Linter: enable attribute-defined-outside-init rule

[bitterpanda63]

Summary by Aikido

Security Issues: 0	🔍 Quality Issues: 3	Resolved Issues: 0

⚡ Enhancements

• Initialized ServiceConfig attributes and added explicit setter methods

🔧 Refactors

• Replaced ServiceConfig.update calls with granular setter invocations throughout codebase
• Refactored Context body handling to use parse_body_object staticmethod
• Switched ThreadCache and CloudConnectionManager to construct ServiceConfig directly

^{More info}

[aikido-pr-checks]

parse_body_object reassigns parameter 'body' (e.g., body = body.decode(...)). Assign decode result to a new local variable to preserve the original argument.

Details

✨ AI Reasoning
​A newly added static method transforms its input parameter by decoding bytes into a string and reassigning the same local parameter name. Reassigning a function parameter can obscure the original value and its type; here the method both decodes and later parses the same parameter, which may confuse readers and complicate debugging. The pattern is normalization (decoding) before use, but reassigning the parameter rather than assigning to a new local variable reduces clarity.

🔧 How do I fix it?
Create new local variables instead of reassigning parameters. Use different variable names to clearly distinguish between input and modified values.

_{More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.}

[aikido-pr-checks]

Initialization logic for config/routes/middleware_installed is duplicated between init and reset

Details

✨ AI Reasoning
​​1) The diff adds explicit initializations in init for config, middleware_installed, and routes (lines 20-23) while reset() also sets config and clears routes (lines 41-42); 2) This duplicates the same initialization logic in two places, increasing maintenance burden because changes must be kept in sync; 3) This harms maintainability by introducing obvious within-file duplication that can lead to inconsistencies; 4) The violation was introduced by this PR (previously init delegated initialization to reset), so it's new; 5) The duplication is straightforward to refactor (extract common init helper or have init call reset); 6) Fixable within this PR scope.

🔧 How do I fix it?
Delete extra code. Extract repeated code sequences into reusable functions or methods. Use loops or data structures to eliminate repetitive patterns.

_{More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.}

[hansott]

Flag doesn't update like other settings but seems fine, will only be false for the first heartbeat (and this flag is deprecated anyway). Needs to start sending heartbeat after 30s, then 2 minutes, then every 10 minutes

[hansott]

This was previously true fyi

[aikido-pr-checks]

Method docstring restates what parse_body_object does; explain why these parsing rules exist (e.g., server quirks, expected input shapes) instead of repeating the mechanics.

Details

✨ AI Reasoning
​The new staticmethod parse_body_object has a docstring that repeats the mechanics implemented in the method rather than providing rationale or design decisions. It doesn't explain why empty byte bodies should become None, why JSON is heuristically detected, or compatibility constraints that motivated this behavior.

🔧 How do I fix it?
Write comments that explain the purpose, reasoning, or business logic behind the code using words like 'because', 'so that', or 'in order to'.

_{More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.}