add vc-url and vc-interval config options

2026-02-26 13:33:09 -07:00 · 2026-02-26 00:50:49 +02:00 · 2026-02-26 00:50:49 +02:00 · 3cbb9ef0fd
parent 1feed7837c
commit 3cbb9ef0fd
2 changed files with 6 additions and 7 deletions
--- a/copyparty/main.py
+++ b/copyparty/main.py
@ -1204,6 +1204,8 @@ def add_general(ap, nc, srvname):
    ap2.add_argument("--license", action="store_true", help="show licenses and exit")
    ap2.add_argument("--version", action="store_true", help="show versions and exit")
    ap2.add_argument("--versionb", action="store_true", help="show version and exit")
+    ap2.add_argument("--vc-url", metavar="URL", type=u, default="", help="URL to check for vulnerable versions (default: None)")
+    ap2.add_argument("--vc-interval", metavar="SEC", type=int, default=86400, help="how many seconds to wait between vulnerability checks (default: 86400)")


 def add_qr(ap, tty):
--- a/copyparty/svchub.py
+++ b/copyparty/svchub.py
@ -108,10 +108,6 @@ VER_IDP_DB = 1
 VER_SESSION_DB = 1
 VER_SHARES_DB = 2

-VULN_CHECK_URL = "https://api.github.com/repos/9001/copyparty/security-advisories"
-VULN_CHECK_INTERVAL = 86400
-
-
 class SvcHub(object):
    """
    Hosts all services which cannot be parallelized due to reliance on monolithic resources.
@ -1810,14 +1806,14 @@ class SvcHub(object):

            try:
                mtime = os.path.getmtime(fpath)
-                if time.time() - mtime < VULN_CHECK_INTERVAL:
+                if time.time() - mtime < self.args.vc_interval:
                    data = read_utf8(None, fpath, True)
            except Exception as e:
                self.log("ver-chk", "no vulnerability advisory cache found; {}".format(e))

            if not data:
                try:
-                    req = Request(VULN_CHECK_URL)
+                    req = Request(self.args.vc_url)
                    with urlopen(req, timeout=30) as f:
                        data = f.read().decode("utf-8")

@ -1841,10 +1837,11 @@ class SvcHub(object):

                    if newest_fix and ver_cpp < newest_fix:
                        self.broker.say("httpsrv.set_bad_ver", True)
+                    
                except Exception as e:
                    self.log("ver-chk", "failed to process vulnerability advisory; {}".format(e))

-            for _ in range(VULN_CHECK_INTERVAL):
+            for _ in range(self.args.vc_interval):
                if self.stopping:
                    return
                time.sleep(1)