search

parkpow / deep-license-plate-recognition

Automatic License Plate Recognition (ALPR) or Automatic Number Plate Recognition (ANPR) software that works with any camera.
https://platerecognizer.com/
MIT License
523 stars 122 forks source link

Verkada ParkPow visits #200

Closed danleyb2 closed 6 months ago

github-actions[bot] commented 6 months ago

Risk Level 3 - /home/runner/work/deep-license-plate-recognition/deep-license-plate-recognition/docker/platerec_installer.py

The code uses inline event handlers within the Dash app layout, which can become hard to manage as the application grows. It's recommended to separate the callback definitions from the layout for better maintainability. Additionally, the parse_arguments function uses a global variable CONSOLE_WELCOME which could be moved inside the function to limit its scope.

Risk Level 3 - /home/runner/work/deep-license-plate-recognition/deep-license-plate-recognition/parkpow/verkada-lpr-webhooks/on-premise/main.py

The log_vehicle method in the ParkPowApi class does not handle exceptions for the requests.post call, which could lead to unhandled exceptions if the network request fails. Implement proper exception handling for network requests.

Example:

try:
    response = self.session.post(self.api_base + endpoint, json=data)
    response.raise_for_status()
except requests.RequestException as e:
    lgr.error('Request failed', exc_info=e)

Risk Level 4 - /home/runner/work/deep-license-plate-recognition/deep-license-plate-recognition/webhooks/Synology/middleware_webhook_rest.py

The do_POST method in the GetHandler class does not validate the content type of the incoming request, which could lead to security vulnerabilities. Ensure that the content type is as expected before processing the request. Additionally, the environment variable REST_SERVICE_URL is not validated before use, which could lead to issues if it's not set or incorrect.

Example:

if 'REST_SERVICE_URL' not in os.environ:
    raise ValueError('REST_SERVICE_URL environment variable is not set')

๐Ÿ› ๏ธ๐Ÿ”’๐Ÿงน

Powered by Code Review GPT

marcbelmont commented 6 months ago

Let's keep the docker one. It can be used for on premise.

adolfoarmas commented 6 months ago

@danleyb2 @marcbelmont Is it worth it to maintain the Python one in a separate folder?

marcbelmont commented 6 months ago

@danleyb2 @marcbelmont Is it worth it to maintain the Python one in a separate folder?

Yes, let's keep the Python one. I think it's still useful for on-prem.

danleyb2 commented 6 months ago

@marcbelmont Python support is still in BETA and lacks features like tail() or consuming messages from queue so i used JS

danleyb2 commented 6 months ago

@marcbelmont @adolfoarmas Have created subfolders and re-included python