ePortfolio
Throughout the past few years, I have developed many computer science-oriented skills with the intention of pursuing a career in the field. The project discussed in this portfolio - the creation of major enhancements to a bot I named “Pinky” that is used for enhancing the user experience on the online social platform Discord - demonstrates many of the skills I have acquired. I initially developed Pinky when I was in high school, around the time that the COVID-19 pandemic struck. It was both a way for me to have fun programming as well as show off to some friends. While I was proud of what I had created, it was certainly limited by my very informal approach to coding as well as a lack of experience in specific areas, such as databases. So when an opportunity presented itself, I was quite excited to work on Pinky again, further exploring its potential while demonstrating new skills and learning even more along the way. In this project and the associated artifact enhancements discussed in sections below, you will see my demonstration of the following skills:
When reading through the sections below, please keep in mind that each one was written at its own specific point in time within the development lifecycle of this project. Pinky's codebase is fully open-source and can be viewed using the links at the bottom of this webpage.
In the video below, I discussed the old version of Pinky and how I intended to greatly expand upon its current design and implementation in accordance with specified capstone project guidelines, demonstrating my skills as a software developer.
Each of my artifact enhancements will be performed on the old codebase of a Discord bot I initially created a few years ago that my friends and I named Pinky. I selected this artifact for my capstone project because it is one of my favorite projects and I especially love working on it, and it is a bonus that I get to show it off to my friends again. One aspect of the Software and Engineering enhancement performed was migrating it from an API wrapper called Pycord to a new API wrapper called Nextcord. In addition to this, I modified it to use a completely different format for its user commands. When I first built Pinky, bots would frequently use a “command prefix” consisting of one or more arbitrary characters that would essentially indicate to the bot that it was supposed to pay attention to the contents of a particular message; since then, Discord has added slash commands, which gives developers a means of standardizing their bots and makes the user experience more streamlined. With slash commands, the user simply enters a forward slash and they are presented with command options from various bots within a given server. I knew this would be a crucial feature to add to Pinky. The final, but also most minor change performed in this milestone was decoupling Pinky from my original hosting solution for it, Replit. Although Replit was convenient at the time, I do not intend on using it as a long-term solution for hosting as there is no way to run the application for long periods of time without a premium subscription. Instead, I will simply continue development on my own personal computer; when development is complete and this course is finished, I will host Pinky on my Raspberry Pi 5, enabling it to run for long periods with minimal downtime and relying only on my own personal hardware. In order to accomplish this, some dependencies in the code had to be modified in order to enable it to run in other environments aside from Replit.
I believe I have made significant progress toward course outcomes in this milestone. These outcomes include delivering professional quality communications and demonstrating an ability to innovative techniques, skills, and tools in the implementation of user-friendly computer solutions. My outcome-coverage plans remain largely the same as I look forward to the next artifact enhancement. As I modified the codebase, I learned several key things. One was the importance of considering the downsides of limiting the project to one particular environment; I regret making the bot dependent on Replit’s framework, and I am glad to have made the project more platform-independent. I also believe I now have a better sense of how to take a snippet of code and convert it into another form while maintaining its functionality. One of the biggest challenges I faced in the development of this enhancement was the debugging process; ensuring that the conversion did not introduce new bugs was a tedious task that required patience, but building that patience is crucial for development jobs in which bugs can be a significant obstacle to overcome and rectify.
In this milestone, I designed and implemented an algorithm for offensive language filtration. It uses regular expressions and compares scanned messages to these regex patterns; by doing this, the bot is capable of not only censoring offensive language, but also counteracting certain user attempts at obfuscating such language with text modifications (for example, "sl*r w0rd" in place of "slur word" would not make it past the algorithm). The algorithm is imperfect, but it accomplishes its task better than I initially anticipated given my deadline for developing it. One key issue that will be fixed by the end of this project is the detection algorithm's handling of special characters. Right now, it scans to see if some special characters are used as substitutes in a phrase. Let's say the word "bad" is on the list of banned phrases; the algorithm would also flag "___", "***", "...", and "-_*" as just a few examples. This is because "bad" has a character length of three, and the algorithm would identify any combination of three specified special characters as just being substitute characters for the characters in "bad", leading to false positives. This is a flaw, but it is one that I will hopefully be able to fix in the near future, and with a reasonable list of actually offensive phrases, the risk of a false positive should be fairly small.
One of the greatest strengths of this algorithm is its modularity. Rather than operating on a static pre-defined list of offensive phrases, the list can be updated seamlessly just by appending to a file. There is no need to manually create new regular expression patterns either as the module creates these automatically during runtime. This significantly aids readability and maintainability for the developer as only template regular expressions need to be hard-coded. In addition, the algorithm is highly efficient, taking very little time to instantiate all regex components and very quickly scanning all readable messages.
The enhancement performed on my artifact this week is a complete overhaul of Pinky’s reaction roles. As of today, the Discord bot now uses a SQLite database in its handling of user reaction roles. This allows for the seamless creation and management of reaction roles in any Discord server where Pinky is present. I selected this part of the Discord bot’s codebase to revamp because the feature was more cumbersome previously, using a JSON file to accomplish the task in a less efficient way with more overhead. The database technology I chose to implement is SQLite. My reasoning for this was twofold; first, Python includes a built-in library for handling SQLite, which highly simplified development, and second, SQLite is very lightweight, perfect for my bot’s specific needs. This enhancement showcases my knowledge of databases, ability to work with SQL, and capacity to leverage these skills in practical ways during application development, all of which contributes to me meeting the course outcomes I initially intended to.
During the enhancement of the artifact, I learned more about how SQL is used in conjunction with conventional programming languages. This was also my first time working with specifically SQLite, so I have experience with that as well now. As someone highly interested in cybersecurity, my biggest question going into this section of my project was how exactly I was going to protect against SQL injection; as it turns out, this was much simpler than I expected. First, I ensured that no external modules are called in my file, meaning no SQL queries are made from somewhere other than my sqlite_interface.py file; next, I made sure that every space where user input is taken is parameterized, meaning nothing a user enters will execute on its own as a separate SQL query. Python’s SQLite library was very helpful in this regard as it made parameterizing each query as simple as formatting a string. Overall, I am very satisfied with the end result of this milestone.
The three artifact enhancements above fulfill all requirements for my capstone project; however, I wanted to go beyond the project’s scope and add more. One extra enhancement I performed was adding password-protection to Pinky. In order to execute code with a Discord bot entity, one needs to obtain and store an auth token that is used for running the client; as a demonstration of my cybersecurity skills, I have outfitted Pinky so that this token is only stored in an encrypted form, and it is only decrypted at runtime. The token is encrypted using AES-256, which is known for being practically impenetrable, and it is an encryption standard used by governments, banks, healthcare organizations, and more across the globe. The current configuration reconstructs the key used for decrypting Pinky’s auth token at runtime by deriving it from a password, and this setup means that the password does not even have to be stored in hash form. Only the encrypted form of the token is necessary.
Another addition I made was the inclusion of audio streaming over Discord voice chat. Although the feature is quite unpolished since it was outside the initial plan for this project, it is another demonstration of my skills in software engineering. Currently, it can really only start playing music and fully stop, and the music must be stored in .wav format on the host machine, but I hope to expand more on this feature in my own time.
Finally, the issues with false positives I mentioned in the section discussing offensive language filtering have been dealt with. Although I do not believe it is feasible to entirely eliminate all such false positives when leveraging regex, I believe I have made significant progress in doing so.
Pinky's codebase can be viewed in full using these GitHub links: