vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 01:26:11 -08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
5,160 Commits 8 Branches 55 Tags
e7ed9e0896c58350a26f93128df4de35b409d9e7
Commit Graph

76 Commits

Author SHA1 Message Date
jokob-sk
78ab0fbd2d PLG: SNMPDSC typo 2025-10-31 20:45:09 +11:00
jokob-sk
63d6410bb4 BE: handle missing buildtimestamp.txt 
Signed-off-by: jokob-sk <jokob.sk@gmail.com>
 2025-10-31 08:12:38 +11:00
Adam Outler
dfcc375fba Non-root launch 2025-09-25 14:10:06 -04:00
Claude Code
874b9b070e Security: Fix SQL injection vulnerabilities (Issue #1179) 
This commit addresses multiple SQL injection vulnerabilities identified in the NetAlertX codebase:

1. **Primary Fix - reporting.py datetime injection**:
   - Fixed f-string SQL injection in down_devices section (line 98)
   - Replaced direct interpolation with validated integer casting
   - Added proper timezone offset handling

2. **Code Quality Improvements**:
   - Fixed type hint error in helper.py (datetime.datetime vs datetime)
   - Added security documentation and comments
   - Created comprehensive security test suite

3. **Security Enhancements**:
   - Documented remaining condition-based injection risks
   - Added input validation for numeric parameters
   - Implemented security testing framework

**Impact**: Prevents SQL injection attacks through datetime parameters
**Testing**: All security tests pass, including syntax validation
**Compliance**: Addresses security scan findings (Ruff S608)

