-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tweaks #16
base: master
Are you sure you want to change the base?
Tweaks #16
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the Crypto/Cryptodome difference might just be a local environment thing? Did you install the packages from requirements.txt because there are two versions of pycryptodome and the only difference is the import name.
I'd also like to leave win32crypt in as we're doing most of our research on Windows here.
@@ -944,6 +950,7 @@ class WrappedIndexDB: | |||
is simpler and more pythonic. | |||
""" | |||
def __init__(self, leveldb_dir: os.PathLike, leveldb_blob_dir: os.PathLike = None): | |||
leveldb_blob_dir = leveldb_blob_dir or leveldb_dir.with_suffix(".blob") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I favour specificity of the caller passing the blob path over this default behaviour I think.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What does that help, what's the advantage? I'm trying to understand. Is there something else we can do?
This seems like easy to derive data that WrappedIndexDB can calculate. Why would we burden callers with doing this scut work, when it is easy to derive like this as a default parameter?
We could eliminate the parameter entirely, removing likely never needed flexibility?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll counter this by saying: I used this flexibility last week when I had a blob folder containing corrupt data recovered from a disk image. There might also be situations where the blob folder straight up doesn't exist and as a caller I'd want to know about it early rather than deep within another call. Explicit is better than implicit, etc.
I think it's worth bearing in in that the original reason for this module to exist is for digital forensics and research where this flexibility is sometimes desirable and where precision and traceability is always going to trump the minor inconvenience of checking for a blob folder's presence and adding it in my eyes.
separate out the info & loading pieces from each other, as we won't need to do expensive blob info calculations twice if we do this
use existing blob info work rather than re-looking up info
This reverts commit dd15a31. Users will need to enter a domain regex to use.
Thanks for the fast comments, much appreciated! I've tried to bring things closer in line to what you've said. I really like that we can avoid doing the I don't really know much about python packaging/library situations to be honest. On Debian my system had all these libraries available (except win32), except the the system |
Hello. I've been interested in reading my own snss & indexeddb data out, to better track my own activity over time.
I found a couple modest tweaks that I needed to make use of this library. Please let me know if there's anything I can do to help get some or all of these changes merged in.