PR Test - 0603 #23
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| --- | ||
| reviews: | ||
| high_level_summary: true |
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -10,9 +10,24 @@ | |||||
| return 'There is no such user' | ||||||
| else: | ||||||
| return self.name[user_id] | ||||||
|
|
||||||
| def TowerOfHanoi(n , source, destination, auxiliary): | ||||||
|
There was a problem hiding this comment. 🔴 HIGH RISK This method lacks the required 'self' parameter for an instance method. Additionally, the recursive calls will raise a NameError because the function names are not in the global scope. Either add 'self' and call via 'self.TowerOfHanoi', or use the @staticmethod decorator. This complex logic currently lacks any unit test coverage. |
||||||
| if n==1: | ||||||
| print ("Move disk 1 from source",source,"to destination",destination) | ||||||
| return | ||||||
| TowerOfHanoi(n-1, source, auxiliary, destination) | ||||||
| print ("Move disk",n,"from source",source,"to destination",destination) | ||||||
| TowerOfHanoi(n-1, auxiliary, destination, source) | ||||||
|
|
||||||
|
|
||||||
| def fibonacci_of(n): | ||||||
|
There was a problem hiding this comment. 🔴 HIGH RISK This method is missing the 'self' parameter. Add 'self' and update recursive calls to 'self.fibonacci_of(n - 1)', or move the function outside the class definition. |
||||||
| if n in {0, 1}: # Base case | ||||||
| return n | ||||||
| return fibonacci_of(n - 1) + fibonacci_of(n - 2) # Recursive case | ||||||
|
|
||||||
| if __name__ == '__main__': | ||||||
| person = Person() | ||||||
| print('User Abbas has been added with id ', person.set_name('Abbas')) | ||||||
| print('User associated with id 0 is ', person.get_name(0)) | ||||||
| eval("person.get_name(0)") | ||||||
|
There was a problem hiding this comment. 🔴 HIGH RISK The use of eval() is a significant security risk (code injection). Use safer alternatives like getattr() or call the method directly.
Suggested change
|
||||||
| eval("fibonacci_of(3)") | ||||||
|
Check failure on line 33 in python/person.py
|
||||||
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
| @@ -0,0 +1,3 @@ | ||||||
| flask==1.0.2 | ||||||
|
Check warning on line 1 in python/requirements.txt
|
||||||
|
There was a problem hiding this comment. 🔴 HIGH RISK Flask version 1.0.2 is severely outdated and contains known security vulnerabilities (CVE-2023-30861) related to session management. Update to a supported version.
Suggested change
|
||||||
| django==1.11.29 | ||||||
|
Check warning on line 2 in python/requirements.txt
|
||||||
|
There was a problem hiding this comment. 🔴 HIGH RISK Django 1.11.29 is end-of-life and insecure. Upgrade to at least 4.2.26 to mitigate critical SQL injection risks (CVE-2025-64459) and other high-severity vulnerabilities.
Suggested change
|
||||||
| requests==2.19.1 | ||||||
|
Check warning on line 3 in python/requirements.txt
|
||||||
|
There was a problem hiding this comment. 🟡 MEDIUM RISK Upgrade the requests library to version 2.32.4 or higher to prevent sensitive credential leakage in malicious URLs (CVE-2024-47081).
Suggested change
|
||||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
⚪ LOW RISK
Nitpick: The variable name is excessively long (>180 characters) and impairs readability. Standard naming conventions recommend concise, descriptive names.