Elixir

Been thinking about a second project before I need to head back to Python report-building land.

I recently wrote a Python-based vulnerability reporting application that cached API lookups from the NIST NVD service.

API Constraints

The most severe NVD API constraint is the rate limiting:

• 5 lookups per 30 seconds without an API key.
• 50 lookups per 30 seconds with an API key.

I’ve also seen API requests take over 30 seconds to respond.

A typical report requires hundreds of CVE lookups which makes caching mandatory.

SimpleCardBrand version 1.0.0

I found a gentle and an in-depth article about OptionParser. Neither quite matched my specific use case of pattern matching options at the function level.

The key is converting the opts keyword list into a map.

SimpleCardBrand version 0.3.0 changes the :error reason from a String.t to a tuple: {:atom, String.t}. This allows simple programmatic decision making based off the atom along with detailed error messages. Example:

{:error, {:pan_too_short,"Minimum PAN length is 12, found 10."}}
{:error, {:pan_unknown,"Unknown card brand."}}
{:error, {:pan_too_long, "Maximum PAN length is 19, found 20."}}

Added a (NOT PCI COMPLIANT) command-line interface. Use only with test credit card account numbers.

$ ./simplecardbrand 4111111111111111
PAN: 4111111111111111 -> Brand: visa

SimpleCardBrand is feature complete.

It supports all the card brands documented on Wikipedia as of 2023-08-06.

SimpleCardBrand is feature complete.

It supports all the card brands documented on Wikipedia as of 2023-08-06.

Use an Enum function to stream data from a list.

I was recently lamenting Elixir’s lack of Pytest-like parameterized testing (or at least my inability to find such).

I’d found several examples including ExUnit.Parameterized, but I could not find a solution that output the actual parameters from among hundreds that caused the failed assert.

Maciej Lukksepp (icejam_@hachyderm.io) responded that StreamData property testing should solve the problem, and provided a useful starting point.

Created a mix project.

Added guards to card_brand that check for String and Integer parameters then moved the single file into a mix project.

Every card brand has its own test file. The tests validate against the information on the Wikipedia page. Each brand is tested for documented prefix and account number length.

As suspected, there were a few lurking bugs which have now been corrected.

After adding 16 new card brands, I’m finding the single file is getting slightly more complex than I’d like.

There’s only about 270 lines of code, but it’s difficult to come up with logical arrangement as many brands have multiple ranges in entirely different areas.