xia.silei/DanDingNoneBot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(plugins): comprehensive code review - ~35 fixes across 14 plugins

Browse Source 
Phase 1 - Plugin code review (14/14 plugins):
- Security: 3x token leak in print→logger.debug, Bearer prefix handling
- Bug: bare except→specific exceptions, HorseState type safety, sync→async
- Critical: response_model undefined, route dead code, sync blocking event loop
- Quality: 11x print()→logger, variable name shadowing, consistent logging

Phase 2 - Deep analysis:
- Fix: payout int truncation→max(1, round(amount*odds))
- Fix: room_store get_lock race condition→dict.setdefault()
- Verify: data_manager f-string SQL is safe (uses ? placeholders)

Infrastructure: review reports generated for all plugins.
This commit is contained in:
夏斯雷
2026-05-09 23:22:28 +08:00
parent 9a8cb3ad6d
commit c01338f496
43 changed files with 4233 additions and 3645 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
danding_bot/plugins/command_list/command_list.py
View File

@@ -1,50 +1,53 @@
from nonebot import on_command, get_loaded_plugins, logger
from nonebot.rule import fullmatch
from nonebot.adapters.onebot.v11.event import MessageEvent
from nonebot.plugin import Plugin
from nonebot_plugin_saa import Text, MessageFactory
import random
import asyncio
ALLOWED_USER = 1424473282
async def check_user(event: MessageEvent) -> bool:
"""检查用户是否有权限使用该命令"""
return event.user_id == ALLOWED_USER
cmd = on_command(
"指令列表",
rule=check_user and fullmatch(("指令列表", "命令列表", "help list", "cmd list")),
aliases={"命令列表", "help list", "cmd list"},
priority=1,
block=True
)
def format_plugin_info(plugin: Plugin) -> str:
"""格式化插件信息"""
info = []
if hasattr(plugin, "metadata") and plugin.metadata:
meta = plugin.metadata
if hasattr(meta, "name") and meta.name:
info.append(f"插件名称: {meta.name}")
if hasattr(meta, "description") and meta.description:
info.append(f"功能描述: {meta.description}")
if hasattr(meta, "usage") and meta.usage:
info.append(f"使用方法: {meta.usage}")
return "\n".join(info) if info else f"插件: {plugin.name}"
@cmd.handle()
async def handle_command_list():
plugins = get_loaded_plugins()
msg_parts = ["当前支持的指令列表:\n"]
for plugin in plugins:
plugin_info = format_plugin_info(plugin)
if plugin_info:
msg_parts.append(f"\n{plugin_info}\n{'='*30}")
await asyncio.sleep(random.uniform(1, 2))
await MessageFactory([Text("\n".join(msg_parts))]).send(
at_sender=True,
reply=True
from nonebot import on_command, get_loaded_plugins, logger
from nonebot.rule import fullmatch, Rule
from nonebot.adapters.onebot.v11.event import MessageEvent
from nonebot.plugin import Plugin
from nonebot_plugin_saa import Text, MessageFactory
import asyncio
ALLOWED_USER = 1424473282
async def _check_user(event: MessageEvent) -> bool:
"""检查用户是否有权限使用该命令"""
return event.user_id == ALLOWED_USER
cmd = on_command(
"指令列表",
rule=Rule(_check_user) & fullmatch(("指令列表", "命令列表", "help list", "cmd list")),
priority=1,
block=True
)
def format_plugin_info(plugin: Plugin) -> str:
"""格式化插件信息"""
info = []
if hasattr(plugin, "metadata") and plugin.metadata:
meta = plugin.metadata
if hasattr(meta, "name") and meta.name:
info.append(f"插件名称: {meta.name}")
if hasattr(meta, "description") and meta.description:
info.append(f"功能描述: {meta.description}")
if hasattr(meta, "usage") and meta.usage:
info.append(f"使用方法: {meta.usage}")
return "\n".join(info) if info else f"插件: {plugin.name}"
@cmd.handle()
async def handle_command_list():
try:
plugins = get_loaded_plugins()
except Exception as e:
logger.error(f"获取插件列表失败: {e}")
await cmd.finish("获取指令列表失败,请稍后再试")
return
msg_parts = ["当前支持的指令列表:\n"]
for plugin in sorted(plugins, key=lambda p: p.name):
plugin_info = format_plugin_info(plugin)
if plugin_info:
msg_parts.append(f"\n{plugin_info}\n{'='*30}")
await MessageFactory([Text("\n".join(msg_parts))]).send(
at_sender=True,
reply=True
)