luis261
commented
4 months ago I just finished configuring some more branches for https://github.com/luis261/Qu1cksc0pe, I'll leave this here as a more concrete, albeit high level "plan", mostly as a note for myself:
(more or less sorted by the order I'll run through em):
code-dedup: simple code deduplicationrefactoring: general place for stuff a bit more involved than above, some of this will fall more under "rearchitecting" I guess, at least from an in-project POVuser-facing: mainly better I/O handling, e.g. how we handle tmp files, reading secrets etc .. will also want to improve error messages, use warnings instead of "raw" prints to stdout and so on, maybe I'll also sneak in a cute new animation or stherror-handling: changes specifically related to better error handling (as in: fail early, fail gracefully, be less permissive in some cases)sys-comms: make use of more specific Python lib functions over just widly firing off subprocesses/shellsautomated-testing(def unit tests for some analyzers, maybe also a rough integration test? .. doubt I'll setup CI/CD for this one .. but just having tests would be nice, even if they have to be kicked off "by hand")analyzers(will probably take me a while until I actually arrive at the point to contribute to these "load-bearing" constructs, but I'm sure by the time I've made it this far through the list I should be comfortable, especially if I've written tests for em)perf
CYB3RMX
Already left you a few PRs, just to demo the kinds of things I'd start off my work with. Just let me know what you think of them once you have time to review. If you prefer doing things "your way" and don't want the additional contributions, just let me know, no hard feelings, that's why I started off with very small changes instead of directly jumping into the deep end.
Hey @CYB3RMX,
I appreciate your work on this project. I like what I'm seeing in terms of actual functionality, quite a holistic set of analysis features/file scanning capabilities you've built up here over the years! We use it at my org (as part of a set of lots of other, diverse analysis tooling) and I'd like to personally give back a bit by contributing in my spare time.
Think of the changes in this PR (and the ones I've already submitted, as well as further ones I might sent through the course of tonight) as just a small sample representing the kinds of changes I'd like to apply.
I'm a bit nitpicky when it comes to (Python) code and would also like to take care of typos as well as moving the codebase towards PEP 8 compliance (I'm not a complete stickler when it comes to PEP8 in particular, but let's at least get the simpler things right, such as moving variable and module names from inconsistent naming schemes/
camelCasetowardssnake_case). However, since you're ultimately in charge here, if you tell me that I should ignore that kinda stuff upfront, I am happy to respect that and will try to let it go ^^I hope you're open to me proposing changes, as I feel like your project could benefit from them (see below). If you are on board with me trying to improve this project, I have a lot more on my mind, e.g.:
Quality:
Usability:
qu1cksc0pe.py, then continue beyond the main module)Extensions (I work as a Security Analyst at my day job so I might have some stuff to offer when it comes to the analysis-specific parts of the code):
Performance:
I know the plan might seem overly ambitious/big but I'll take it slow in small steps, can't commit to working on this every single weekend but I do have some time I'd like to invest here and I really think I can achieve at least a good portion of the goals listed above given some time over the coming months and a bit of support in terms of reviews from your side.
Looking forward to working with you (: Obviously no need to rush any reviews, nothing of this is particularly urgent and I'll adjust to your pace