Fixes #1179

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-09-17 22:26:47 -07:00
Ingo Ratsdorf
00c7bb65e1 Update server/helper.py 
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
 2025-09-03 07:10:26 +12:00
Ingo Ratsdorf
5695f4f3e7 Adding secondary cache to settings 
Caching get_setting_value independent from what backend is used.
 2025-09-02 14:48:12 +12:00
jokob-sk
3a023a675f CPU optimization work 5 #1144 
Signed-off-by: jokob-sk <jokob.sk@gmail.com>
 2025-09-01 09:13:13 +10:00
jokob-sk
8c895864da CPU optimizartion work 4 #1144
Some checks failed
Code checks / check-url-paths (push) Has been cancelled
Details
docker / docker_dev (push) Has been cancelled
Details
Deploy MkDocs / deploy (push) Has been cancelled
Details 
Signed-off-by: jokob-sk <jokob.sk@gmail.com>
 2025-09-01 08:45:41 +10:00
jokob-sk
90474a6b92 Merge branch 'main' of https://github.com/jokob-sk/NetAlertX 2025-09-01 08:33:38 +10:00
jokob-sk
98fdccb58f CPU optimizartion work 2 #1144 
Signed-off-by: jokob-sk <jokob.sk@gmail.com>
 2025-09-01 08:33:14 +10:00
Ingo Ratsdorf
36ea3e62fd Added cache to get_settings 
The settings file  is read about 30 times per second and parsed from json. Cache function added for now.
 2025-08-30 21:35:15 +12:00
jokob-sk
f78c84d9a8 api layer v0.3 - /events /sessions work
Some checks failed
Code checks / check-url-paths (push) Has been cancelled
Details
docker / docker_dev (push) Has been cancelled
Details
Deploy MkDocs / deploy (push) Has been cancelled
Details
2025-08-21 22:36:22 +10:00
jokob-sk
915bb523d6 api layer v0.2.5 - /sessions + graphql tests 2025-08-21 15:10:47 +10:00
jokob-sk
962bbaa5a1 api layer v0.2.2 - CSV import/export, refactor
Some checks failed
Code checks / check-url-paths (push) Has been cancelled
Details
docker / docker_dev (push) Has been cancelled
Details
Deploy MkDocs / deploy (push) Has been cancelled
Details
2025-08-19 07:56:54 +10:00
jokob-sk
b155fe2b06 api layer v0.1
Some checks failed
Code checks / check-url-paths (push) Has been cancelled
Details
docker / docker_dev (push) Has been cancelled
Details
Deploy MkDocs / deploy (push) Has been cancelled
Details
2025-08-15 08:04:02 +10:00
jokob-sk
a6df204721 github timeout #1124, css fixes, change button on LOADED_PLUGINS
Some checks failed
Code checks / check-url-paths (push) Has been cancelled
Details
docker / docker_dev (push) Has been cancelled
Details
Deploy MkDocs / deploy (push) Has been cancelled
Details
2025-08-05 21:32:35 +10:00
jokob-sk
e8e48a2cc4 integer causing normalization issue in MQTT #1102
Some checks are pending
Code checks / check-url-paths (push) Waiting to run
Details
docker / docker_dev (push) Waiting to run
Details
Deploy MkDocs / deploy (push) Waiting to run
Details
2025-06-26 07:25:10 +10:00
jokob-sk
503027c06e debug Online_History #1020
Some checks are pending
Code checks / check-url-paths (push) Waiting to run
Details
docker / docker_dev (push) Waiting to run
Details
Deploy MkDocs / deploy (push) Waiting to run
Details
2025-06-01 15:40:17 +10:00
jokob-sk
f4a3717859 FQDN, Dig refactor, docs #1065 2025-06-01 13:59:54 +10:00
jokob-sk
458577e071 mqtt and newdev name regex 2025-02-20 07:57:28 +11:00
jokob-sk
c8a40920b4 cleanup, faster devices screen update #967 #923 2025-01-20 23:42:24 +11:00
jokob-sk
729c24029f docs + fixes to CustomProps 2025-01-02 10:15:58 +11:00
jokob-sk
e52601e062 ENCRYPTION_KEY, docs 2024-12-31 10:14:01 +11:00
jokob-sk
7248e73e03 Respecting LOG_LEVEL in plugins
Some checks are pending
docker / docker_dev (push) Waiting to run
Details
2024-12-22 13:18:08 +11:00
jokob-sk
89840906a0 ICMP plugin 🆕 2024-12-01 12:13:56 +11:00
jokob-sk
f1f40021ee chore:Settings DB table refactor 2024-11-23 09:28:40 +11:00
jokob-sk
0e438ffd57 chore:PHOLUS removal 2024-11-22 20:32:49 +11:00
jokob-sk
44b18e131c GraphQl 0.124 - Running server check 2024-11-15 20:13:03 +11:00
jokob-sk
c1c6813b6e GraphQl 0.123 - Dynamic columns + re-adding old Device table columns 2024-11-14 16:50:23 +11:00
jokob-sk
0bc8b39cec 🔺GraphQL v0.1 + Devices table rebuild + removal of backend compatible scripts 2024-11-10 21:22:45 +11:00
jokob-sk
dcfeb51aa1 Ignored IPs not applied #836 2024-10-12 10:49:29 +11:00
jokob-sk
c4e0abf913 Ignored IPs not applied #836 2024-10-11 20:05:23 +11:00
jokob-sk
f9e6871ab2 New Device creation int.replace issue #833 2024-10-11 19:00:08 +11:00
jokob-sk
30de0f9f93 AVAHISCAN / mDNS #815 2024-10-04 10:05:06 +10:00
jokob-sk
e2d84a1885 MQTT handling diacritics #813
Some checks are pending
docker / docker_dev (push) Waiting to run
Details
2024-09-29 11:52:29 +10:00
jokob-sk
15a7779d6e Sanitize input #805
Some checks are pending
docker / docker_dev (push) Waiting to run
Details
2024-09-26 08:08:24 +10:00
jokob-sk
6233f4d646 Sanitize input #805 2024-09-26 07:21:58 +10:00
jokob-sk
5278af48c5 Sync Hub fix + overriddenByEnv 2024-09-23 08:15:35 +10:00
jokob-sk
fa0e07a511 Handle offlien GitHub #763
Some checks are pending
docker / docker_dev (push) Waiting to run
Details
2024-08-16 08:53:58 +10:00
jokob-sk
45489eadaf 🔌UNIFI work 2024-08-05 09:58:18 +10:00
jokob-sk
b45e82b2a0 NEWDEV_LESS_NAME_CLEANUP + Internet ParentNode fix + 📚Docs 2024-07-16 20:27:15 +10:00
jokob-sk
bf90ee81c7 Name cleanup + nbtscan improvements 2024-07-11 22:35:04 +10:00
jokob-sk
8e7e0afb1e 🔌NBTSCAN plugin #693
Some checks are pending
docker / docker_dev (push) Waiting to run
Details
2024-07-11 15:56:29 +10:00
jokob-sk
0a9ae5e9d9 🔌NBTSCAN plugin #693 2024-07-11 15:27:37 +10:00
jokob-sk
52b293a662 🔷 regex fix
Some checks are pending
docker / docker_dev (push) Waiting to run
Details
2024-07-10 12:48:05 +10:00
jokob-sk
bd52536107 ⚙ transformers fix 2024-07-10 12:22:35 +10:00
jokob-sk
9f44c0de01 ⚙ NAME_CLEANUP_REGEX #735 #728 2024-07-10 11:27:21 +10:00
jokob-sk
41b5de9292 ⚙ NAME_CLEANUP_REGEX test
Some checks are pending
docker / docker_dev (push) Waiting to run
Details
2024-07-09 23:30:09 +10:00
jokob-sk
95d5dbcf68 🔌 MQTT - do not send UNKNOWN + expose DEVICES_SQL 2024-07-09 23:09:42 +10:00
jokob-sk
6049ba00c7 ⚙ Settings rework 3 - json linter 2024-07-09 21:54:55 +10:00