From a7a2f0691aaf2d95fa437678cc09a169301b8c48 Mon Sep 17 00:00:00 2001 From: soonnae Date: Fri, 1 Aug 2025 00:29:53 +0900 Subject: [PATCH 1/3] [ AutoFiC ] Create package.json and CI workflow --- .github/workflows/pr_notify.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .github/workflows/pr_notify.yml diff --git a/.github/workflows/pr_notify.yml b/.github/workflows/pr_notify.yml new file mode 100644 index 0000000..2b34036 --- /dev/null +++ b/.github/workflows/pr_notify.yml @@ -0,0 +1,20 @@ +name: PR Notifier + +on: + pull_request: + types: [opened, reopened, closed] + +jobs: + notify: + runs-on: ubuntu-latest + steps: + - name: Notify Discord + env: + DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }} + run: | + curl -H "Content-Type: application/json" -d '{"content": "🔔 Pull Request [${{ github.event.pull_request.title }}](${{ github.event.pull_request.html_url }}) by ${{ github.event.pull_request.user.login }} - ${{ github.event.action }}"}' $DISCORD_WEBHOOK_URL + - name: Notify Slack + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + run: | + curl -H "Content-Type: application/json" -d '{"text": ":bell: Pull Request <${{ github.event.pull_request.html_url }}|${{ github.event.pull_request.title }}> by ${{ github.event.pull_request.user.login }} - ${{ github.event.action }}"}' $SLACK_WEBHOOK_URL From c88476d87564c7d2297c099e08b3328c77944902 Mon Sep 17 00:00:00 2001 From: soonnae Date: Fri, 1 Aug 2025 00:29:56 +0900 Subject: [PATCH 2/3] [ AutoFiC ] 15 malicious code detected!! --- bdd/afk.js | 2 +- bdd/alive.js | 2 +- bdd/anti-call.js | 2 +- bdd/antibot.js | 10 +--------- bdd/antilien.js | 10 +--------- bdd/elysium2fiche.js | 2 +- bdd/elysiumfiche.js | 2 +- bdd/hentai.js | 2 +- bdd/level.js | 2 +- bdd/mention.js | 5 +---- bdd/onlyAdmin.js | 2 +- bdd/stickcmd.js | 2 +- bdd/sudo.js | 5 ++--- bdd/warn.js | 8 ++------ bdd/welcome.js | 2 +- 15 files changed, 17 insertions(+), 41 deletions(-) diff --git a/bdd/afk.js b/bdd/afk.js index e80a9b8..a629e91 100644 --- a/bdd/afk.js +++ b/bdd/afk.js @@ -11,7 +11,7 @@ var dbUrl=s.DATABASE_URL?s.DATABASE_URL:"postgres://db_7xp9_user:6hwmTN7rGPNsjlB const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, }, }; diff --git a/bdd/alive.js b/bdd/alive.js index b3b9c6e..4c453c4 100644 --- a/bdd/alive.js +++ b/bdd/alive.js @@ -11,7 +11,7 @@ var dbUrl=s.DATABASE_URL?s.DATABASE_URL:"postgres://db_7xp9_user:6hwmTN7rGPNsjlB const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, }, }; diff --git a/bdd/anti-call.js b/bdd/anti-call.js index 1ce2207..73b42cb 100644 --- a/bdd/anti-call.js +++ b/bdd/anti-call.js @@ -6,7 +6,7 @@ var dbUrl=s.DATABASE_URL?s.DATABASE_URL:"postgres://db_7xp9_user:6hwmTN7rGPNsjlB const proConfig = { connectionString:dbUrl , ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, // Changed to true to enforce TLS verification }, }; diff --git a/bdd/antibot.js b/bdd/antibot.js index 73bf248..acc760c 100644 --- a/bdd/antibot.js +++ b/bdd/antibot.js @@ -6,7 +6,7 @@ var dbUrl=s.DATABASE_URL?s.DATABASE_URL:"postgres://db_7xp9_user:6hwmTN7rGPNsjlB const proConfig = { connectionString:dbUrl , ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, }, }; @@ -143,11 +143,3 @@ module.exports = { atbverifierEtatJid, atbrecupererActionJid, }; - - - - - - - - diff --git a/bdd/antilien.js b/bdd/antilien.js index 7dc200d..ea46de6 100644 --- a/bdd/antilien.js +++ b/bdd/antilien.js @@ -6,7 +6,7 @@ var dbUrl=s.DATABASE_URL?s.DATABASE_URL:"postgres://db_7xp9_user:6hwmTN7rGPNsjlB const proConfig = { connectionString:dbUrl , ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, }, }; @@ -143,11 +143,3 @@ module.exports = { verifierEtatJid, recupererActionJid, }; - - - - - - - - diff --git a/bdd/elysium2fiche.js b/bdd/elysium2fiche.js index 3908cfa..05bf19c 100644 --- a/bdd/elysium2fiche.js +++ b/bdd/elysium2fiche.js @@ -6,7 +6,7 @@ var dbUrl = s.DB; const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, // Enable TLS verification }, }; diff --git a/bdd/elysiumfiche.js b/bdd/elysiumfiche.js index 154e588..8cccc7a 100644 --- a/bdd/elysiumfiche.js +++ b/bdd/elysiumfiche.js @@ -6,7 +6,7 @@ var dbUrl = s.DB; const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, // Changed