-
Notifications
You must be signed in to change notification settings - Fork 849
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improvements from AWS Code Guru | Machine Learning for code review #1465
Comments
Hi, thanks for this. I think option 3 makes the most sense right now. If there's also a list of categories and we can filter some out, that would be great. For example, I'd want to know about other instances of this If not, that's fine, if there's some .text,.csv, or .json report file we could get that will be easy enough to filter ourselves. |
Ok, it would have been wonderful to create this issues in Hacktoberfest because they are small and clear. It is not possible to export, but I will put here: Recomendaciones (120)pwndbg/disasm/arm.py Línea: 51It appears you are using the Using the Origen pwndbg/enhance.py Línea: 44The cyclomatic complexity of this function is 22. By comparison, 99% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. For example, consider extracting the code block on lines 67-72 into a separate function. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/gdblib/stack.py Línea: 119Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/hexdump.py Línea: 42Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/search.py Línea: 13The cyclomatic complexity of this function is 23. By comparison, 99% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. For example, consider extracting the code block on lines 40-74 into a separate function. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/heap/ptmalloc.py Línea: 1974The cyclomatic complexity of this function is 29. By comparison, 99% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/gdblib/kernel/__init__.py Línea: 59Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Similar issue at line number 223. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/commands/telescope.py Línea: 69The cyclomatic complexity of this function is 16. By comparison, 98% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. For example, consider extracting the code block on lines 111-195 into a separate function. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/ghidra.py Línea: 11The cyclomatic complexity of this function is 17. By comparison, 98% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. For example, consider extracting the code block on lines 67-77 into a separate function. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/gdblib/file.py Línea: 30Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/commands/nearpc.py Línea: 81The cyclomatic complexity of this function is 29. By comparison, 99% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. For example, consider extracting the code block on lines 155-219 into a separate function. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/commands/search.py Línea: 133The cyclomatic complexity of this function is 22. By comparison, 99% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. For example, consider extracting the code block on lines 185-226 into a separate function. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/lib/memory.py Línea: 97To check if a container or sequence (string, list, tuple) is empty, use Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/commands/heap.py Línea: 805This function contains 205 lines of code, not including blank lines or lines with only comments, Python punctuation characters, identifiers, or literals. By comparison, 99% of the functions in the CodeGuru reference dataset contain fewer lines of code. Large functions might be difficult to read and have logic that is hard to understand and test. We recommend that you simplify this function or break it into multiple functions. Large functions might be difficult to read, and have logic that is hard to understand and test. Large functions should be simplified or broken into multiple smaller functions. The size of a function is computed as the number of lines of code, not including blank lines or lines with only comments, Python punctuation characters, identifiers, or literals. Origen pwndbg/ida.py Línea: 186Using Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from Origen pwndbg/commands/probeleak.py Línea: 83The cyclomatic complexity of this function is 16. By comparison, 98% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/commands/__init__.py Línea: 174It appears that you are generically passing an try:
x = 1 / 0
except ZeroDivisionError as e:
logging.exception('ZeroDivisionError: %s', e) Do not pass generic exception. Origen pwndbg/gdblib/abi.py Línea: 12Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Similar issue at line number 13. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/gdblib/vmmap.py Línea: 316It appears that you are generically passing an try:
x = 1 / 0
except ZeroDivisionError as e:
