pacnpal/Pac-cogs
1
0
Fork 0
mirror of https://github.com/pacnpal/Pac-cogs.git synced 2025-12-27 22:16:56 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: pacnpal:a472d1669bdac835c4793f4be4a43fee2dbdcc64
Branches Tags
pacnpal:main pacnpal:pixeebot/drip-2025-04-19-pixee-python/lazy-logging pacnpal:pixeebot/drip-2025-04-03-pixee-python/url-sandbox pacnpal:pixeebot/drip-2025-03-18-pixee-python/sandbox-process-creation pacnpal:pixeebot/drip-2025-01-03-pixee-python/url-sandbox pacnpal:pixeebot/drip-2024-12-18-pixee-python/sandbox-process-creation
..
compare: pacnpal:pixeebot/drip-2024-12-18-pixee-python/sandbox-process-creation
Branches Tags
pacnpal:pixeebot/drip-2025-04-19-pixee-python/lazy-logging pacnpal:pixeebot/drip-2025-04-03-pixee-python/url-sandbox pacnpal:pixeebot/drip-2025-03-18-pixee-python/sandbox-process-creation pacnpal:main pacnpal:pixeebot/drip-2025-01-03-pixee-python/url-sandbox pacnpal:pixeebot/drip-2024-12-18-pixee-python/sandbox-process-creation

1 Commits
a472d1669b ... pixeebot/d

Author SHA1 Message Date
pixeebot[bot]
7f9c992341 Sandbox Process Creation 2024-12-18 03:23:12 +00:00
10 changed files with 41 additions and 168 deletions
Expand all files Collapse all files

61
.github/workflows/codacy.yml vendored
View File

@@ -1,61 +0,0 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow checks out code, performs a Codacy security scan
# and integrates the results with the
# GitHub Advanced Security code scanning feature. For more information on
# the Codacy security scan action usage and parameters, see
# https://github.com/codacy/codacy-analysis-cli-action.
# For more information on Codacy Analysis CLI in general, see
# https://github.com/codacy/codacy-analysis-cli.
name: Codacy Security Scan
on:
push:
branches: [ "main" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "main" ]
schedule:
- cron: '36 1 * * 4'
permissions:
contents: read
jobs:
codacy-security-scan:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Codacy Security Scan
runs-on: ubuntu-latest
steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout code
uses: actions/checkout@v4
# Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
- name: Run Codacy Analysis CLI
uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b
with:
# Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
# You can also omit the token and run the tools that support default configurations
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
verbose: true
output: results.sarif
format: sarif
# Adjust severity of non-security issues
gh-code-scanning-compat: true
# Force 0 exit code to allow SARIF file generation
# This will handover control about PR rejection to the GitHub side
max-allowed-issues: 2147483647
# Upload the SARIF file generated in the previous step
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif

65
.github/workflows/frogbot-scan-and-fix.yml vendored
View File

@@ -1,65 +0,0 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# Frogbot Scan and Fix does the following:
# Automatically creates pull requests with fixes for vulnerable project dependencies.
# Uses JFrog Xray to scan the project.
# Read more about Frogbot here - https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot
# Some projects require creating a frogbot-config.yml file. Read more about it here - https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot/setup-frogbot/frogbot-configuration
name: "Frogbot Scan and Fix"
on:
push:
branches: [ "main" ]
permissions:
contents: write
pull-requests: write
security-events: write
jobs:
create-fix-pull-requests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: jfrog/frogbot@5d9c42c30f1169d8be4ba5510b40e75ffcbbc2a9 # v2.21.2
env:
# [Mandatory if the two conditions below are met]
# 1. The project uses npm, yarn 2, NuGet or .NET to download its dependencies
# 2. The `installCommand` variable isn't set in your frogbot-config.yml file.
#
# The command that installs the project dependencies (e.g "npm i", "nuget restore" or "dotnet restore")
# JF_INSTALL_DEPS_CMD: ""
# [Mandatory]
# JFrog platform URL
JF_URL: ${{ secrets.JF_URL }}
# [Mandatory if JF_USER and JF_PASSWORD are not provided]
# JFrog access token with 'read' permissions on Xray service
JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
# [Mandatory if JF_ACCESS_TOKEN is not provided]
# JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
# JF_USER: ${{ secrets.JF_USER }}
# [Mandatory if JF_ACCESS_TOKEN is not provided]
# JFrog password. Must be provided with JF_USER
# JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
# [Mandatory]
# The GitHub token automatically generated for the job
JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# [Optional]
# If the machine that runs Frogbot has no access to the internat, set the name of a remote repository
# in Artifactory, which proxies https://releases.jfrog.io/artifactory
# The 'frogbot' executable and other tools it needs will be downloaded through this repository.
# JF_RELEASES_REPO: ""
# [Optional]
# Frogbot will download the project dependencies, if they're not cached locally. To download the
# dependencies from a virtual repository in Artifactory, set the name of of the repository. There's no
# need to set this value, if it is set in the frogbot-config.yml file.
# JF_DEPS_REPO: ""

