Add targeted comments for non-obvious constraints and invariants

- logger.py: note why log path uses abspath(__file__) instead of a relative path - token.py: note why [7:] slice is safe (startswith already verified) - ipcalc.py: explain /32 single-host and /31 RFC-3021 point-to-point special cases; explain why (~netmask) must be masked with 0xFFFFFFFF (Python ~int returns a negative arbitrary-precision value, not a 32-bit unsigned integer) - notes.py: document the module-level _table_ready flag lifetime; explain why tzinfo is stripped before passing datetime to mysql-connector - admin.py: document the module-level _tables_initialized flag lifetime Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-06 10:08:55 +02:00
parent 98bb34f094
commit 7827cda224
5 changed files with 14 additions and 1 deletions
@@ -18,7 +18,7 @@ def verify_token():
        logger.warning("🔐 Invalid Bearer header")
        return None

-    token = auth_header[7:]
+    token = auth_header[7:]  # len("Bearer ") == 7; safe because startswith is verified above
    try:
        decoded = decode(token, SECRET_KEY, algorithms=["HS256"])
        return decoded