You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As discussed with @tim-moody , we want to remove as much tech debt as possible before releasing v1.0.
Python / iiab-cmdsrv3.py
Remove debug print() leaks. Lines 1544 and 1601 especially important, prints the WiFi password
see below, not a security issue
Remove dead escape_html() function - calls cgi.escape() which was removed in Python 3.13. The function is never called.
Fix bare except: clauses - currently catches everything silently, including KeyboardInterrupt.
in production these are caught and reported higher up in the call tree
Fix sqlite3 datetime warning - passes a datetime object to sqlite3 directly. Deprecated in Python 3.12.
Fix mutable default argument in read_library_xml() - uses a list as a default argument. The list grows by 2 entries on every call, causing incorrect behavior.
has this been observed
Remove dead functions - several functions aren't called anywhere.
Add timeouts to subprocess calls - subprocess.Popen launches every long-running job (wget downloads, Ansible plays, Kolibri imports, etc.) with no timeout.
Is this a problem? Some can be very long running. There is a timeout on the response to the front end.
Ansible
Replace with_items with loop - with_items is the old Ansible syntax for looping over a list. Ansible replaced it with loop and has been warning about with_items being deprecated.
Fix inline module: key=value syntax - Ansible deprecated the inline form, should use proper YAML dict form.
Remove deprecated -o flag from ansible command - The -o flag is removed in ansible-core 2.23 and causes two deprecation warnings on every startup.
Is there a replacement?
Needs further discussion
Remove stale kalite vars from adm_ansible_vars.yml - kalite was removed from all presets but the vars file still has kalite entries. Safe to remove?
this was recently added precisely to cover the case of needed variables now removed from iiab
New maps nginx config collision - old maps (roles/osm-vector-maps) and new maps (roles/maps) both write to maps-nginx.conf in /etc/nginx/conf.d/, overwriting each other. The admin console can't tell which version is installed. Watch for a fix upstream in the iiab repo?
Yes
venv for cmdsrv - C extensions installed system-wide aren't automatically available inside a venv. Defer to later?
Yes.
As discussed with @tim-moody , we want to remove as much tech debt as possible before releasing v1.0.
Python /
iiab-cmdsrv3.pyprint()leaks. Lines 1544 and 1601 especially important, prints the WiFi passwordsee below, not a security issue
escape_html()function - callscgi.escape()which was removed in Python 3.13. The function is never called.except:clauses - currently catches everything silently, includingKeyboardInterrupt.in production these are caught and reported higher up in the call tree
datetimeobject to sqlite3 directly. Deprecated in Python 3.12.read_library_xml()- uses a list as a default argument. The list grows by 2 entries on every call, causing incorrect behavior.has this been observed
Is this a problem? Some can be very long running. There is a timeout on the response to the front end.
Ansible
with_itemswithloop- with_items is the old Ansible syntax for looping over a list. Ansible replaced it with loop and has been warning about with_items being deprecated.module: key=valuesyntax - Ansible deprecated the inline form, should use proper YAML dict form.-oflag from ansible command - The-oflag is removed in ansible-core 2.23 and causes two deprecation warnings on every startup.Is there a replacement?
Needs further discussion
adm_ansible_vars.yml- kalite was removed from all presets but the vars file still has kalite entries. Safe to remove?this was recently added precisely to cover the case of needed variables now removed from iiab
roles/osm-vector-maps) and new maps (roles/maps) both write tomaps-nginx.confin/etc/nginx/conf.d/, overwriting each other. The admin console can't tell which version is installed. Watch for a fix upstream in the iiab repo?Yes
Yes.