chore(typosquatting): improve variable names and comments for clarity

AmineRaouane · AmineRaouane · commit 608f6c90fcba · 2025-05-20T14:07:43.000+01:00
Signed-off-by: Amine &lt;amine.raouane@enim.ac.ma&gt;
diff --git a/src/macaron/malware_analyzer/pypi_heuristics/metadata/typosquatting_presence.py b/src/macaron/malware_analyzer/pypi_heuristics/metadata/typosquatting_presence.py
@@ -122,6 +122,9 @@ def _load_defaults(self) -> tuple[list[str], float, float, float, float]:
     def are_neighbors(self, first_char: str, second_char: str) -> bool:
         """Check if two characters are adjacent on a QWERTY keyboard.
 
+        Adjacent characters are those that are next to each other
+        either horizontally, vertically, or diagonally.
+
         Parameters
         ----------
         first_char : str
@@ -190,18 +193,18 @@ def jaro_distance(self, package_name: str, popular_package_name: str) -> float:
         package_name_matches = [False] * package_name_len
         popular_package_name_matches = [False] * popular_package_name_len
         matches = 0
-        transpositions = 0.0  # a float to handle partial costs.
+        transpositions = 0.0  # A float to handle partial costs.
 
         # Count matches.
-        for i in range(package_name_len):
-            start = max(0, i - match_distance)
-            end = min(i + match_distance + 1, popular_package_name_len)
-            for j in range(start, end):
-                if popular_package_name_matches[j]:
+        for first_index in range(package_name_len):
+            start = max(0, first_index - match_distance)
+            end = min(first_index + match_distance + 1, popular_package_name_len)
+            for second_index in range(start, end):
+                if popular_package_name_matches[second_index]:
                     continue
-                if package_name[i] == popular_package_name[j]:
-                    package_name_matches[i] = True
-                    popular_package_name_matches[j] = True
+                if package_name[first_index] == popular_package_name[second_index]:
+                    package_name_matches[first_index] = True
+                    popular_package_name_matches[second_index] = True
                     matches += 1
                     break
 
@@ -210,12 +213,12 @@ def jaro_distance(self, package_name: str, popular_package_name: str) -> float:
 
         # Count transpositions with possible keyboard awareness.
         k = 0
-        for i in range(package_name_len):
-            if package_name_matches[i]:
+        for index in range(package_name_len):
+            if package_name_matches[index]:
                 while not popular_package_name_matches[k]:
                     k += 1
-                if package_name[i] != popular_package_name[k]:
-                    transpositions += self.substitution_func(package_name[i], popular_package_name[k])
+                if package_name[index] != popular_package_name[k]:
+                    transpositions += self.substitution_func(package_name[index], popular_package_name[k])
                 k += 1
 
         transpositions /= 2.0  # Adjust for transpositions being counted twice.
diff --git a/tests/malware_analyzer/pypi/test_typosquatting_presence.py b/tests/malware_analyzer/pypi/test_typosquatting_presence.py
@@ -5,6 +5,7 @@
 # pylint: disable=redefined-outer-name
 
 
+import os
 from pathlib import Path
 from unittest.mock import MagicMock
 
@@ -18,10 +19,10 @@
 @pytest.fixture()
 def analyzer(tmp_path: Path) -> TyposquattingPresenceAnalyzer:
     """Pytest fixture to create a TyposquattingPresenceAnalyzer instance with a dummy popular packages file."""
-    # create a dummy popular packages file
-    pkg_file = tmp_path / "popular.txt"
+    # Create a dummy popular packages file.
+    pkg_file = Path(os.path.join(tmp_path, "popular.txt"))
     popular_packages = ["requests", "flask", "pytest"]
-    pkg_file.write_text("\n".join(popular_packages))
+    pkg_file.write_text("\n".join(popular_packages), encoding="utf-8")
     analyzer_instance = TyposquattingPresenceAnalyzer(str(pkg_file))
     return analyzer_instance
 
@@ -41,8 +42,8 @@ def test_analyze_similar_name_fail(analyzer: TyposquattingPresenceAnalyzer, pypi
     assert result == HeuristicResult.FAIL
     assert info["package_name"] == "reqursts"
     assert info["popular_package"] == "requests"
-    # ratio should match or exceed threshold 0.95
-    assert isinstance(info["similarity_ratio"], (int, float))
+    # The ratio should match or exceed threshold.
+    assert isinstance(info["similarity_ratio"], float)
     assert info["similarity_ratio"] >= analyzer.distance_ratio_threshold
 
 
@@ -62,22 +63,24 @@ def test_analyze_nonexistent_file_skip() -> None:
 
 
 @pytest.mark.parametrize(
-    ("s1", "s2", "expected"),
+    ("package1", "package2", "expected_ratio"),
     [
         ("requests", "requests", 1.0),
         ("reqursts", "requests", 11 / 12),
         ("abcd", "wxyz", 0.0),
     ],
 )
-def test_jaro_distance(analyzer: TyposquattingPresenceAnalyzer, s1: str, s2: str, expected: float) -> None:
+def test_jaro_distance(
+    analyzer: TyposquattingPresenceAnalyzer, package1: str, package2: str, expected_ratio: float
+) -> None:
     """Test the Jaro distance calculation."""
-    assert analyzer.jaro_distance(s1, s2) == expected
+    assert analyzer.jaro_distance(package1, package2) == expected_ratio
 
 
 def test_empty_popular_packages_file(tmp_path: Path, pypi_package_json: MagicMock) -> None:
     """Test the analyzer skips when the popular packages file is empty."""
-    pkg_file = tmp_path / "empty_popular.txt"
-    pkg_file.write_text("")
+    pkg_file = Path(os.path.join(tmp_path, "empty_popular.txt"))
+    pkg_file.write_text("", encoding="utf-8")
     analyzer_instance = TyposquattingPresenceAnalyzer(str(pkg_file))
     result, info = analyzer_instance.analyze(pypi_package_json)
     assert result == HeuristicResult.SKIP
