api/nameguard/nameguard.py Lines 184 to 188 in daafc6a
Is rather hard to follow, since the values assigned to the param are intertwined with the logic responsible for their computation. A method computing the outcome would be much more readable. |
It would be better to move the logic here: nameguard/api/nameguard/nameguard.py Lines 193 to 199 in daafc6a
into separate method, accepting labels_analysis .
|
The code nameguard/api/nameguard/nameguard.py Lines 206 to 210 in daafc6a
has the same interleaved logic/value computation, which is hard to follow. |
The same applies to this piece of code: nameguard/api/nameguard/nameguard.py Lines 218 to 221 in daafc6a
|
I understand that this is Python-style: nameguard/api/nameguard/nameguard.py Lines 235 to 239 in daafc6a
but putting the loop at the end once again makes the code harder to understand, since the variables are defined after they are used. I would suggest a class/struct that would combine the individual pieces of information into one object. |
This code and many similar pieces of code could be simplified from nameguard/api/nameguard/nameguard.py Lines 296 to 298 in daafc6a
to
|
Here nameguard/api/nameguard/nameguard.py Line 304 in daafc6a
nameguard/api/nameguard/nameguard.py Lines 277 to 278 in daafc6a
There's also some non-trivial logic shared by those methods. |
For me the name of the method: nameguard/api/nameguard/nameguard.py Line 321 in daafc6a
implicates, that we are securing some name, but the logic is about checking if the name is secure. |
Would it be possible to rewrite this code: nameguard/api/nameguard/nameguard.py Lines 329 to 345 in daafc6a
in a way, that all check are applied step-by-step with the same style of coding? |
As far as I understand: nameguard/api/nameguard/nameguard.py Lines 370 to 377 in daafc6a
all checks result in the same value being returned. Maybe using or would make to code simpler?
|
As mentioned earlier nameguard/api/nameguard/nameguard.py Lines 385 to 389 in daafc6a
it would be better to change the logic not to rise a KeyError .
|
Else is not needed nameguard/api/nameguard/nameguard.py Lines 409 to 413 in daafc6a
|
Making nameguard/api/nameguard/nameguard.py Line 371 in daafc6a
|
Else is not needed: nameguard/api/nameguard/nameguard.py Lines 420 to 423 in daafc6a
|
Once again else is not needed since all previous paths result in a nameguard/api/nameguard/nameguard.py Lines 426 to 427 in daafc6a
|
README.md
NameGuard by NameHash
as a title, current title might be confusingThe text was updated successfully, but these errors were encountered: