fix: Cross-platform compatibility and security improvements#27
Open
Joshua7792 wants to merge 6 commits into
Open
fix: Cross-platform compatibility and security improvements#27Joshua7792 wants to merge 6 commits into
Joshua7792 wants to merge 6 commits into
Conversation
- Move Windows-only packages (comtypes, pycaw, win10toast, pywinauto) to conditional installation using environment markers - Add python-dotenv for .env file support (security feature) - Fixes cross-platform installation issues on macOS and Linux (issues FatihMakes#15, FatihMakes#21) - Users on non-Windows platforms will no longer fail on Windows-specific dependency installation Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Add platform detection to inform user about OS - Update completion message to reference MARK XXXIX (not XXV) - Prepare for platform-aware configuration in future updates Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Protect .env files containing API keys - Exclude config/api_keys.json (sensitive data) - Standard Python and IDE exclusions - Protect browser data and sensitive directories This ensures sensitive API keys and credentials are never accidentally committed. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…m compatibility - Replace plain-text JSON API key storage with .env file support - Add python-dotenv import to load GOOGLE_API_KEY from .env - Add graceful fallback to config/api_keys.json for backward compatibility - Add platform-aware imports with try/except for Windows-only packages - Update documentation in code comments - Fixes security vulnerability (issue FatihMakes#2) by avoiding plain-text credential storage Security improvements: - API keys now stored in .env files (which are .gitignored) - Fallback mechanism preserves backward compatibility - Documentation guides users to use .env for new installations Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Covers: - API key management using .env files (recommended security practice) - Headless setup for accessibility (addresses issue FatihMakes#11) - Platform-specific installation instructions (Windows, macOS, Linux) - Fixes and status for security vulnerabilities (issue FatihMakes#2) - Troubleshooting guide - Instructions for obtaining Gemini API key This guide ensures users understand security best practices and can set up the application across all platforms. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…structions - Add clear setup instructions with .env support (recommended method) - Reference SECURITY.md for detailed security and platform-specific guidance - Add troubleshooting section with links to detailed solutions - Update feature list to mention enhanced security - Improve formatting for better readability - Add links to contributing and issue tracking Fixes issues FatihMakes#15, FatihMakes#21, FatihMakes#11 by providing clear cross-platform setup documentation. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🎯 Overview
This pull request addresses critical cross-platform compatibility issues and security vulnerabilities identified in the repository. It makes MARK XXXIX accessible and functional on Windows, macOS, and Linux while improving API key security.
🐛 Issues Fixed
Directly addresses:
✨ Changes
1. requirements.txt - Platform-Aware Dependencies
package; sys_platform == 'win32'ensures conditional installationImpact: Installation now succeeds on macOS and Linux without trying to install Windows-specific packages.
2. setup.py - Enhanced Platform Detection
3. .gitignore - Protect Sensitive Data
Impact: API keys will never be accidentally committed to git.
4. main.py - Security & Platform Improvements
5. SECURITY.md - New Security & Setup Guide
Comprehensive guide covering:
6. readme.md - Improved Documentation
🔒 Security Improvements
📚 Documentation
See SECURITY.md for comprehensive security and setup guide.