Open in app

Sign In

Write

Sign In

Code Review Doctor
Code Review Doctor

494 Followers

Home

About

Aug 9, 2022

You might be using assert wrong

Assert is often used in production code as a form of data validation check or sanity testing. You may have seen code bases that contain logic like: def validate_age(value): assert value < 70, "No youngsters allowed!" response = requests.post(url=url, json={'foo': 'bar'}) assert response.ok, response.text However, assertions should only be used…

Python

4 min read

You might be using assert wrong
You might be using assert wrong
Python

4 min read


Aug 5, 2022

Smashing Python tech debt with Polymorphism

Polymorphism is a pillar of Object Oriented Programming. OOP underpins modern software development in many industries. This article will dive in to Polymorphism by using a real world non-contrived example. …

Python

7 min read

Smashing Python tech debt with Polymorphism
Smashing Python tech debt with Polymorphism
Python

7 min read


Aug 3, 2022

3 awesome Django 4.1 changes (1 is a logout deprecation you need to know about)

Django is an open-source web application framework for Python. With Django 4.1 release we get some long-awaited improvements such as async views, async database queries, and a deprecation that will eventually prevent your users logging out unless you change your code accordingly. Deprecation of logout via GET Log out is an action that has a…

Django

3 min read

3 awesome Django 4.1 changes (1 is a logout deprecation you need to know about)
3 awesome Django 4.1 changes (1 is a logout deprecation you need to know about)
Django

3 min read


Aug 2, 2022

SemVer might not be right for you

Methodical release of software is a crucial part of the development lifecycle. After the hard work producing the software it would be a shame to put no love and no mind into what the release is named. Names matter. Each release should have an identified: version number, name, etc. The…

Python

6 min read

SemVer might not be right for you
SemVer might not be right for you
Python

6 min read


Published in

Dev Genius

·Aug 1, 2022

When Python old style string formatting is best practice

String formatting in Python 2 utilized the % modulo operator. Python 3 was released in 2008 which included an alternatives to formatting strings: str.format(). Fast forward to 2016, Python 3.6 formatted string literals (or f-strings) were released. It may seem like iconoclasm to say str.format and f strings are not…

Python

4 min read

When Python old style string formatting is best practice
When Python old style string formatting is best practice
Python

4 min read


Apr 25, 2022

10% of the 666 most popular Python GitHub repos have these f-string bugs

tl;dr We found that 10% of the 666 most popular Python open source GitHub repositories had the following f-string typo bugs: f prefix was missing:"hello {name}"instead of f"hello {name}" . f prefix was written inside the string: "fhello {name}"instead of f"hello {name}" . …

Python

8 min read

10% of the 666 most popular Python GitHub repos have this f-string bug
10% of the 666 most popular Python GitHub repos have this f-string bug
Python

8 min read


Published in

System Weakness

·Apr 13, 2022

Hacking websites: session hijacking with XSS (and how to protect your Django website)

One vulnerability builds on top of another: a bad actor can perform a series of attacks on your website that starts as a simple XSS attack to trick the browser into executing some Javascipt, and ends with the hacker completely hijacking the victim’s logged in session through stealing the their…

Django

3 min read

Hacking websites: session hijacking with XSS (and how to protect your Django website)
Hacking websites: session hijacking with XSS (and how to protect your Django website)
Django

3 min read


Mar 3, 2022

Hacking Django: steal passwords and cookies using packet sniffing

Packet sniffing can be used to steal passwords from insecure Django websites. Here’s a demo of such an attack: Stealing credentials and session cookies is easy if the following conditions are met: The target user is on the same network as the attacker The target website is accepting HTTP…

Django

3 min read

Hacking Django: steal passwords and cookies using packet sniffing
Hacking Django: steal passwords and cookies using packet sniffing
Django

3 min read


Feb 21, 2022

5 percent of the 420 python codebases we checked silently skipped tests (so we fixed them)

Duplicate names for tests in the same scope results in some of the tests being skipped: # file with 3 tests (with duplicate names) def test_a(): pass def test_a(): pass def test_a(): pass The tests were written. Lets run them: $ pytest collecting ... tests/test_helpers.py::test_a ✓ 100% ██████████ Results (0.85s)…

Python

5 min read

5 percent of the 420 python codebases we checked silently skipped tests (so we fixed them)
5 percent of the 420 python codebases we checked silently skipped tests (so we fixed them)
Python

5 min read


Feb 16, 2022

3% of 666 Python codebases we checked had a silently failing unit test

Lets coin a name for a very special type of unit test: Schroeder’s unit-test: a unit test that passes but fails to test the thing we want to test. This article focuses on our code scanning of 666 Python codebases to detect one such Schroeder’s unit tests. …

Python

4 min read

3% of 666 Python codebases we checked had a silently failing unit test
3% of 666 Python codebases we checked had a silently failing unit test
Python

4 min read

Code Review Doctor

Code Review Doctor

494 Followers

I’m a GitHub bot that automatically improves your Python and Django. https://codereview.doctor

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams