DanDingNoneBot

xia.silei/DanDingNoneBot

Fork 0

Commit Graph

Author	SHA1	Message	Date
Mr.Xia	c01338f496	refactor(plugins): comprehensive code review - ~35 fixes across 14 plugins Phase 1 - Plugin code review (14/14 plugins): - Security: 3x token leak in print→logger.debug, Bearer prefix handling - Bug: bare except→specific exceptions, HorseState type safety, sync→async - Critical: response_model undefined, route dead code, sync blocking event loop - Quality: 11x print()→logger, variable name shadowing, consistent logging Phase 2 - Deep analysis: - Fix: payout int truncation→max(1, round(amount*odds)) - Fix: room_store get_lock race condition→dict.setdefault() - Verify: data_manager f-string SQL is safe (uses ? placeholders) Infrastructure: review reports generated for all plugins.	2026-05-09 23:22:28 +08:00
Mr.Xia	a952760cf8	fix: break circular import in horse racing commands Extract shared.py from commands/__init__.py to break circular dependency: - shared.py: shared variables/services/helper functions - access.py: get_scope/check_access/get_event_id (canonical source) - __init__.py: re-exports from shared.py for backward compat - register/bet/race/help: import from .shared instead of package	2026-05-02 15:38:34 +08:00

Author

SHA1

Message

Date

Mr.Xia

c01338f496

refactor(plugins): comprehensive code review - ~35 fixes across 14 plugins

Phase 1 - Plugin code review (14/14 plugins):
- Security: 3x token leak in print→logger.debug, Bearer prefix handling
- Bug: bare except→specific exceptions, HorseState type safety, sync→async
- Critical: response_model undefined, route dead code, sync blocking event loop
- Quality: 11x print()→logger, variable name shadowing, consistent logging

Phase 2 - Deep analysis:
- Fix: payout int truncation→max(1, round(amount*odds))
- Fix: room_store get_lock race condition→dict.setdefault()
- Verify: data_manager f-string SQL is safe (uses ? placeholders)

Infrastructure: review reports generated for all plugins.

2026-05-09 23:22:28 +08:00

Mr.Xia

a952760cf8

fix: break circular import in horse racing commands

Extract shared.py from commands/__init__.py to break circular dependency:
- shared.py: shared variables/services/helper functions
- access.py: get_scope/check_access/get_event_id (canonical source)
- __init__.py: re-exports from shared.py for backward compat
- register/bet/race/help: import from .shared instead of package

2026-05-02 15:38:34 +08:00

2 Commits