Closed SipeP closed 2 months ago
This pull request adds detailed patch information for various apps, updates changelog entries for multiple repositories, and introduces a new GitHub Actions workflow to automate checking for new ReVanced Patches releases.
Files | Changes |
---|---|
updates.json changelog.json changelog.md |
Added detailed patch and changelog information for multiple apps and repositories, and created a new markdown file for changelog entries. |
.github/workflows/newapp-check.yml .github/workflows/check_newest_revanced_patch.yml scripts/check_patches.py |
Updated existing GitHub Actions workflow and added a new workflow along with a Python script to automate checking for new ReVanced Patches releases. |
Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.
Since your pull request originates from a forked repository, GitGuardian is not able to associate the secrets uncovered with secret incidents on your GitGuardian dashboard. Skipping this check run and merging your pull request will create secret incidents on your GitGuardian dashboard.
๐ฆ GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
โฑ๏ธ Estimated effort to review: 4 ๐ต๐ต๐ต๐ตโช |
๐งช No relevant tests |
๐ No security concerns identified |
โก Key issues to review Error Handling The function `get_latest_release` uses a basic error handling that only checks for HTTP status code 200. It should handle other potential HTTP errors and exceptions from the `requests` library more robustly. Hardcoded Values The workflow contains hardcoded values for Python version and other settings which might need to be updated or parameterized for better flexibility and maintainability. Error Handling The script lacks comprehensive error handling for network requests and file operations which could lead to unhandled exceptions. |
Category | Suggestion | Score |
Possible issue |
Improve error handling by wrapping the HTTP request in a try-except block___ **To handle potential exceptions that may occur during the HTTP request, such as aconnection error, it's advisable to wrap the request in a try-except block. This will improve the robustness of the function by handling these exceptions gracefully.** [scripts/check_patches.py [5-6]](https://github.com/nikhilbadyal/docker-py-revanced/pull/540/files#diff-ce4c07edf5d90daba3fdbf0f909ab39f1fae22d1184fb827089c80f231ba5748R5-R6) ```diff -response = requests.get(url) -data = response.json() +try: + response = requests.get(url) + data = response.json() +except requests.exceptions.RequestException as e: + return str(e) ``` - [ ] **Apply this suggestion** Suggestion importance[1-10]: 9Why: This suggestion significantly improves the robustness of the function by handling potential exceptions that may occur during the HTTP request, which is crucial for reliable operation. | 9 |
Best practice |
Update the GitHub Actions checkout step to use a stable version___ **Replace the deprecatedactions/checkout@main with actions/checkout@v3 to ensure stability and access to the latest features and fixes.** [.github/workflows/check_newest_revanced_patch.yml [12]](https://github.com/nikhilbadyal/docker-py-revanced/pull/540/files#diff-7392f67c6995d2c663f4eca550d7ea0d1f0de7f93255f5792d60990c443735deR12-R12) ```diff -uses: actions/checkout@main +uses: actions/checkout@v3 ``` - [ ] **Apply this suggestion** Suggestion importance[1-10]: 9Why: Updating to a stable version ensures better compatibility and access to the latest features and fixes, which is a best practice for maintaining CI/CD pipelines. | 9 |
Update the Python setup action to a stable version___ **Replace the deprecatedactions/setup-python@main with actions/setup-python@v4 to ensure compatibility and stability.** [.github/workflows/check_newest_revanced_patch.yml [15]](https://github.com/nikhilbadyal/docker-py-revanced/pull/540/files#diff-7392f67c6995d2c663f4eca550d7ea0d1f0de7f93255f5792d60990c443735deR15-R15) ```diff -uses: actions/setup-python@main +uses: actions/setup-python@v4 ``` - [ ] **Apply this suggestion** Suggestion importance[1-10]: 9Why: Using a stable version of the setup-python action ensures compatibility and stability, which is crucial for the reliability of the workflow. | 9 | |
Update the GitHub script action to a stable version___ **Replace the deprecatedactions/github-script@main with actions/github-script@v6 to ensure the use of supported features and improved security.** [.github/workflows/check_newest_revanced_patch.yml [25]](https://github.com/nikhilbadyal/docker-py-revanced/pull/540/files#diff-7392f67c6995d2c663f4eca550d7ea0d1f0de7f93255f5792d60990c443735deR25-R25) ```diff -uses: actions/github-script@main +uses: actions/github-script@v6 ``` - [ ] **Apply this suggestion** Suggestion importance[1-10]: 9Why: Updating to a stable version of the GitHub script action ensures the use of supported features and improved security, which is important for maintaining the integrity of the workflow. | 9 | |
Update the artifact upload action to a stable version___ **Replace the deprecatedactions/upload-artifact@main with actions/upload-artifact@v3 to ensure the use of supported features and improved security.** [.github/workflows/check_newest_revanced_patch.yml [51]](https://github.com/nikhilbadyal/docker-py-revanced/pull/540/files#diff-7392f67c6995d2c663f4eca550d7ea0d1f0de7f93255f5792d60990c443735deR51-R51) ```diff -uses: actions/upload-artifact@main +uses: actions/upload-artifact@v3 ``` - [ ] **Apply this suggestion** Suggestion importance[1-10]: 9Why: Using a stable version of the upload-artifact action ensures the use of supported features and improved security, which is essential for the reliability and security of the workflow. | 9 | |
Ensure the HTTP response is successful before parsing it as JSON___ **It's a good practice to check the HTTP response's status code before attempting toparse it as JSON. This prevents attempting to decode a JSON response when the HTTP request might have failed or returned an error status code.** [scripts/check_patches.py [6-7]](https://github.com/nikhilbadyal/docker-py-revanced/pull/540/files#diff-ce4c07edf5d90daba3fdbf0f909ab39f1fae22d1184fb827089c80f231ba5748R6-R7) ```diff -data = response.json() if response.status_code == 200: + data = response.json() +else: + return "Failed to fetch data" ``` - [ ] **Apply this suggestion** Suggestion importance[1-10]: 8Why: Checking the HTTP response's status code before parsing it as JSON is a best practice that prevents errors when the request fails, enhancing the function's reliability. | 8 | |
Enhancement |
Return a structured error object for better error handling___ **To make the functionget_latest_release more robust, consider returning a more structured error message or object when the request fails, instead of just the error message string. This can help in debugging and logging.** [scripts/check_patches.py [9-10]](https://github.com/nikhilbadyal/docker-py-revanced/pull/540/files#diff-ce4c07edf5d90daba3fdbf0f909ab39f1fae22d1184fb827089c80f231ba5748R9-R10) ```diff else: - return data['message'] + return {"error": True, "status_code": response.status_code, "message": data.get('message', 'Unknown error')} ``` - [ ] **Apply this suggestion** Suggestion importance[1-10]: 8Why: Returning a structured error object provides more detailed information for debugging and logging, which enhances the function's robustness and maintainability. | 8 |
Use a function or configuration to set the repository name dynamically___ **Instead of hardcoding the repository name in the script, consider using a functionparameter or a configuration file to make the script more flexible and reusable for different repositories.** [scripts/check_patches.py [13]](https://github.com/nikhilbadyal/docker-py-revanced/pull/540/files#diff-ce4c07edf5d90daba3fdbf0f909ab39f1fae22d1184fb827089c80f231ba5748R13-R13) ```diff -repo = "ReVanced/revanced-patches" # replace with your repository +# This can be set elsewhere in your application or passed as a parameter +repo = get_repo_name() ``` - [ ] **Apply this suggestion** Suggestion importance[1-10]: 7Why: This enhancement makes the script more flexible and reusable for different repositories, improving maintainability and adaptability. | 7 |
Sorry, still learning git, got confused and created this pull req on this repo instead of working on my fork.
PR Type
enhancement, tests, documentation
Description
Changes walkthrough ๐
check_patches.py
Add script to fetch latest GitHub release tag
scripts/check_patches.py
repository.
download-previous-artifact
Add script to download previous GitHub Actions artifact
scripts/download-previous-artifact
workflow.
check_newest_revanced_patch.yml
Add workflow to check for new Revanced Patches releases
.github/workflows/check_newest_revanced_patch.yml
releases.
running the new script.
workflow if changes are detected.
newapp-check.yml
Update repository reference in workflow condition
.github/workflows/newapp-check.yml - Updated repository reference in the workflow condition.
changelog.json
Update changelog with latest release information
changelog.json
changelog.md
Add markdown changelog entries for multiple repositories
changelog.md
updates.json
Add update information for multiple applications
updates.json
metadata.
Summary by Sourcery
This pull request updates the version details and metadata for several apps in updates.json, adds the latest release information to changelog.json and changelog.md, and introduces a new GitHub Actions workflow to check for new ReVanced Patches releases.