While reading through the Spain recognizers I noticed validate_result in es_nie_recognizer.py has this guard:
if not pattern_text[1:-1].isdigit or pattern_text[:1] not in "XYZ":
return False
isdigit is referenced without being called, so the expression is just the bound method object, which is always truthy. That means not pattern_text[1:-1].isdigit is always False, and the digit check silently never runs.
In normal use this stays hidden, because the recognizer's own default pattern (\b[X-Z]?[0-9]?[0-9]{7}[-]?[A-Z]\b) already forces the middle characters to be digits before validate_result ever sees them. But EsNieRecognizer's constructor explicitly accepts a custom patterns argument (documented in the class docstring), and once the regex is loosened even slightly, the missing digit check lets non-digit text reach the checksum line further down, and it raises instead of returning False:
from presidio_analyzer import Pattern
from presidio_analyzer.predefined_recognizers import EsNieRecognizer
loose_pattern = Pattern("NIE_LOOSE", r"\b[X-Z][0-9A-Za-z]{6}[A-Z]\b", 0.5)
recognizer = EsNieRecognizer(patterns=[loose_pattern])
recognizer.analyze("XABCDEFG", ["ES_NIE"])
That raises:
ValueError: invalid literal for int() with base 10: '0ABCDEF'
validate_result is supposed to always return a bool and never raise, so this is a real correctness gap for anyone who customizes the pattern or subclasses the recognizer, both of which the class supports directly. The fix is one character, calling isdigit() instead of referencing it:
if not pattern_text[1:-1].isdigit() or pattern_text[:1] not in "XYZ":
return False
Happy to open a PR with this fix plus a regression test.
While reading through the Spain recognizers I noticed
validate_resultines_nie_recognizer.pyhas this guard:isdigitis referenced without being called, so the expression is just the bound method object, which is always truthy. That meansnot pattern_text[1:-1].isdigitis alwaysFalse, and the digit check silently never runs.In normal use this stays hidden, because the recognizer's own default pattern (
\b[X-Z]?[0-9]?[0-9]{7}[-]?[A-Z]\b) already forces the middle characters to be digits beforevalidate_resultever sees them. ButEsNieRecognizer's constructor explicitly accepts a custompatternsargument (documented in the class docstring), and once the regex is loosened even slightly, the missing digit check lets non-digit text reach the checksum line further down, and it raises instead of returningFalse:That raises:
validate_resultis supposed to always return a bool and never raise, so this is a real correctness gap for anyone who customizes the pattern or subclasses the recognizer, both of which the class supports directly. The fix is one character, callingisdigit()instead of referencing it:Happy to open a PR with this fix plus a regression test.