Merged
Conversation
- bot.py: Fix ctx.message AttributeError in slash commands (use ctx directly) - bot.py: Fix hasattr check to properly check if db is None - bot.py: Add validation for access_token before returning success - database_manager.py: Fix undefined 'db' variable (should be 'new_db') in migration - database_manager.py: Fix incomplete tuple in platform migration - database_manager.py: Fix unconditional commit in finally block (rollback on error) - igdb_client.py: Fix query injection vulnerability by sanitizing platform_slug - ggrequestz.py: Fix session race condition by adding ensure_session() checks - Remove unused web_dashboard.py
- bot.py: Register slash command cooldown check and error handler properly using add_listener() and add_application_command_check() in setup_hook - cogs/info.py: Fix channel lookup using discord.utils.find() with lambda instead of non-existent name__startswith parameter - cogs/user_manager.py: Add finally block to clean up temp_storage and prevent memory leak on abandoned operations - cogs/recent_roms.py: Add session lock and _ensure_http_session() helper to prevent race condition creating multiple HTTP sessions - cogs/scan.py: Wrap is_scanning check/set in lock to prevent race condition in external scan detection - integrations/ggrequestz.py: Change bare except to specific exception types (json.JSONDecodeError, ValueError)
- database_manager.py: Use asyncio.to_thread() for file I/O to avoid blocking event loop - cogs/recent_roms.py: Add image dimension/size validation to prevent DoS via oversized images - cogs/emoji_manager.py: Reuse HTTP session instead of creating new session per emoji upload - bot.py: Reduce token refresh window from 7 days to 1 hour for better security - cogs/igdb_client.py: Add JSON error handling for IGDB API responses
- database_manager.py: Add missing close_all_connections() method referenced by bot.py - cogs/recent_roms.py: Add image dimension/size validation to download_cover_image_with_retry - cogs/igdb_client.py: Add JSON error handling to _fetch_alternative_names method - cogs/scan.py: Fix race condition in on_scanning_rom handler by using scan_state_lock
- cogs/user_manager.py: Use managed get_connection() instead of raw aiosqlite.connect() - cogs/user_manager.py: Replace bare except clause with specific exception handling - integrations/ggrequestz.py: Add JSON error handling to all response.json() calls - bot.py: Use getattr() for safer attribute checks in main() finally block
- cogs/igdb_client.py: Add JSON error handling to 6 more response.json() calls (get_access_token, get_platform_id, fetch_upcoming/recent/popular/exclusives) - cogs/search.py: Reuse bot session instead of creating new session per download - cogs/search.py: Add image size/dimension validation to download_cover_image - cogs/search.py: Replace bare except clause with specific exception handling
- bot.py: Add JSON error handling to refresh_oauth_token and make_authenticated_request - cogs/requests.py: Replace 17 bare except clauses with specific exceptions (ValueError for date parsing, discord.NotFound/HTTPException/Forbidden for user operations) - cogs/user_manager.py: Replace 2 bare except clauses with discord-specific exceptions - cogs/igdb_client.py: Replace 5 bare except clauses with ValueError for date parsing All bare except clauses in the codebase have now been addressed.
- cogs/search.py: Add timeout (300s) to ROM_View and on_timeout handler to disable buttons when view expires - cogs/search.py: Add on_timeout handler to NoResultsView - cogs/requests.py: Add timeout (180s) to GameSelectView, ExistingGameView, ExistingGameWithIGDBView with on_timeout handlers - cogs/requests.py: Add cog_unload to Request cog to cleanup IGDB session - integrations/ggrequestz.py: Convert cog_unload to async and properly await session close - database_manager.py: Refactor initialize_platform_mappings to accept optional session parameter for better resource reuse
- cogs/recent_roms.py: Convert cog_unload to async, properly await SocketIO disconnect and HTTP session close - cogs/emoji_manager.py: Convert cog_unload to async, properly await session close - cogs/igdb_client.py: Add on_timeout handler to IGDBGameView - cogs/requests.py: Add on_timeout handlers to RequestAdminView and UserRequestsView to disable buttons when views expire
- UserManagementView: Add on_timeout to disable components when view expires - ConfirmView: Add on_timeout handler (value remains None on timeout) - UnlinkConfirmView: Add on_timeout handler (action remains None on timeout) All View classes in the codebase now have proper timeout handling.
- cogs/search.py: Replace print() statements with appropriate logger calls (warning, debug, error) in _initialize_platform_emoji_mapping - cogs/info.py: Remove unnecessary pass statement after ctx.respond()
The method add_application_command_check doesn't exist in py-cord. Changed to use before_invoke() which is the correct way to register a global pre-invoke hook for application commands.
- Add centralized is_admin() decorator to bot.py with proper docstring - Remove duplicate is_admin() implementations from 4 cogs (requests, scan, user_manager, recent_roms) - Remove logger.setLevel() overrides from cogs so bot LOG_LEVEL env var takes effect (requests, scan, recent_roms, igdb_client) - Fix unsafe CSRF token parsing in bot.py using regex instead of unchecked string splitting that could raise IndexError
- Fix inconsistent logger naming: info.py and emoji_manager.py now use __name__ instead of hardcoded 'romm_bot' for proper logger hierarchy - Standardize boolean parsing: Add Config.parse_bool() helper method that handles 'true', '1', 'yes', 'on' (and inverses) case-insensitively - Centralize environment variable access: Move cog-specific config (RECENT_ROMS_*, IGDB_*, AUTO_REGISTER_ROLE_ID, ENABLE_USER_MANAGER) to Config class so cogs use bot.config instead of os.getenv() - Add graceful shutdown handler: close() now properly cancels update_loop, refresh_token_task, and all pending asyncio tasks before closing database and HTTP session connections
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.