logging.exception('ZeroDivisionError: %s', e) Do not pass generic exception. Origen pwndbg/commands/heap.py Línea: 727It appears that you are concatenating a string inside a loop. Concatenating immutable sequences will always result in a new object. This means that building up a sequence by repeated concatenation will have a quadratic runtime cost in the total sequence length. For efficiency and to get a linear runtime cost, consider appending values to a list and concatenating that list using str.join() or bytes.join() method. Similar issue at line number 745. Concatenating immutable sequences results in a new object. This causes a quadratic runtime cost when done inside loop. Origen pwndbg/commands/probeleak.py Línea: 156It appears that you are concatenating a string inside a loop. Concatenating immutable sequences will always result in a new object. This means that building up a sequence by repeated concatenation will have a quadratic runtime cost in the total sequence length. For efficiency and to get a linear runtime cost, consider appending values to a list and concatenating that list using str.join() or bytes.join() method. Concatenating immutable sequences results in a new object. This causes a quadratic runtime cost when done inside loop. Origen pwndbg/arguments.py Línea: 78The cyclomatic complexity of this function is 19. By comparison, 98% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/heap/ptmalloc.py Línea: 1432The cyclomatic complexity of this function is 33. By comparison, 99% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/commands/__init__.py Línea: 35To check if a container or sequence (string, list, tuple) is empty, use Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/hexdump.py Línea: 90To check if a container or sequence (string, list, tuple) is empty, use Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/profiling.py Línea: 9Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/commands/nearpc.py Línea: 193To check if a container or sequence (string, list, tuple) is empty, use Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/constants/__init__.py Línea: 18It appears you are using the Using the Origen pwndbg/heap/__init__.py Línea: 77Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/heap/ptmalloc.py Línea: 1270It appears that you are generically passing an try:
x = 1 / 0
except ZeroDivisionError as e:
logging.exception('ZeroDivisionError: %s', e) Do not pass generic exception. Origen pwndbg/gdblib/elf.py Línea: 228Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/ida.py Línea: 53Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Similar issue at line number 324. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/gdblib/typeinfo.py Línea: 68Using Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from Origen pwndbg/commands/context.py Línea: 834Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/ghidra.py Línea: 23Using Similar issue at line numbers 28 and 39. Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from Origen pwndbg/commands/nearpc.py Línea: 207It appears that you are generically passing an try:
x = 1 / 0
except ZeroDivisionError as e:
logging.exception('ZeroDivisionError: %s', e) Do not pass generic exception. Origen pwndbg/commands/ida.py Línea: 26It appears that you are generically passing an try:
x = 1 / 0
except ZeroDivisionError as e:
logging.exception('ZeroDivisionError: %s', e) Do not pass generic exception. Origen pwndbg/heap/ptmalloc.py Línea: 1823The cyclomatic complexity of this function is 38. By comparison, 99% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/commands/__init__.py Línea: 67Using Similar issue at line number 72. Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from Origen pwndbg/disasm/__init__.py Línea: 74It appears that you do not need the position returned by the If there are multiple APIs available to perform similar action, choose the most specialised and efficient one. This helps make your code more readable and easier to understand. Origen pwndbg/gdblib/memory.py Línea: 112It appears that you are generically passing an try:
x = 1 / 0
except ZeroDivisionError as e:
logging.exception('ZeroDivisionError: %s', e) Do not pass generic exception. Origen pwndbg/gdblib/dt.py Línea: 95Using Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from Origen pwndbg/commands/xinfo.py Línea: 56To check if a container or sequence (string, list, tuple) is empty, use Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/gdblib/vmmap.py Línea: 226The cyclomatic complexity of this function is 23. By comparison, 99% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. For example, consider extracting the code blocks on lines 233-249, lines 251-296, lines 308-326 into separate functions. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/enhance.py Línea: 151To check if a container or sequence (string, list, tuple) is empty, use Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/commands/context.py Línea: 388It appears you are using the Similar issue at line number 411. Using the Origen pwndbg/commands/xinfo.py Línea: 95To check if a container or sequence (string, list, tuple) is empty, use Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/gdblib/symbol.py Línea: 76The cyclomatic complexity of this function is 18. By comparison, 98% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/radare2.py Línea: 25Using Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from Origen pwndbg/ida.py Línea: 178Using Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from Origen pwndbg/emu/emulator.py Línea: 282It appears you are using the Using the Origen pwndbg/heap/ptmalloc.py