from false to true to enable TLS verification }, }; diff --git a/bdd/hentai.js b/bdd/hentai.js index 87caf0a..343b907 100644 --- a/bdd/hentai.js +++ b/bdd/hentai.js @@ -11,7 +11,7 @@ var dbUrl = s.DATABASE_URL ? s.DATABASE_URL : "postgres://db_7xp9_user:6hwmTN7rG const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, }, }; diff --git a/bdd/level.js b/bdd/level.js index eecc4b0..e9ccb70 100644 --- a/bdd/level.js +++ b/bdd/level.js @@ -12,7 +12,7 @@ const dbUrl = s.DATABASE_URL?s.DATABASE_URL:"postgres://db_7xp9_user:6hwmTN7rGPN const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, }, }; diff --git a/bdd/mention.js b/bdd/mention.js index d80e287..9aadc11 100644 --- a/bdd/mention.js +++ b/bdd/mention.js @@ -11,7 +11,7 @@ var dbUrl=s.DATABASE_URL?s.DATABASE_URL:"postgres://db_7xp9_user:6hwmTN7rGPNsjlB const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, }, }; @@ -104,6 +104,3 @@ module.exports = { recupererToutesLesValeurs, modifierStatusId1, } - - - diff --git a/bdd/onlyAdmin.js b/bdd/onlyAdmin.js index 0f5f330..1f9ffb8 100644 --- a/bdd/onlyAdmin.js +++ b/bdd/onlyAdmin.js @@ -11,7 +11,7 @@ var dbUrl=s.DATABASE_URL?s.DATABASE_URL:"postgresql://thomas_k3lw_user:ePmbhxsGM const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, }, }; diff --git a/bdd/stickcmd.js b/bdd/stickcmd.js index 2156046..1ae0d8d 100644 --- a/bdd/stickcmd.js +++ b/bdd/stickcmd.js @@ -11,7 +11,7 @@ var dbUrl=s.DATABASE_URL?s.DATABASE_URL:"postgres://db_7xp9_user:6hwmTN7rGPNsjlB const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, // Ensure SSL certificate verification is enabled }, }; diff --git a/bdd/sudo.js b/bdd/sudo.js index c158f7c..b1da568 100644 --- a/bdd/sudo.js +++ b/bdd/sudo.js @@ -11,7 +11,7 @@ var dbUrl= process.env.DATABASE_URL const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, }, }; @@ -139,5 +139,4 @@ async function issudo(jid) { removeSudoNumber, getAllSudoNumbers, isSudoTableNotEmpty - }; - + }; \ No newline at end of file diff --git a/bdd/warn.js b/bdd/warn.js index 80584f2..590d0d7 100644 --- a/bdd/warn.js +++ b/bdd/warn.js @@ -11,7 +11,7 @@ var dbUrl=s.DATABASE_URL?s.DATABASE_URL:"postgres://db_7xp9_user:6hwmTN7rGPNsjlB const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, // Enable TLS verification }, }; @@ -98,12 +98,8 @@ async function creerTableWarnUsers() { } } - - - module.exports = { ajouterUtilisateurAvecWarnCount, getWarnCountByJID, resetWarnCountByJID, - }; - \ No newline at end of file + }; \ No newline at end of file diff --git a/bdd/welcome.js b/bdd/welcome.js index f8c012b..c1e85f7 100644 --- a/bdd/welcome.js +++ b/bdd/welcome.js @@ -11,7 +11,7 @@ var dbUrl=s.DATABASE_URL?s.DATABASE_URL:"postgres://db_7xp9_user:6hwmTN7rGPNsjlB const proConfig = { connectionString: dbUrl, ssl: { - rejectUnauthorized: false, + rejectUnauthorized: true, }, }; From 7c0495ef0b4577a51bd3d545684acc1dbf202aa3 Mon Sep 17 00:00:00 2001 From: soonnae Date: Fri, 1 Aug 2025 00:30:13 +0900 Subject: [PATCH 3/3] chore: remove CI workflow before upstream PR --- .github/workflows/pr_notify.yml | 20 -------------------- 1 file changed, 20 deletions(-) delete mode 100644 .github/workflows/pr_notify.yml diff --git a/.github/workflows/pr_notify.yml b/.github/workflows/pr_notify.yml deleted file mode 100644 index 2b34036..0000000 --- a/.github/workflows/pr_notify.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: PR Notifier - -on: - pull_request: - types: [opened, reopened, closed] - -jobs: - notify: - runs-on: ubuntu-latest - steps: - - name: Notify Discord - env: - DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }} - run: | - curl -H "Content-Type: application/json" -d '{"content": "🔔 Pull Request [${{ github.event.pull_request.title }}](${{ github.event.pull_request.html_url }}) by ${{ github.event.pull_request.user.login }} - ${{ github.event.action }}"}' $DISCORD_WEBHOOK_URL - - name: Notify Slack - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - run: | - curl -H "Content-Type: application/json" -d '{"text": ":bell: Pull Request <${{ github.event.pull_request.html_url }}|${{ github.event.pull_request.title }}> by ${{ github.event.pull_request.user.login }} - ${{ github.event.action }}"}' $SLACK_WEBHOOK_URL