m/netupgrade
1
0
Fork 0
Code Issues Activity

fix: harden checklist selection parsing and clarify -f help text

Browse Source
This commit is contained in:
MatMoul
2026-04-26 00:33:27 +02:00
parent f9af0f4823
commit 46f42c8893
3 changed files with 35 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
state.md
+3 -2
View File
@@ -90,7 +90,6 @@ Supported action types currently include:
### Short term
- Tackle the next hardening work as small, reviewable commits instead of one broad patch
- First focus on the interactive selection flow: make `whiptail` defaults explicit with `ON`/`OFF` and harden parsing of selected items
- Revisit the log summary insertion method, which still relies on `sed -i` string interpolation
- Review package-manager cleanup steps that look incorrect or misleading, such as `apt-get purge` without arguments and the current `apk` `-y` handling
- Review the remaining quoting-sensitive areas, especially around remote shell command construction
@@ -120,6 +119,8 @@ Supported action types currently include:
- The `docker-stacks` action was rewritten to use a remote shell script with the stack directory passed as an argument
- Unknown actions and reboot SSH failures now propagate error status more consistently
- A focused code review identified the next recommended work items and suggested splitting them into separate commits rather than combining them in one larger hardening change
- `whiptail` checklist defaults are now passed explicitly as `ON`/`OFF`, and selected items are parsed through a dedicated helper instead of relying on raw shell word splitting
- The CLI help and README now clarify that `-f` preselects all nodes in the interactive checklist
## Change guidance
- Preserve backward compatibility for existing config files where possible
@@ -129,8 +130,8 @@ Supported action types currently include:
- Be cautious with changes to remote command construction, as quoting changes can introduce regressions
## Suggested review focus for future changes
- `whiptail` selection handling, including explicit default states and robust parsing of selected values
- Safe log summary generation without in-place `sed` interpolation of arbitrary text
- Correctness of package-manager cleanup commands and confirmation flags
- Correctness of remote command execution
- Safe quoting and shell expansion behavior
- Compatibility of config format with existing user setups