Línea: 546To create a Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/gdblib/strings.py Línea: 22Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/commands/kconfig.py Línea: 19To check if a container or sequence (string, list, tuple) is empty, use Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/commands/context.py Línea: 861To create a Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/gdblib/tls.py Línea: 22The cyclomatic complexity of this function is 18. By comparison, 98% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/commands/kchecksec.py Línea: 110To check if a container or sequence (string, list, tuple) is empty, use Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/commands/start.py Línea: 21Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/hexdump.py Línea: 72This function contains 61 lines of code, not including blank lines or lines with only comments, Python punctuation characters, identifiers, or literals. By comparison, 99% of the functions in the CodeGuru reference dataset contain fewer lines of code. Large functions might be difficult to read and have logic that is hard to understand and test. We recommend that you simplify this function or break it into multiple functions. Large functions might be difficult to read, and have logic that is hard to understand and test. Large functions should be simplified or broken into multiple smaller functions. The size of a function is computed as the number of lines of code, not including blank lines or lines with only comments, Python punctuation characters, identifiers, or literals. Origen pwndbg/heap/ptmalloc.py Línea: 1597The cyclomatic complexity of this function is 4By comparison, 99% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. For example, consider extracting the code block on lines 1601-1630 into a separate function. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/commands/nearpc.py Línea: 200It appears that you are concatenating a string inside a loop. Concatenating immutable sequences will always result in a new object. This means that building up a sequence by repeated concatenation will have a quadratic runtime cost in the total sequence length. For efficiency and to get a linear runtime cost, consider appending values to a list and concatenating that list using str.join() or bytes.join() method. Concatenating immutable sequences results in a new object. This causes a quadratic runtime cost when done inside loop. Origen pwndbg/heap/structs.py Línea: 137It appears that you are concatenating a string inside a loop. Concatenating immutable sequences will always result in a new object. This means that building up a sequence by repeated concatenation will have a quadratic runtime cost in the total sequence length. For efficiency and to get a linear runtime cost, consider appending values to a list and concatenating that list using str.join() or bytes.join() method. Concatenating immutable sequences results in a new object. This causes a quadratic runtime cost when done inside loop. Origen pwndbg/gdblib/kernel/__init__.py Línea: 40Using Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from Origen pwndbg/commands/vmmap.py Línea: 130It appears you are using the Using the Origen pwndbg/gdblib/symbol.py Línea: 244It appears that you are generically passing an try:
x = 1 / 0
except ZeroDivisionError as e:
logging.exception('ZeroDivisionError: %s', e) Do not pass generic exception. Origen pwndbg/disasm/x86.py Línea: 137It appears you are using the Using the Origen pwndbg/gdblib/qemu.py Línea: 61Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/commands/context.py Línea: 604It appears that you do not need the position returned by the If there are multiple APIs available to perform similar action, choose the most specialised and efficient one. This helps make your code more readable and easier to understand. Origen pwndbg/heap/ptmalloc.py Línea: 522To create a Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/commands/context.py Línea: 384To check if a container or sequence (string, list, tuple) is empty, use Similar issue at line number 409. Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/gdblib/prompt.py Línea: 61Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Similar issue at line number 76. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/commands/heap.py Línea: 630This function contains 68 lines of code, not including blank lines or lines with only comments, Python punctuation characters, identifiers, or literals. By comparison, 99% of the functions in the CodeGuru reference dataset contain fewer lines of code. Large functions might be difficult to read and have logic that is hard to understand and test. We recommend that you simplify this function or break it into multiple functions. For example, consider extracting the code block on lines 648-670 into a separate function. Large functions might be difficult to read, and have logic that is hard to understand and test. Large functions should be simplified or broken into multiple smaller functions. The size of a function is computed as the number of lines of code, not including blank lines or lines with only comments, Python punctuation characters, identifiers, or literals. Origen pwndbg/commands/comments.py Línea: 55It appears that you are generically passing an try:
x = 1 / 0
except ZeroDivisionError as e:
logging.exception('ZeroDivisionError: %s', e) Do not pass generic exception. Origen pwndbg/color/syntax_highlight.py Línea: 30Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/gdblib/vmmap.py Línea: 487Using Swallowing exceptions, without re-throwing or logging them, is a bad practice. The stack trace, and other useful information for debugging, is lost. Origen pwndbg/gdblib/symbol.py Línea: 71Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/lib/regs.py Línea: 66To create a Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/gdblib/dt.py Línea: 74The cyclomatic complexity of this function is 16. By comparison, 98% of the functions in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. We recommend that you simplify this function or break it into multiple functions. For example, consider extracting the code block on lines 113-148 into a separate function. High cyclomatic complexity indicates the function has a high number of decisions, and it can make the logic difficult to understand and test. Functions with high cyclomatic complexity should be simplified or broken into multiple simpler functions. Origen pwndbg/lib/gcc.py Línea: 20Global variables are dangerous because they can be simultaneously accessed from multiple sections of a program. This frequently results in bugs. Most bugs involving global variables arise from one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Global variables can be dangerous and cause bugs because they can be simultaneously accessed from multiple sections of a program. Most global variable bugs are caused when one function reading and acting on the value of a global variable before another function has the chance to set it to an appropriate value. We recommend using a configuration module to mutate global state. Origen pwndbg/heap/ptmalloc.py Línea: 534To create a Following PEP8 makes your code clear and more readable. Often there are several ways to perform a similar action in Python. PEP 8 provides recommendations to remove that ambiguity and preserve consistency. Origen pwndbg/commands/reload.py Línea: 25It appears that you are generically passing an try:
x = 1 / 0
except ZeroDivisionError as e:
logging.exception('ZeroDivisionError: %s', e) Do not pass generic exception. Origen pwndbg/gdblib/regs.py Línea: 44This class contains 15 clusters of instance methods that do not have any accessed class members in common. For example, a cluster might have 2 methods that access only the class fields x and y, and another cluster might have 2 other methods that access only the class fields a and b. By comparison, 99% of the classes in the CodeGuru reference dataset contain fewer clusters. A high number of these clusters indicates low class cohesion. Classes with low class cohesion contain unrelated operations which make them difficult to understand and less likely to be used. We recommend that you simplify this class or break it into multiple cohesive classes. Classes with low class cohesion contain unrelated operations which make them difficult to understand and less likely to be used. The class cohesion is computed as the number of clusters of instance methods that do not have any accessed class members in common. For example, a cluster might have two methods that access only the class fields Origen pwndbg/commands/ignore.py Línea: 43Security Problem: This line of code lacks validation when processing input data through the following parameter: 'count' (index: 1 | type: Unknown). The parameter is exposed to external callers, because its enclosing class and method are publicly accessible. This means that upstream validation, if it exists, can be bypassed. Other validated parameters: 'bpnum'. Malicious, malformed, or unbounded inputs can cause unexpected runtime behavior or crashes, and can slow performance. Fix: Add checks to ensure the validity of the parameter's value, such as testing it for nullness, emptiness, or equality. Or to prevent direct calls to it, reduce the method's visibility using single or double underscore. Learn more about potential threats and guidance from the Common Weakness Enumeration website and the OWASP Cheat Sheet series. Public method parameters should be validated for nullness, unexpected values, and malicious values. Invalid or malicious input can compromise the system's safety. Origen pwndbg/commands/ida.py Línea: 108Security The naive datetime objects are treated by many datetime methods as local times, it is preferred to use aware datetimes to represent times in UTC. The recommended way to create an aware datetime object representing a specific timestamp in UTC is bypassing Naive datetime objects are treated by many datetime methods as local times and might cause time zone related issues. Origen ida_script.py Línea: 20Security The naive datetime objects are treated by many datetime methods as local times, it is preferred to use aware datetimes to represent times in UTC. The recommended way to create an aware datetime object representing a specific timestamp in UTC is bypassing Naive datetime objects are treated by many datetime methods as local times and