mirror of
https://github.com/YunoHost/package_linter.git
synced 2024-09-03 20:06:12 +02:00
Merge branch 'master' into OniriCorpe-patch-1
This commit is contained in:
OniriCorpe
GitHub
commit
8876de53ba
3 changed files with 71 additions and 22 deletions
12
.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
12
.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
|
|
@ -0,0 +1,12 @@
|
|||
## Problem
|
||||
|
||||
- *Description of why you made this PR, what is its purpose*
|
||||
|
||||
## Solution
|
||||
|
||||
- *And how do you relevantly fix that problem*
|
||||
|
||||
## PR checklist
|
||||
|
||||
- [ ] PR finished and ready to be reviewed
|
||||
|
||||
35
.github/autoblack.yml
vendored
Normal file
35
.github/autoblack.yml
vendored
Normal file
|
|
@ -0,0 +1,35 @@
|
|||
name: Check / auto apply Black
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
jobs:
|
||||
black:
|
||||
name: Check / auto apply black
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Check files using the black formatter
|
||||
uses: psf/black@stable
|
||||
id: black
|
||||
with:
|
||||
options: "."
|
||||
continue-on-error: true
|
||||
- shell: pwsh
|
||||
id: check_files_changed
|
||||
run: |
|
||||
# Diff HEAD with the previous commit
|
||||
$diff = git diff
|
||||
$HasDiff = $diff.Length -gt 0
|
||||
Write-Host "::set-output name=files_changed::$HasDiff"
|
||||
- name: Create Pull Request
|
||||
if: steps.check_files_changed.outputs.files_changed == 'true'
|
||||
uses: peter-evans/create-pull-request@v6
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
title: "Format Python code with Black"
|
||||
commit-message: ":art: Format Python code with Black"
|
||||
body: |
|
||||
This pull request uses the [psf/black](https://github.com/psf/black) formatter.
|
||||
base: ${{ github.head_ref }} # Creates pull request onto pull request or commit branch
|
||||
branch: actions/black
|
||||
|
|
@ -1447,8 +1447,8 @@ class Configurations(TestSuite):
|
|||
|
||||
cmd = 'grep -q -IhEro "location ~ __PATH__" %s' % (app.path + "/conf/" + filename)
|
||||
|
||||
if os.system(cmd) != 0:
|
||||
yield Info(
|
||||
if os.system(cmd) == 0:
|
||||
yield Warning(
|
||||
"When using regexp in the nginx location field (location ~ __PATH__), start the path with ^ (location ~ ^__PATH__)."
|
||||
)
|
||||
|
||||
|
|
@ -1565,13 +1565,14 @@ class Configurations(TestSuite):
|
|||
@test()
|
||||
def bind_public_ip(self):
|
||||
app = self.app
|
||||
for filename in (
|
||||
os.listdir(app.path + "/conf") if os.path.exists(app.path + "/conf") else []
|
||||
for path, subdirs, files in (
|
||||
os.walk(app.path + "/conf") if os.path.exists(app.path + "/conf") else []
|
||||
):
|
||||
for filename in files:
|
||||
try:
|
||||
content = open(app.path + "/conf/" + filename).read()
|
||||
content = open(os.path.join(path, filename)).read()
|
||||
except Exception as e:
|
||||
yield Warning("Can't open/read %s: %s" % (filename, e))
|
||||
yield Warning("Can't open/read %s: %s" % (os.path.join(path, filename), e))
|
||||
return
|
||||
|
||||
for number, line in enumerate(content.split("\n"), 1):
|
||||
|
|
@ -1583,10 +1584,11 @@ class Configurations(TestSuite):
|
|||
for ip in re.split("[ \t,='\"(){}\[\]]", line):
|
||||
if ip == "::" or ip.startswith("0.0.0.0"):
|
||||
yield Info(
|
||||
f"{filename}:{number}: Binding to '0.0.0.0' or '::' can result "
|
||||
"in a security issue as the reverse proxy and the SSO can be "
|
||||
"bypassed by knowing a public IP (typically an IPv6) and the "
|
||||
"app port. lease be sure that this behavior is intentional. "
|
||||
f"{os.path.relpath(path, app.path)}/{filename}:{number}: "
|
||||
"Binding to '0.0.0.0' or '::' can result in a security issue "
|
||||
"as the reverse proxy and the SSO can be bypassed by knowing "
|
||||
"a public IP (typically an IPv6) and the app port. "
|
||||
"Please be sure that this behavior is intentional. "
|
||||
"Maybe use '127.0.0.1' or '::1' instead."
|
||||
)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue