2.3 KiB
name, description
| name | description |
|---|---|
| netalertx-code-standards | NetAlertX coding standards and conventions. Use this when writing code, reviewing code, or implementing features. |
Code Standards
- ask me to review before going to each next step (mention n step out of x)
- before starting, prepare implementation plan
- ask me to review it and ask any clarifying questions first
- add test creation as last step - follow repo architecture patterns - do not place in the root of /test
- code has to be maintainable, no duplicate code
- follow DRY principle
- code files should be less than 500 LOC for better maintainability
File Length
Keep code files under 500 lines. Split larger files into modules.
DRY Principle
Do not re-implement functionality. Reuse existing methods or refactor to create shared methods.
Database Access
- Never access DB directly from application layers
- Use
server/db/db_helper.pyfunctions (e.g.,get_table_json) - Implement new functionality in handlers (e.g.,
DeviceInstanceinserver/models/device_instance.py)
MAC Address Handling
Always validate and normalize MACs before DB writes:
from plugin_helper import normalize_mac
mac = normalize_mac(raw_mac)
Subprocess Safety
MANDATORY: All subprocess calls must set explicit timeouts.
result = subprocess.run(cmd, timeout=60) # Minimum 60s
Nested subprocess calls need their own timeout—outer timeout won't save you.
Time Utilities
from utils.datetime_utils import timeNowUTC
timestamp = timeNowUTC()
This is the ONLY function that calls datetime.datetime.now() in the entire codebase.
⚠️ CRITICAL: ALL database timestamps MUST be stored in UTC This is the SINGLE SOURCE OF TRUTH for current time in NetAlertX Use timeNowUTC() for DB writes (returns UTC string by default) Use timeNowUTC(as_string=False) for datetime operations (scheduling, comparisons, logging)
String Sanitization
Use sanitizers from server/helper.py before storing user input.
Devcontainer Constraints
- Never
chmodorchownduring operations - Everything is already writable
- If permissions needed, fix
.devcontainer/scripts/setup.sh
Path Hygiene
- Use environment variables for runtime paths
/datafor persistent config/db/tmpfor runtime logs/api/nginx state- Never hardcode
/data/dbor use relative paths