might cause time zone related issues. Origen pwndbg/gdblib/symbol.py Línea: 141Security Problem This line of code might contain a resource leak. Resource leaks can cause your system to slow down or crash. Fix Consider closing the resource returned by the following method call: open. The resource is allocated by call builtins.open. Currently, there are execution paths that do not contain closure statements, for example, when builtins.hex() throws an exception. To prevent this resource leak, close the object returned by open() in a try-finally block or declare it using a More info View details about the Allocated resources are not released properly. This can slow down or crash your system. They must be closed along all paths to prevent a resource leak. Origen pwndbg/commands/ida.py Línea: 122Security Problem This line of code might contain a resource leak. Resource leaks can cause your system to slow down or crash. Fix Consider closing the resource created by the following constructor: BZ2File. The resource is allocated by call bz2.BZ2File. Execution paths that do not contain closure statements were detected. To prevent this resource leak, close the object returned by BZ2File() in a try-finally block or declare it using a More info View details about the Allocated resources are not released properly. This can slow down or crash your system. They must be closed along all paths to prevent a resource leak. Origen pwndbg/commands/rop.py Línea: 33Security Problem: This line of code lacks validation when processing input data through the following parameter: 'argument' (index: 1 | type: Unknown). The parameter is exposed to external callers, because its enclosing class and method are publicly accessible. This means that upstream validation, if it exists, can be bypassed. Other validated parameters: 'grep'. Malicious, malformed, or unbounded inputs can cause unexpected runtime behavior or crashes, and can slow performance. Fix: Add checks to ensure the validity of the parameter's value, such as testing it for nullness, emptiness, or equality. Or to prevent direct calls to it, reduce the method's visibility using single or double underscore. Learn more about potential threats and guidance from the Common Weakness Enumeration website and the OWASP Cheat Sheet series. Public method parameters should be validated for nullness, unexpected values, and malicious values. Invalid or malicious input can compromise the system's safety. Origen ida_script.py Línea: 167Security If you do not have absolute control over the contents of the string passed to the Running scripts generated from unsanitized inputs (for example, evaluating expressions that include user-provided strings) can lead to malicious behavior and inadvertently running code remotely. Origen pwndbg/wrappers/__init__.py Líneas: 3-4Security Consider possible security implications associated with STDOUT module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/lib/version.py Líneas: 2-4Security Consider possible security implications associated with subprocess module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/commands/cymbol.py Línea: 21Security Consider possible security implications associated with subprocess module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/heap/ptmalloc.py Línea: 2163Security Try, Except, Pass detected. https://bandit.readthedocs.io/en/latest/plugins/b110\_try\_except_pass.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/gdblib/file.py Línea: 62Security Use of insecure and deprecated function (mktemp). https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b306-mktemp-q APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/wrappers/checksec.py Líneas: 1-2Security Consider possible security implications associated with CalledProcessError module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen ida_script.py Línea: 167Security Use of possibly insecure function - consider using safer ast.literal_eval. https://bandit.readthedocs.io/en/latest/blacklists/blacklist\_calls.html#b307-eval APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/ida.py Línea: 290Security Use of possibly insecure function - consider using safer ast.literal_eval. https://bandit.readthedocs.io/en/latest/blacklists/blacklist\_calls.html#b307-eval APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/commands/version.py Línea: 11Security Consider possible security implications associated with check_output module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist\_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/commands/comments.py Línea: 55Security Try, Except, Pass detected. https://bandit.readthedocs.io/en/latest/plugins/b110\_try\_except_pass.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/gdblib/memory.py Línea: 112Security Try, Except, Pass detected. https://bandit.readthedocs.io/en/latest/plugins/b110\_try\_except_pass.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/commands/shell.py Línea: 70Security Starting a process without a shell. https://bandit.readthedocs.io/en/latest/plugins/b606\_start\_process\_with\_no_shell.html Constructing operating system or shell commands with unsanitized user input can lead to inadvertently running malicious code. Origen pwndbg/wrappers/__init__.py Línea: 2Security Consider possible security implications associated with subprocess module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/gdblib/qemu.py Línea: 94Security Try, Except, Continue detected. https://bandit.readthedocs.io/en/latest/plugins/b112\_try\_except_continue.