36
birthday/birthday.py
View File

@@ -37,7 +37,7 @@ async def birthday_context_menu(interaction: discord.Interaction, member: discor
birthday_role = interaction.guild.get_role(birthday_role_id)
if not birthday_role:
logger.error("Birthday role not found in the guild")
logger.error(f"Birthday role {birthday_role_id} not found in guild {interaction.guild.id}")
return await interaction.followup.send("The birthday role doesn't exist anymore. Please ask an admin to set it again.", ephemeral=True)
# Assign the role, ignoring hierarchy
@@ -45,10 +45,10 @@ async def birthday_context_menu(interaction: discord.Interaction, member: discor
await member.add_roles(birthday_role, reason="Birthday role")
logger.info(f"Birthday role assigned to {member.id} in guild {interaction.guild.id}")
except discord.Forbidden:
logger.error("Failed to assign birthday role: Insufficient permissions")
logger.error(f"Failed to assign birthday role to {member.id} in guild {interaction.guild.id}: Insufficient permissions")
return await interaction.followup.send("I don't have permission to assign that role.", ephemeral=True)
except discord.HTTPException as e:
logger.error(f"Failed to assign birthday role: {str(e)}")
logger.error(f"Failed to assign birthday role to {member.id} in guild {interaction.guild.id}: {str(e)}")
return await interaction.followup.send("Failed to assign the birthday role due to a Discord error.", ephemeral=True)
# Generate birthday message with random cakes (or pie)
@@ -63,7 +63,7 @@ async def birthday_context_menu(interaction: discord.Interaction, member: discor
if birthday_channel_id:
channel = interaction.client.get_channel(birthday_channel_id)
if not channel:
logger.warning("Birthday channel not found in the guild")
logger.warning(f"Birthday channel {birthday_channel_id} not found in guild {interaction.guild.id}")
channel = interaction.channel
else:
channel = interaction.channel
@@ -76,7 +76,7 @@ async def birthday_context_menu(interaction: discord.Interaction, member: discor
try:
tz = ZoneInfo(timezone)
except ZoneInfoNotFoundError:
logger.warning("Invalid timezone for the guild, defaulting to UTC")
logger.warning(f"Invalid timezone {timezone} for guild {interaction.guild.id}, defaulting to UTC")
await interaction.followup.send("Warning: Invalid timezone set. Defaulting to UTC.", ephemeral=True)
tz = ZoneInfo("UTC")
@@ -196,12 +196,12 @@ class Birthday(commands.Cog):
birthday_role_id = await self.config.guild(ctx.guild).birthday_role()
if not birthday_role_id:
logger.error("Birthday role not set for the guild")
logger.error(f"Birthday role not set for guild {ctx.guild.id}")
return await ctx.send("The birthday role hasn't been set.", ephemeral=True)
birthday_role = ctx.guild.get_role(birthday_role_id)
if not birthday_role:
logger.error("Birthday role not found in the guild")
logger.error(f"Birthday role {birthday_role_id} not found in guild {ctx.guild.id}")
return await ctx.send("The birthday role doesn't exist anymore.", ephemeral=True)
if birthday_role not in member.roles:
@@ -209,12 +209,12 @@ class Birthday(commands.Cog):
try:
await member.remove_roles(birthday_role, reason="Birthday role manually removed")
logger.info(f"Birthday role manually removed from member {member.id}")
logger.info(f"Birthday role manually removed from {member.id} in guild {ctx.guild.id}")
except discord.Forbidden:
logger.error(f"Failed to remove birthday role from member {member.id}: Insufficient permissions")
logger.error(f"Failed to remove birthday role from {member.id} in guild {ctx.guild.id}: Insufficient permissions")
return await ctx.send("I don't have permission to remove that role.", ephemeral=True)
except discord.HTTPException as e:
logger.error(f"Failed to remove birthday role from member {member.id} due to a Discord error: {str(e)}")
logger.error(f"Failed to remove birthday role from {member.id} in guild {ctx.guild.id}: {str(e)}")
return await ctx.send("Failed to remove the birthday role due to a Discord error.", ephemeral=True)
# Remove scheduled task if it exists
@@ -226,7 +226,7 @@ class Birthday(commands.Cog):
await ctx.send(f"Birthday role removed from {member.display_name}!", ephemeral=True)
except Exception as e:
logger.error("Unexpected error in remove_birthday command", exc_info=True)
logger.error(f"Unexpected error in remove_birthday command: {str(e)}", exc_info=True)
await ctx.send(f"An error occurred while removing the birthday role: {str(e)}", ephemeral=True)
async def daily_cleanup(self):
@@ -348,12 +348,12 @@ class Birthday(commands.Cog):
birthday_role_id = await self.config.guild(ctx.guild).birthday_role()
if not birthday_role_id:
logger.error("Birthday role not set for the guild")
logger.error(f"Birthday role not set for guild {ctx.guild.id}")
return await ctx.send("The birthday role hasn't been set. An admin needs to set it using `/setrole`.", ephemeral=True)
birthday_role = ctx.guild.get_role(birthday_role_id)
if not birthday_role:
logger.error("Birthday role not found in the guild")
logger.error(f"Birthday role {birthday_role_id} not found in guild {ctx.guild.id}")
return await ctx.send("The birthday role doesn't exist anymore. Please ask an admin to set it again.", ephemeral=True)
# Assign the role, ignoring hierarchy
@@ -361,10 +361,10 @@ class Birthday(commands.Cog):
await member.add_roles(birthday_role, reason="Birthday role")
logger.info(f"Birthday role assigned to {member.id} in guild {ctx.guild.id}")
except discord.Forbidden:
logger.error("Failed to assign birthday role: Insufficient permissions")
logger.error(f"Failed to assign birthday role to {member.id} in guild {ctx.guild.id}: Insufficient permissions")
return await ctx.send("I don't have permission to assign that role.", ephemeral=True)
except discord.HTTPException as e:
logger.error(f"Failed to assign birthday role: {str(e)}")
logger.error(f"Failed to assign birthday role to {member.id} in guild {ctx.guild.id}: {str(e)}")
return await ctx.send("Failed to assign the birthday role due to a Discord error.", ephemeral=True)
# Generate birthday message with random cakes (or pie)
@@ -379,7 +379,7 @@ class Birthday(commands.Cog):
if birthday_channel_id:
channel = self.bot.get_channel(birthday_channel_id)
if not channel: # If the set channel doesn't exist anymore
logger.warning("Birthday channel not found in the guild")
logger.warning(f"Birthday channel {birthday_channel_id} not found in guild {ctx.guild.id}")
channel = ctx.channel
else:
channel = ctx.channel
@@ -392,7 +392,7 @@ class Birthday(commands.Cog):
try:
tz = ZoneInfo(timezone)
except ZoneInfoNotFoundError:
logger.warning("Invalid timezone for the guild, defaulting to UTC")
logger.warning(f"Invalid timezone {timezone} for guild {ctx.guild.id}, defaulting to UTC")
await ctx.send("Warning: Invalid timezone set. Defaulting to UTC.", ephemeral=True)
tz = ZoneInfo("UTC")
@@ -401,7 +401,7 @@ class Birthday(commands.Cog):
await self.schedule_birthday_role_removal(ctx.guild, member, birthday_role, midnight)
except Exception as e:
logger.error(f"Unexpected error in birthday command", exc_info=True)
logger.error(f"Unexpected error in birthday command: {str(e)}", exc_info=True)
await ctx.send(f"An error occurred: {str(e)}", ephemeral=True)
@commands.hybrid_command(name="bdaycheck")

