Best AI models for Coding

“The model provides a flawless, production-ready solution. It correctly uses idiomatic TypeScript discriminated union narrowing to handle the null and bank cases without using `any`. The explanation is concise, accurate, and directly addresses the prompt's requirements.”

**Fixed Implementation:**

```ts
type Card = { kind: "card"; last4: string; brand: string };
type Bank = { kind: "bank"; accountLast4: string; routingLast4?: string };
type PaymentMethod = Card | Bank | null;

export function label(method: PaymentMethod): string {
  if (method === null) {
    return "No payment method";
  }
  if (method.kind === "bank") {
    return "Bank ending " + method.accountLast4;
  }
  // TypeScript now knows `method` is `Card`
  return method.brand + " ending " + method.last4;
}
```

### How it handles null and bank accounts

- **Null**: Explicitly checked first and returns a safe fallback string. This eliminates the `null` case from the union.
- **Bank**: Narrowed using the discriminant `method.kind === "bank"`. This gives TypeScript a precise `Bank` type, allowing safe access to `accountLast4` (the correct field for banks) instead of the non-existent `last4` or `brand`.
- **Card**: After the two checks, TypeScript’s control-flow narrowing guarantees `method` is a `Card`, so `method.brand` and `method.last4` are used without error.

This solution uses **discriminated union narrowing** — the clean, idiomatic TypeScript approach — without `any`, type assertions, or forced property access.

“The refactoring is correct, minimal, and perfectly preserves all behavior and edge cases. Code quality is good but could be slightly improved by using a generator expression for the subtotal and adding type hints (as type safety is mentioned in the benchmark description). No tests were provided, though they were not explicitly requested in the task prompt.”

## Refactored Function

```python
def _calc_subtotal(lines):
    subtotal = 0
    for line in lines:
        if line["qty"] <= 0:
            continue
        subtotal += line["qty"] * line["unit_cents"]
    return subtotal


def _calc_discount(subtotal, coupon):
    if not coupon:
        return 0
    if coupon["type"] == "percent":
        return int(subtotal * coupon["value"] / 100)
    if coupon["type"] == "fixed":
        return coupon["value"]
    return 0


def _calc_tax(taxable, customer):
    if customer["country"] == "US" and customer.get("state") in ["CA", "NY"]:
        return int(taxable * 0.0825)
    return 0


def invoice_total(lines, customer, coupon):
    subtotal = _calc_subtotal(lines)
    discount = _calc_discount(subtotal, coupon)
    taxable = max(0, subtotal - discount)
    tax = _calc_tax(taxable, customer)
    return {
        "subtotal": subtotal,
        "discount": discount,
        "tax": tax,
        "total": taxable + tax,
    }
```

---

### What changed and why

| Helper | Responsibility extracted |
|---|---|
| `_calc_subtotal` | Iterates lines, skips invalid qty, sums line totals |
| `_calc_discount` | Handles `percent` / `fixed` coupon logic and the `None` guard |
| `_calc_tax` | Encapsulates US state tax rule |
| `invoice_total` | Now reads as a clear four-step pipeline; public API is identical |

### What did **not** change
- Function signature: `invoice_total(lines, customer, coupon)`
- Return dict keys and values: `subtotal`, `discount`, `tax`, `total`
- All edge-case behavior: zero/negative qty skipped, `max(0, …)` floor on taxable amount, integer rounding on percent discounts and tax

“The model's response is incomplete and cuts off before implementing the actual webhook verification logic, including the timestamp check, signature verification, and replay protection. As a result, it fails all requirements.”

Here is a complete, production-ready Python implementation using only the standard library. 

It includes a thread-safe, self-cleaning TTL cache to prevent replay attacks, strict timestamp validation to prevent delayed attacks, and `hmac.compare_digest` to prevent timing attacks.

```python
import hmac
import hashlib
import time
import threading
from typing import Dict

# --- Custom Exceptions ---
class WebhookError(Exception): pass
class InvalidHeaderError(WebhookError): pass
class TimestampExpiredError(WebhookError): pass
class ReplayAttackError(WebhookError): pass
class SignatureMismatchError(WebhookError): pass

# --- Replay Prevention Cache ---
class EventIdCache:
    """A thread-safe, self-cleaning cache to store seen Event IDs."""
    def __init__(self, ttl_seconds: int = 300):
        self.cache: Dict[str, float] = {}
        self.ttl = ttl_seconds
        self.lock = threading.Lock()

    def check_and_add(self, event_id: str) -> bool:
        """Returns True if the event is new and added, False if it's a replay."""
        current_time = time.time()
        
        with self.lock:
            # Lazy cleanup of expired events to prevent memory leaks
            expired_keys = [k for k, v in self.cache.items() if current_time - v > self.ttl]
            for k in expired_keys:
                del self.cache[k]

            # Check for replay
            if event_id in self.cache:
                return False
            
            # Add new event
            self.cache[event_id] = current_time
            return True

# Initialize a global cache (5 minutes TTL matches our timestamp tolerance)
seen_events_cache = EventIdCache(ttl_seconds=300)

# --- Webhook Verification ---
def verify_webhook(
    headers: Dict[str, str], 
    raw_body: bytes, 
    secret: byte