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/commands/attachp.py Línea: 4Security Consider possible security implications associated with CalledProcessError module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/commands/ropper.py Línea: 2Security Consider possible security implications associated with subprocess module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/commands/attachp.py Líneas: 5-6Security Consider possible security implications associated with check_output module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist\_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/heap/ptmalloc.py Línea: 1270Security Try, Except, Pass detected. https://bandit.readthedocs.io/en/latest/plugins/b110\_try\_except_pass.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/commands/reload.py Línea: 25Security Try, Except, Pass detected. https://bandit.readthedocs.io/en/latest/plugins/b110\_try\_except_pass.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/commands/rop.py Línea: 3Security Consider possible security implications associated with subprocess module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/gdblib/vmmap.py Línea: 316Security Try, Except, Pass detected. https://bandit.readthedocs.io/en/latest/plugins/b110\_try\_except_pass.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/gdblib/symbol.py Línea: 244Security Try, Except, Pass detected. https://bandit.readthedocs.io/en/latest/plugins/b110\_try\_except_pass.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/commands/radare2.py Líneas: 2-3Security Consider possible security implications associated with subprocess module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/commands/nearpc.py Línea: 207Security Try, Except, Pass detected. https://bandit.readthedocs.io/en/latest/plugins/b110\_try\_except_pass.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/commands/ida.py Línea: 26Security Try, Except, Pass detected. https://bandit.readthedocs.io/en/latest/plugins/b110\_try\_except_pass.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/commands/__init__.py Línea: 174Security Try, Except, Pass detected. https://bandit.readthedocs.io/en/latest/plugins/b110\_try\_except_pass.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen pwndbg/commands/version.py Línea: 10Security Consider possible security implications associated with check_call module. https://bandit.readthedocs.io/en/latest/blacklists/blacklist\_imports.html#b404-import-subprocess APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/commands/search.py Línea: 199Security Try, Except, Continue detected. https://bandit.readthedocs.io/en/latest/plugins/b112\_try\_except_continue.html Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. Origen ida_script.py Línea: 8Security Using escape to parse untrusted XML data is known to be vulnerable to XML attacks. Replace escape with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called. https://bandit.readthedocs.io/en/latest/blacklists/blacklist\_imports.html#b406-import-xml-sax APIs that are not recommended were found. This could indicate a deeper problem in the code. Origen pwndbg/commands/ida.py Línea: 118Security Problem This line of code might contain a resource leak. Resource leaks can cause your system to slow down or crash. Fix Consider closing the resource returned by the following method call: open. The resource is allocated by call builtins.open. Execution paths that do not contain closure statements were detected. To prevent this resource leak, close the object returned by open() in a try-finally block or declare it using a More info View details about the Allocated resources are not released properly. This can slow down or crash your system. They must be closed along all paths to prevent a resource leak. Origen pwndbg/gdblib/file.py Línea: 62Security Creating temporary files with Insecure ways of creating temporary files and directories can lead to race conditions (which can be exploited for denial of service attacks) and other security vulnerabilities such as privilege escalation. Origen |
Here's a first pass at filtering this list down to the ones we may care about. pwndbg/disasm/arm.py Línea: 51Using the pwndbg/lib/memory.py Línea: 97To check if a container or sequence (string, list, tuple) is empty, use pwndbg/ida.py Línea: 186Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from pwndbg/commands/__init__.py Línea: 174Do not pass generic exception. pwndbg/gdblib/vmmap.py Línea: 316Do not pass generic exception. pwndbg/commands/heap.py Línea: 727It appears that you are concatenating a string inside a loop. Concatenating immutable sequences will always result in a new object. This means that building up a sequence by repeated concatenation will have a quadratic runtime cost in the total sequence length. For efficiency and to get a linear runtime cost, consider appending values to a list and concatenating that list using