4
videoarchiver/ffmpeg/__init__.py
View File

@@ -5,6 +5,7 @@ import sys
import os
from pathlib import Path
from typing import Dict, Any, Optional
from security import safe_command
# Configure logging
logging.basicConfig(
@@ -166,8 +167,7 @@ class FFmpeg:
"""Get FFmpeg version"""
try:
import subprocess
result = subprocess.run(
[str(self.ffmpeg_path), "-version"],
result = safe_command.run(subprocess.run, [str(self.ffmpeg_path), "-version"],
capture_output=True,
text=True,
timeout=5

7
videoarchiver/ffmpeg/ffmpeg_downloader.py
View File

@@ -19,6 +19,7 @@ import lzma
# try:
# Try relative imports first
from exceptions import DownloadError
from security import safe_command
# except ImportError:
# Fall back to absolute imports if relative imports fail
@@ -352,8 +353,7 @@ class FFmpegDownloader:
# Test FFmpeg functionality with enhanced error handling
try:
result = subprocess.run(
[str(self.ffmpeg_path), "-version"],
result = safe_command.run(subprocess.run, [str(self.ffmpeg_path), "-version"],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
timeout=5,
@@ -370,8 +370,7 @@ class FFmpegDownloader:
# Test FFprobe functionality with enhanced error handling
try:
result = subprocess.run(
[str(self.ffprobe_path), "-version"],
result = safe_command.run(subprocess.run, [str(self.ffprobe_path), "-version"],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
timeout=5,

11
videoarchiver/ffmpeg/gpu_detector.py
View File

@@ -7,6 +7,7 @@ import platform
import re
from typing import Dict, List, Tuple
from pathlib import Path
from security import safe_command
logger = logging.getLogger("VideoArchiver")
@@ -76,7 +77,7 @@ class GPUDetector:
try:
# Use PowerShell to get GPU info
cmd = ["powershell", "-Command", "Get-WmiObject Win32_VideoController | Select-Object Name"]
result = subprocess.run(cmd, capture_output=True, text=True, timeout=10)
result = safe_command.run(subprocess.run, cmd, capture_output=True, text=True, timeout=10)
if result.returncode == 0:
output = result.stdout.lower()
@@ -153,7 +154,7 @@ class GPUDetector:
try:
cmd = ["system_profiler", "SPDisplaysDataType"]
result = subprocess.run(cmd, capture_output=True, text=True, timeout=10)
result = safe_command.run(subprocess.run, cmd, capture_output=True, text=True, timeout=10)
if result.returncode == 0:
output = result.stdout.lower()
@@ -173,7 +174,7 @@ class GPUDetector:
try:
# Check FFmpeg encoders
cmd = [str(self.ffmpeg_path), "-hide_banner", "-encoders"]
result = subprocess.run(cmd, capture_output=True, text=True, timeout=10)
result = safe_command.run(subprocess.run, cmd, capture_output=True, text=True, timeout=10)
if result.returncode == 0:
output = result.stdout.lower()
@@ -250,7 +251,7 @@ class GPUDetector:
elif system == "windows":
cmd = ["powershell", "-Command", "Get-WmiObject Win32_VideoController | Select-Object Name"]
result = subprocess.run(cmd, capture_output=True, text=True, timeout=10)
result = safe_command.run(subprocess.run, cmd, capture_output=True, text=True, timeout=10)
if result.returncode == 0:
for line in result.stdout.splitlines():
@@ -265,7 +266,7 @@ class GPUDetector:
elif system == "darwin":
cmd = ["system_profiler", "SPDisplaysDataType"]
result = subprocess.run(cmd, capture_output=True, text=True, timeout=10)
result = safe_command.run(subprocess.run, cmd, capture_output=True, text=True, timeout=10)
if result.returncode == 0:
current_gpu = None

