Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add warning to [p]set api if <>s are included in secret #6253

Open
Flame442 opened this issue Oct 6, 2023 · 0 comments · May be fixed by #6265
Open

Add warning to [p]set api if <>s are included in secret #6253

Flame442 opened this issue Oct 6, 2023 · 0 comments · May be fixed by #6265
Labels
Category: Core - Bot Commands This is related to core commands (Core and CogManagerUI cog classes). Good First Issue Good for beginners to the project. Status: In Progress There's a PR open to deal with this, or an org member is working on this internally Type: Feature New feature or request.

Comments

@Flame442
Copy link
Member

Flame442 commented Oct 6, 2023

Type of feature request

Command

Description of the feature you're suggesting

When users are instructed to set an API key with [p]set api, they are often told to fill in parts of the command by marking a part with something like <keyname> (for example, [p]set api youtube api_key <your_api_key_here>). When this is done, the user is expected to replace the entire word, including the <>s. Sometimes users do not realize this, and enter their key within <>s. This often breaks the API service in an unexpected way, which can be confusing for users.

We can't reject keys that are wrapped in <>s, because they may be valid for a strange service out there, however we should warn the user to double check if their key is actually supposed to be formatted like that. All secrets should be checked to see if they start with < and end with >, and if so the user should be warned that they may have failed to replace the entire block, with a warning added to the confirmation message such as:

You may have failed to properly format the key. If you were told to enter a key with an example such as [p]set api youtube api_key <your_api_key_here>, and your API key was HREDFGWE, make sure to run [p]set api youtube api_key HREDFGWE, and not [p]set api youtube api_key <HREDFGWE>

There's a small concern that a key might be something entirely stupid like <> itself, and this would technically reveal information about the key, but I believe that is a relatively tiny concern.

Anything else?

No response
@Flame442 Flame442 added Good First Issue Good for beginners to the project. Type: Feature New feature or request. Status: PRs Welcome No one is currently assigned to this issue, but we'd be grateful if anyone made a PR. Category: Core - Bot Commands This is related to core commands (Core and CogManagerUI cog classes). Status: In Progress There's a PR open to deal with this, or an org member is working on this internally and removed Status: PRs Welcome No one is currently assigned to this issue, but we'd be grateful if anyone made a PR. labels Oct 6, 2023
@giplgwm giplgwm linked a pull request Nov 1, 2023 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Category: Core - Bot Commands This is related to core commands (Core and CogManagerUI cog classes). Good First Issue Good for beginners to the project. Status: In Progress There's a PR open to deal with this, or an org member is working on this internally Type: Feature New feature or request.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add warning to [p]set api if <>s are included in secret giplgwm/Red-DiscordBot
1 participant
@Flame442