str.join() or bytes.join() method. Similar issue at line number 745. Concatenating immutable sequences results in a new object. This causes a quadratic runtime cost when done inside loop. pwndbg/commands/probeleak.py Línea: 156It appears that you are concatenating a string inside a loop. Concatenating immutable sequences will always result in a new object. This means that building up a sequence by repeated concatenation will have a quadratic runtime cost in the total sequence length. For efficiency and to get a linear runtime cost, consider appending values to a list and concatenating that list using str.join() or bytes.join() method. Concatenating immutable sequences results in a new object. This causes a quadratic runtime cost when done inside loop. pwndbg/commands/__init__.py Línea: 35To check if a container or sequence (string, list, tuple) is empty, use pwndbg/hexdump.py Línea: 90To check if a container or sequence (string, list, tuple) is empty, use pwndbg/profiling.py Línea: 9pwndbg/commands/nearpc.py Línea: 193To check if a container or sequence (string, list, tuple) is empty, use pwndbg/constants/__init__.py Línea: 18Using the pwndbg/heap/__init__.py Línea: 77pwndbg/heap/ptmalloc.py Línea: 1270Do not pass generic exception. pwndbg/gdblib/typeinfo.py Línea: 68Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from pwndbg/ghidra.py Línea: 23Similar issue at line numbers 28 and 39. Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from pwndbg/commands/nearpc.py Línea: 207Do not pass generic exception. pwndbg/commands/ida.py Línea: 26Do not pass generic exception. pwndbg/commands/__init__.py Línea: 67Similar issue at line number 72. Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from pwndbg/disasm/__init__.py Línea: 74It appears that you do not need the position returned by the If there are multiple APIs available to perform similar action, choose the most specialised and efficient one. This helps make your code more readable and easier to understand. pwndbg/gdblib/memory.py Línea: 112Do not pass generic exception. pwndbg/gdblib/dt.py Línea: 95Throwing a base or generic exception might cause important error information to be lost. This can make your code difficult to maintain. We recommend using built-in exceptions or creating a custom exception class that is derived from pwndbg/commands/xinfo.py Línea: 56To check if a container or sequence (string, list, tuple) is empty, use pwndbg/enhance.py Línea: 151To check if a container or sequence (string, list, tuple) is empty, use pwndbg/commands/context.py Línea: 388Similar issue at line number 411. Using the pwndbg/commands/xinfo.py Línea: 95To check if a container or sequence (string, list, tuple) is empty, use
|
* lib/memory.py: use 'if collection' instead of 'if len(collection) > 0' * commands/__init__.py: use 'not line' instead of 'len(line)==0' * hexdump.py: use 'not data' instead of 'len(data)==0' * commands/nearpc.py: use `if p` instead of `if len("%s" % p)>0` I double checked that this works fine: ``` pwndbg> set nearpc-branch-marker-contiguous Set contiguous branch marker line for nearpc command to ''. pwndbg> pi str(pwndbg.commands.nearpc.nearpc_branch_marker_contiguous) '' pwndbg> pi bool(pwndbg.commands.nearpc.nearpc_branch_marker_contiguous) False ```
I've looked at some of these in the past and fixed some of these, but I just don't have time to go through all these. Also, most of these are false positives. I am going to close this issue. If you want to help us and fix some of these reported issues, please read the code around them carefully and send a pull request if they are a true positive bug. |
Hello, pwndbg members: @disconnect3d, @zachriggle, @anthraxx and @stnevans. Hi, the best contributor @gsingh93.
I am studying for the AWS Cloud Practitioner certification. Furthermore, I was reviewing the Code Guru tool, which uses Machine Learning for code review. I thought I'd scan your project since I contributed a few years ago and, surprise, I found 120 recommendations, some of them security related.
I have a dilemma on how to contribute, adding issues to this project. Likewise, I am looking for your guidance and approval to do one of the follow scenarios or if you suggest a better one which work for you.
For example, this recommendation from AWS Code Guru, make total sense:
I recommend reviewing the screenshots to see all the scope of the recommendations.
Scenarios or ideas about add these issues to the project:
The first scenario which came to my mind is creating one issue and copy all the issues and paste. It is automatically discarded because it will be nasty and out of tracking control.
The second option is created issue by issue regarding from every recommendation of the Code Guru. It is the best options in my experience, but I will create 120 new issues and I don't know if you consider it as SPAM.
2.1 If the second option is accepted, I want to use the tag “clean code”, but maybe you would like to create a new one for example “AWS Code Guru”.
Provided to all of you the AWS code review recommendations. You choose specific recommendations, then you or I can create the issues in the project.
No more ideas… =(.
The text was updated successfully, but these errors were encountered: