cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dev
Linux-Server-Management-Too…/REMAINING_IMPROVEMENTS.md
T

173 lines
4.6 KiB
Markdown
Raw Permalink Blame History

# Remaining Improvements - Dev Branch
**Status**: Post-critical-fixes analysis
**Date**: 2026-03-19
**Branch**: dev
## High-Priority Items (Recommended Next)
### 1. Array Safety in User Enumeration (reference-db.sh:128)
```bash
# Current (potentially unsafe)
local users=($(list_all_users))
# Better approach
while IFS= read -r user; do
[ -z "$user" ] && continue
users+=("$user")
done < <(list_all_users)
```
**Why**: Safer handling of usernames with special characters
**Impact**: Prevents word-splitting issues with unusual usernames
**Difficulty**: LOW (30 min)
### 2. URL Encoding for Domain Checks (reference-db.sh:219, 225)
```bash
# Current (not encoded)
curl ... "http://$domain"
# Better approach
domain_encoded=$(printf %s "$domain" | sed 's/[^a-zA-Z0-9._-]/\\&/g')
curl ... "http://$domain_encoded"
```
**Why**: Handles domains with special characters or non-ASCII characters
**Impact**: Prevents curl errors with unusual domain names
**Difficulty**: LOW (30 min)
### 3. Timeout Configuration Validation
**Current**: Hardcoded 3-second timeout in curl operations
**Issue**: May be insufficient for slow networks or servers
**Improvement**: Make configurable via environment variable
```bash
DOMAIN_CHECK_TIMEOUT=${DOMAIN_CHECK_TIMEOUT:-3}
timeout $DOMAIN_CHECK_TIMEOUT curl ...
```
**Difficulty**: LOW (20 min)
---
## Medium-Priority Items
### 4. Array Expansion Consistency (reference-db.sh:118)
**Current**: Mixes array patterns
```bash
# Line 118 - for loop with [@]
for php_ver in "${SYS_PHP_VERSIONS[@]}"; do
# Line 128 - array assignment with command substitution
local users=($(list_all_users))
```
**Issue**: Inconsistent array handling patterns
**Recommendation**: Document and enforce consistent pattern
**Difficulty**: LOW (15 min)
### 5. Progress Bar Rendering (lib/common-functions.sh:140-150)
**Current**: Uses carriage return \r for in-place updates
**Potential Issue**: May not work correctly in all terminal types
**Improvement**: Add fallback for dumb terminals
```bash
if [ "$TERM" != "dumb" ]; then
printf "\r]..." # In-place update
else
echo "..." # Fallback to newlines
fi
```
**Difficulty**: MEDIUM (45 min)
---
## Low-Priority Items
### 6. Function Naming Conventions
**Current**: Mix of naming styles
- `build_system_section()` - verb_noun style
- `check_domain_status()` - verb_noun style
- `show_progress()` - verb_noun style
**Observation**: Naming is actually consistent! ✅
### 7. Inline Documentation
**Current**: Some functions lack purpose comments
**Recommendation**: Add one-line purpose comments above all functions
**Difficulty**: LOW (1 hour for all files)
### 8. Source Guard Safety (reference-db.sh line 1)
**Current**: No source guard (allows re-sourcing)
**Improvement**: Add guard pattern
```bash
if [ -n "${_REFERENCE_DB_LOADED:-}" ]; then
return 0
fi
readonly _REFERENCE_DB_LOADED=1
```
**Difficulty**: LOW (10 min, add to all library files)
### 9. Unused Variable Cleanup
**Finding**: No unused variables detected in recent code review
**Status**: ✅ CLEAN
---
## Implementation Priority Recommendation
### Phase 2 - Next (1-2 hours)
1. ✅ Critical security fixes (DONE - 16f222f)
2. Array safety in user enumeration (30 min)
3. URL encoding for domain checks (30 min)
4. Timeout configuration (20 min)
### Phase 3 - Later (2-3 hours)
5. Array expansion consistency (15 min)
6. Progress bar fallbacks (45 min)
7. Source guard safety (10 min)
8. Inline documentation (60 min)
### Phase 4 - Low Priority (1 hour)
9. Additional refinements based on testing
---
## Testing Plan for Phase 2
Once Phase 2 items are fixed:
1. **Fresh AlmaLinux 8 Test**
- No control panel
- No web server
- No database
- Expected: Proper detection with empty services
2. **Fresh Ubuntu 22.04 Test**
- With Apache
- No MySQL
- Expected: Proper Apache detection, MySQL marked as "none"
3. **cPanel Test**
- Full stack: cPanel, Apache, MySQL
- Expected: All services detected correctly
4. **Plesk Test**
- Full stack: Plesk, Nginx, MariaDB
- Expected: Proper Plesk and Nginx detection
---
## Deployment Timeline
- [x] Critical security fixes - Commit 16f222f
- [ ] Phase 2 improvements - Target 1-2 hours
- [ ] Phase 2 testing - Target fresh systems
- [ ] Phase 3 improvements - Target 2-3 hours
- [ ] Full regression suite - Target all combinations
- [ ] Merge to production main branch
---
## Notes
- All syntax checks pass (bash -n validation)
- No runtime errors detected
- Process substitution patterns are safe
- Error handling is comprehensive
- Color code duplication (lines 28-35 of launcher.sh) is redundant but harmless
Reference in New Issue View Git Blame Copy Permalink