add vc-url/vc-interval and explanations to example .conf files

contrib/systemd/copyparty.example.conf

@@ -18,6 +18,15 @@
   # (note: enable compression by adding .xz at the end)
   q, lo: $LOGS_DIRECTORY/%Y-%m%d.log
 
+  # url to check against for vulnerable versions (default disabled); setting this will enable automatic 
+  # vulnerability checks. the notification, in case you are running a vulnerable version, is shown on the 
+  # admin panel (/?h) and only for users with admin permissions. you can choose between the value given here, 
+  # or alternatively use https://api.copyparty.eu/security-advisories, or your own custom endpoint
+  vc-url: https://api.github.com/repos/9001/copyparty/security-advisories
+
+  # how many seconds to wait between vulnerability checks; default is 86400 (= 1 day).
+  vc-interval: 86400
+
   # p: 80,443,3923   # listen on 80/443 as well (requires CAP_NET_BIND_SERVICE)
   # i: 127.0.0.1     # only allow connections from localhost (reverse-proxies)
   # ftp: 3921        # enable ftp server on port 3921

copyparty/__main__.py

@@ -1204,7 +1204,7 @@ def add_general(ap, nc, srvname):
     ap2.add_argument("--license", action="store_true", help="show licenses and exit")
     ap2.add_argument("--version", action="store_true", help="show versions and exit")
     ap2.add_argument("--versionb", action="store_true", help="show version and exit")
-    ap2.add_argument("--vc-url", metavar="URL", type=u, default="", help="URL to check for vulnerable versions (default: None)")
+    ap2.add_argument("--vc-url", metavar="URL", type=u, default="", help="URL to check for vulnerable versions (default: empty/disabled)")
     ap2.add_argument("--vc-interval", metavar="SEC", type=int, default=86400, help="how many seconds to wait between vulnerability checks (default: 86400)")
 
 

copyparty/svchub.py

@@ -1826,7 +1826,7 @@ class SvcHub(object):
             if data:
                 try:
                     advisories = json.loads(data)
-                    
+
                     fixes = (
                         self.parse_version(vuln.get("patched_versions"))
                         for adv in advisories
@@ -1837,7 +1837,7 @@ class SvcHub(object):
 
                     if newest_fix and ver_cpp < newest_fix:
                         self.broker.say("httpsrv.set_bad_ver", True)
-                    
+
                 except Exception as e:
                     self.log("ver-chk", "failed to process vulnerability advisory; {}".format(e))
 

docs/chungus.conf

@@ -57,6 +57,15 @@
 
   # show versions and exit
   version
+ 
+  # url to check against for vulnerable versions (default disabled); setting this will enable automatic 
+  # vulnerability checks. the notification, in case you are running a vulnerable version, is shown on the 
+  # admin panel (/?h) and only for users with admin permissions. you can choose between the value given here, 
+  # or alternatively use https://api.copyparty.eu/security-advisories, or your own custom endpoint
+  vc-url: https://api.github.com/repos/9001/copyparty/security-advisories
+
+  # how many seconds to wait between vulnerability checks; default is 86400 (= 1 day).
+  vc-interval: 86400
 
   ###000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000\
   ###// qr options \\000000000000000000000000000000000000000000000000000000000000000000000000000\