naveensrinivasan
37cef84643
Set permissions for GitHub actions
...
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-15 21:26:56 -05:00
Adam Warner
23e6fa1ec5
Replace wrapper function calls with direct utils.sh calls. Leave warpper functions until next release as docker currently uses them, and new changes to utils.sh need to be in the master
branch before docker can use them
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2022-04-15 09:50:40 +01:00
Adam Warner
db116971ce
I tried to do too many things in one function, vastly overcomplicating what should have been _this_ all along
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2022-04-14 22:53:38 +01:00
MichaIng
2b124b1c69
Do not pass whole environment for PIHOLE_SKIP_OS_CHECK=true
...
With `sudo -E`, the whole environment is passed to the root shell, which is a potential security and/or privacy issue when command overrides/functions, PATH or private user info are passed. To pass `PIHOLE_SKIP_OS_CHECK=true`, it can be passed alone to the bash/script call within the sudo session, so the `-E` flag can be omitted.
Signed-off-by: MichaIng <micha@dietpi.com>
2022-04-13 21:30:12 +02:00
yubiuser
9356d7bbb1
Remove unnecessary case in uninstall script ( #4692 )
...
* Remove unnecessary case in uninstall script
* Better answer
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-04-12 11:36:49 -07:00
Adam Warner
29a867d5ae
Merge pull request #4690 from pi-hole/utils-sourcing
...
Prevent issues cause by declaring `utilsfile` as `readonly`
2022-04-12 19:17:37 +01:00
Adam Warner
86dd612882
remove readonly
directive from declaration of utilsfile
, it is unnecassery
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2022-04-12 17:13:50 +01:00
yubiuser
42d3368955
Merge pull request #4663 from pi-hole/no_root
...
Only use sudo power if needed
2022-04-10 12:34:05 +02:00
yubiuser
21ae81ffdb
Merge pull request #4682 from pi-hole/loop
...
Exit installer if dpkg lock is held for more then 30 seconds
2022-04-07 15:26:27 +02:00
yubiuser
b33434d02a
Let uses know how long they need to wait (max)
...
Co-authored-by: Adam Warner <me@adamwarner.co.uk>
2022-04-07 09:11:53 +02:00
yubiuser
d3e94cbceb
Merge pull request #4653 from pi-hole/refactor-utils-redux
...
Tweaks to functions in utils.sh and refactored usages in webpage.sh
2022-04-04 23:25:54 +02:00
yubiuser
9b4f6c84cd
Minor review comments
2022-04-04 23:14:10 +02:00
Adam Warner
4d31d5ee11
Address review comments
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2022-04-04 22:02:26 +01:00
Adam Warner
9878477896
Merge pull request #4681 from pi-hole/adlist
...
Rename block lists to adlists within the query list functions
2022-04-04 16:42:43 +01:00
Christian König
c0a2ab7b77
Fix indention
...
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-04-04 16:59:13 +02:00
Christian König
30ba79f6a0
Let users know what's going on
...
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-04-04 16:48:34 +02:00
Christian König
cd3c97f113
Exit installer if dpkg lock is held for more then 30 seconds
...
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-04-04 16:38:30 +02:00
Christian König
e4a1f3a175
Rename block lists to adlists within the query list functions
...
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-04-04 13:52:26 +02:00
yubiuser
6121c162ff
Fix typo
...
Co-authored-by: Marius Hanl <66004280+Maran23@users.noreply.github.com>
2022-04-03 13:49:43 +02:00
Adam Warner
0d74b27101
Merge pull request #4646 from pi-hole/tweak/debug_message
...
Pool identical messages in debug output
2022-04-02 13:14:44 +01:00
Adam Warner
7fa8cdd03e
Address:
...
- Review Comments
- Stickler Complaints
2022-04-02 12:46:07 +01:00
Adam Warner
fe9031b26f
Merge pull request #4669 from pi-hole/master
...
sync: master to development
2022-04-02 00:05:49 +01:00
Dan Schaper
326cd6a1f8
Merge pull request #4665 from pi-hole/fix/touch_guard
...
Wrap touch calls with if/then guards for Buster docker.
