hlmtre / pybot Goto Github PK

View Code? Open in Web Editor NEW

10.0 3.0 4.0 1.98 MB

An extensible, modular, configurable, and multi-threaded python irc bot.

License: GNU General Public License v3.0

Shell 1.32% Python 98.50% Makefile 0.03% Dockerfile 0.15%

pybot python-irc-bot

pybot's Introduction

ReadTheDocs documentation

pybot is a python irc bot. he is a project.

he is modular, extensible, multi-threaded (for network independence!), and configurable.

pybot runs on python 2.7 and >3.5, on both windows and linux, though current development is all geared towards >3.5.

master branch should be stable. feature branches can be broken at any time.

If You've Got Docker

This is mucho easier-o. Just

docker build . -t pybox
docker run -it pybox --nick <botnick> --server <yourserver> --port 6667 --channels "#c1, #c2" --owner <yournick>

(Now probably more than) 10-second TL;DR:

Take care of dependencies. If you don't use MySQL and don't care about certain modules breaking, you don't need anything but python 2.7/3.5 and standard libs.

python -m venv pybot-venv
source pybot-venv/bin/activate
# so as to not stuff pips everywhere
pip install -r requirements.txt

python-dev
libmysqlclient-dev (aka mysql-python in pip)
requests (used in a variety of modules)
praw (for reddit info module)
mysql-python (if you do use mysql)
sphinx (for docs)
python-twitter (twitterposter)
pytz (tzone)

Local Development (with sqlite3)

Copy pybotrc to the user who will run the bot (you can probably do cp pybotrc ~/.pybotrc)
Modify ~/.pybotrc with your network, owner, and nickname.
./pybot.py
laugh at mysql guys.
continue laughing.
for debugging purposes, ./pybot.py -d.

Local Development (with MySQL)

modify pybotrc with your channels and passwords.
run sudo ./bootstrap.sh to install pybot dependencies such as mysql.
run ./setup.sh. It will check for module dependencies and create a mysql_init file. mysql -p < mysql\_init
./pybot.py pybotrc
rejoice.
for debugging purposes, ./pybot.py -d.

Manual

Add a mysql user for pybot with permissions to update, insert, and delete from the created tables. Logged into mysql: grant all on <dbname>.* to '<username>' identified by '<password>';

Run the included mysql_dump file (as root, mysql -p <pybot's database name> < mysql\_dump). Set his dbpass in the config file (pybotrc) to the password you've given him. Copy that config file to the home folder of whatever user will be running the bot. (~user/.pybotrc) As that user, ./pybot.py.

Vagrant Development

If you have Vagrant locally installed and configured, you can set up pybot by invoking vagrant up. Your development environment will be configured, and you can skip step 1 and 2 above. After that, SSH into your VM and do steps 3 through 5 to finish things off.

Images & Explanation

Here pybot is connected to two networks at once. They are held entirely separately. Modules loaded on one are independent of modules loaded on another. If one server goes down, the other connections to other networks are unaffected.

TODO

add birthday module (save birthdays for your channel regulars!)
update scheduler to accept at commands - .schedule at 5pm say #development pick your child from daycare

pybot's People

Contributors

Stargazers

Watchers

Forkers

madelinecr kgraves optionalg ctrlaltmech

pybot's Issues

CVE-2022-23491 (Medium) detected in certifi-2021.10.8-py2.py3-none-any.whl

CVE-2022-23491 - Medium Severity Vulnerability

Vulnerable Library - certifi-2021.10.8-py2.py3-none-any.whl

Python package for providing Mozilla's CA Bundle.

Library home page: https://files.pythonhosted.org/packages/37/45/946c02767aabb873146011e665728b680884cd8fe70dde973c640e45b775/certifi-2021.10.8-py2.py3-none-any.whl

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

imgurpython-1.1.7.tar.gz (Root Library)
- requests-2.26.0-py2.py3-none-any.whl
  - ❌ certifi-2021.10.8-py2.py3-none-any.whl (Vulnerable Library)

Found in base branch: master

Vulnerability Details

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.

Publish Date: 2022-12-07

URL: CVE-2022-23491

CVSS 3 Score Details (6.8)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: None
- Scope: Changed
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: High
- Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2022-23491

Release Date: 2022-12-07

Fix Resolution: certifi - 2022.12.07

Step up your Open Source Security Game with Mend here

CVE-2022-40899 (Medium) detected in future-0.18.2.tar.gz

CVE-2022-40899 - Medium Severity Vulnerability

Vulnerable Library - future-0.18.2.tar.gz

Clean single-source support for Python 3 and 2

Library home page: https://files.pythonhosted.org/packages/45/0b/38b06fd9b92dc2b68d58b75f900e97884c45bedd2ff83203d933cf5851c9/future-0.18.2.tar.gz