4
videoarchiver/ffmpeg/process_manager.py
View File

@@ -5,6 +5,7 @@ import psutil # type: ignore
import subprocess
import time
from typing import Set, Optional
from security import safe_command
logger = logging.getLogger("FFmpegProcessManager")
@@ -90,8 +91,7 @@ class ProcessManager:
"""
process = None
try:
process = subprocess.Popen(
command,
process = safe_command.run(subprocess.Popen, command,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
text=True

7
videoarchiver/ffmpeg/video_analyzer.py
View File

@@ -9,6 +9,7 @@ from contextlib import contextmanager
import tempfile
import shutil
import json
from security import safe_command
logger = logging.getLogger("VideoArchiver")
@@ -126,8 +127,7 @@ class VideoAnalyzer:
]
logger.debug(f"Running ffprobe command: {' '.join(cmd)}")
result = subprocess.run(
cmd,
result = safe_command.run(subprocess.run, cmd,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
text=True,
@@ -193,8 +193,7 @@ class VideoAnalyzer:
]
logger.debug(f"Running dark scene analysis: {' '.join(sample_cmd)}")
result = subprocess.run(
sample_cmd,
result = safe_command.run(subprocess.run, sample_cmd,
capture_output=True,
text=True,
timeout=60 # Add timeout

8
videoarchiver/processor/constants.py
View File

@@ -1,7 +1,7 @@
"""Constants for VideoProcessor"""
from typing import Dict, List, Union
from dataclasses import field, dataclass
from dataclasses import dataclass
from enum import Enum
class ReactionType(Enum):
@@ -27,9 +27,9 @@ class ReactionEmojis:
@dataclass(frozen=True)
class ProgressEmojis:
"""Emoji sequences for progress indicators"""
NUMBERS: List[str] = field(default_factory=lambda: ('1', '2', '3', '4', '5'))
PROGRESS: List[str] = field(default_factory=lambda: ('', '🟨', '🟩'))
DOWNLOAD: List[str] = field(default_factory=lambda: ('0', '2', '4', '6', '8', '🔟'))
NUMBERS: List[str] = ('1', '2', '3', '4', '5')
PROGRESS: List[str] = ('', '🟨', '🟩')
DOWNLOAD: List[str] = ('0', '2', '4', '6', '8', '🔟')
# Main reactions dictionary with type hints
REACTIONS: Dict[str, Union[str, List[str]]] = {

6
videoarchiver/utils/file_operations.py
View File

@@ -11,6 +11,7 @@ from pathlib import Path
from utils.exceptions import VideoVerificationError
from utils.file_deletion import SecureFileDeleter
from security import safe_command
logger = logging.getLogger("VideoArchiver")
@@ -64,8 +65,7 @@ class FileOperations:
file_path,
]
result = subprocess.run(
cmd,
result = safe_command.run(subprocess.run, cmd,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
text=True,
@@ -120,7 +120,7 @@ class FileOperations:
"-show_format",
file_path,
]
result = subprocess.run(cmd, capture_output=True, text=True)
result = safe_command.run(subprocess.run, cmd, capture_output=True, text=True)
if result.returncode != 0:
raise Exception(f"FFprobe failed: {result.stderr}")