2022-04-01 15:25:41 -07:00
Adam Warner
063f92f8f4
Merge pull request #4667 from pi-hole/test/hirsute_eol
...
Hirsute buildpack EOL upstream. Adding impish.
2022-04-01 23:23:35 +01:00
Adam Warner
be6a73f102
Merge pull request #4668 from pi-hole/test/python_3.8
...
Bump to python action v3. v2 has many changes.
2022-04-01 23:23:24 +01:00
Dan Schaper
b714c4598a
Found it.
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2022-04-01 14:49:30 -07:00
Dan Schaper
0f192998eb
Create empty files.
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2022-04-01 14:17:57 -07:00
Dan Schaper
8a5c7dec71
Ensure existing files are proper owner and mode.
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
co-authored-by: RD WebDesign <github@rdwebdesign.com.br>
2022-04-01 14:08:09 -07:00
Dan Schaper
69e4e9a2ae
Bump to python action v3. v2 has many changes.
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2022-04-01 12:53:43 -07:00
Dan Schaper
4230be0c80
Hirsute buildpack EOL upstream. Adding impish.
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2022-04-01 12:00:14 -07:00
Dan Schaper
d45c9fc522
Final touch to install fix.
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2022-04-01 11:08:26 -07:00
yubiuser
efa99a177e
Merge pull request #4664 from rdwebdesign/fix/docker_1015
...
Remove `@` and following character from interface name
2022-04-01 07:47:43 +02:00
Dan Schaper
c2384ecc6f
Change touch that would always fire to install.
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2022-03-31 14:23:39 -07:00
Dan Schaper
2f38452565
Wrap touch calls with if/then guards for Buster docker.
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2022-03-31 12:03:17 -07:00
RD WebDesign
5cebceadda
Remove @
and following character from interface name
...
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
2022-03-30 21:32:18 -03:00
Christian König
722a716de3
Add exit code to status function
...
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-03-30 22:40:14 +02:00
Christian König
614d18cd3d
Debug need sudo
...
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-03-30 21:24:51 +02:00
Christian König
54ce8c2622
Only use sudo power if needed
...
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-03-30 21:04:36 +02:00
yubiuser
329c161054
Merge pull request #4659 from rdwebdesign/fix4656_part2
...
Select the protocol on the blocking page
2022-03-29 21:59:39 +02:00
RD WebDesign
f8e84b3c3f
Fix stickler
...
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
2022-03-23 18:45:18 -03:00
RD WebDesign
c9809371ab
Selecting the protocol
...
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
2022-03-23 18:33:15 -03:00
yubiuser
a48750e257
Merge pull request #4657 from rdwebdesign/fix4656
...
Add check to avoid error in PHP 8 on the blocking page
2022-03-22 00:37:57 +01:00
RD WebDesign
0d4c69cc6f
Add check to avoid error in PHP 8
...
and return some information about the unexpected value
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
2022-03-21 18:59:46 -03:00
yubiuser
479b2bc075
Merge pull request #4655 from y0ngb1n/fix-wrong-words
...
Fixed wrong words in `README.md`
2022-03-17 13:46:27 +01:00
Yang Bin
2ade05d60f
Fixed wrong words in README.md
...
Signed-off-by: Yang Bin <y0ngb1n@163.com>
2022-03-17 18:58:37 +08:00
Adam Warner
59fc3804be
Make utils.sh posix compatible per request
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2022-03-16 20:40:25 +00:00
Adam Warner
48138d32b6
Adjust addOrEditKeyValPair to optionally take two or three arguments (adjust test to suit)
...
Add a removeKey function with test
update webpage.sh to reference functions in utils.sh (this can likely be abstracted/refactored further)
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2022-03-16 17:42:01 +00:00
yubiuser
ff5e788889
Merge pull request #4652 from rdwebdesign/debuglog_improvements
...
Improving debug log
2022-03-16 07:00:59 +01:00
RD WebDesign
ab7d83384f
Allow lighttpd to stream responses to browser
...
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
2022-03-15 15:33:56 -03:00
Christian König
48136c5bbc
Add last timestamp
...
Signed-off-by: Christian König <ckoenig@posteo.de>
2022-03-14 19:54:46 +01:00