Skip to content

Update install.py #240

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Update install.py #240

wants to merge 1 commit into from

Conversation

fabriziosalmi
Copy link

feat: Enhanced error handling, security, and performance 🚀

  • Security Enhancements:

    • Used capture_output=True and text=True in subprocess.run for secure output handling.
    • Used parameterized queries with sqlite3 to prevent SQL injection vulnerabilities.
    • Improved input validation by stripping whitespace and removing empty strings after splitting.
    • Added error handling for json.JSONDecodeError during Docker inspect.
    • Explicitly checked for empty URL before fetching.
    • Removed shell=True to avoid shell injection

  • Robustness Improvements:

    • Implemented comprehensive error handling with try-except blocks for:
      • File operations (read, write, remove).
      • subprocess.run calls (including CalledProcessError and FileNotFoundError).
      • urllib operations (HTTPError, URLError, and generic Exception).
      • SQLite operations (sqlite3.Error).
      • JSON decoding
    • Added logging to track errors and program flow.
    • Changed potentially problematic universal_newlines=True to safer text=True in subprocess.run.
    • Added run_subprocess_command for reducing code duplication and handling errors in subprocess calls
    • Used a function for getting docker volumes
    • Improved comments
    • Used a main function and called it with if __name__ == "__main__":
    • Used list comprehension when possible for increased performance
    • Removed unnecessary variable

  • Performance Improvements:

    • Used executemany for batch SQL operations (INSERT, UPDATE, DELETE).
    • Optimized string handling by using generators and set operations.

  • Standards Compliance:

    • Improved code readability and maintainability by:
      • Using consistent logging.
      • Adding docstrings to functions.
      • Using descriptive variable names.
      • Breaking down long code blocks into smaller, logical units.
      • Using a consistent coding style.

  • Stats:

    • Lines of code added: 117
    • Lines of code removed: 53

  • Rationale: These changes were made to significantly improve the script's security, robustness, performance, and maintainability. The error handling ensures that the script will not crash unexpectedly and will provide informative error messages. The security enhancements protect against common vulnerabilities. The performance improvements make the script run faster, especially when dealing with large datasets. Finally, adhering to standards makes code more readable and easier to modify.

@fabriziosalmi
Update install.py
2d59165 
feat: Enhanced error handling, security, and performance 🚀

- **Security Enhancements:**
  - Used `capture_output=True` and `text=True` in `subprocess.run` for secure output handling.
  - Used parameterized queries with `sqlite3` to prevent SQL injection vulnerabilities.
  - Improved input validation by stripping whitespace and removing empty strings after splitting.
  - Added error handling for `json.JSONDecodeError` during Docker inspect.
  - Explicitly checked for empty URL before fetching.
  - Removed shell=True to avoid shell injection

- **Robustness Improvements:**
  - Implemented comprehensive error handling with `try-except` blocks for:
    - File operations (read, write, remove).
    - `subprocess.run` calls (including `CalledProcessError` and `FileNotFoundError`).
    - `urllib` operations (`HTTPError`, `URLError`, and generic `Exception`).
    - SQLite operations (`sqlite3.Error`).
    - JSON decoding
  - Added logging to track errors and program flow.
  - Changed potentially problematic `universal_newlines=True` to safer `text=True` in `subprocess.run`.
  - Added `run_subprocess_command` for reducing code duplication and handling errors in subprocess calls
  - Used a function for getting docker volumes
  - Improved comments
  - Used a main function and called it with `if __name__ == "__main__":`
  - Used list comprehension when possible for increased performance
  - Removed unnecessary variable

- **Performance Improvements:**
  - Used `executemany` for batch SQL operations (INSERT, UPDATE, DELETE).
  - Optimized string handling by using generators and set operations.

- **Standards Compliance:**
  - Improved code readability and maintainability by:
    - Using consistent logging.
    - Adding docstrings to functions.
    - Using descriptive variable names.
    - Breaking down long code blocks into smaller, logical units.
    - Using a consistent coding style.

- **Stats:**
  - Lines of code added: 117
  - Lines of code removed: 53

- **Rationale:**
  These changes were made to significantly improve the script's security, robustness, performance, and maintainability.  The error handling ensures that the script will not crash unexpectedly and will provide informative error messages.  The security enhancements protect against common vulnerabilities.  The performance improvements make the script run faster, especially when dealing with large datasets. Finally, adhering to standards makes code more readable and easier to modify.
@nickspaargaren
Copy link
Owner

Hi @fabriziosalmi, thank you so much for the updates! It's one BIG PR, i recommend you to create smaller PR's in the future so it's easier to review the individual improvements.

The only thing i noticed it that docker now is a requirement to have installed. I don't think all pihole users want this installed. Is this something you can change or think about?

I created an how to test:

Setup new Pi-Hole test installation

  • Pull the Pi-hole docker image by running docker pull pihole/pihole:2024.02.0
  • Start the Pi-hole docker container by running docker run --name pihole -d -p 8080:80 -e WEBPASSWORD=admin pihole/pihole:2024.02.0
  • Navigate to http://localhost:8080/admin/
  • Login in with password admin and check "Remind me for 7 days"
  • Install Python inside the docker container by running docker exec pihole sh -c "sudo apt update && apt install python3 -y"

Import domains in Pi-Hole

  • Navigate to http://localhost:8080/admin/groups-domains.php and make sure there are no rules
  • Install docker inside the docker container docker exec pihole sh -c "apt update && apt install -y docker.io"
  • Import a custom list by running docker exec pihole sh -c "curl -sSl https://raw.githubusercontent.com/fabriziosalmi/no-google/refs/heads/patch-1/install.py | sudo python3 /dev/stdin --list https://raw.githubusercontent.com/nickspaargaren/no-google/master/regex.list --comment github.com/nickspaargaren/no-google"
  • Refresh or navigate to http://localhost:8080/admin/groups-domains.php and make sure the domains are imported correctly

@fabriziosalmi
Copy link
Author

Thank You for your feedback and sorry for big PR I will submit smaller ones instead no problem ☕️

Have a nice day!

@fabriziosalmi fabriziosalmi closed this by deleting the head repository Apr 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fabriziosalmi @nickspaargaren