Omnibus

[akrherz]

No description provided.

[gemini-code-assist]

Code Review

This pull request includes several changes across different files, including updates to extremes.php, channels.html, dl.php, tile.py, and mrms_lcref_comp.py. The changes range from minor variable name updates to more significant logic and security enhancements. Overall, the changes seem beneficial, but require careful review to ensure correctness and security.

Summary of Findings

• Potential XSS Vulnerability: The dl.php file introduces xssafe for sanitizing some GET parameters, but not all. This could lead to a potential XSS vulnerability if other parameters are not properly sanitized.
• SQL Injection Risk: The dl.php file uses pg_prepare and pg_execute to mitigate SQL injection risks, which is good. However, it's crucial to ensure that $stationSQL is properly sanitized before being used in the SQL query.
• Tile Cache Redundancy: The tile.py files in both iemweb/c and iemweb/cache have similar code and are modified in the same way. Consider refactoring to reduce redundancy.
• MRMS LCREF Logic: The mrms_lcref_comp.py script adds logic to check old dates, which is good for data consistency. However, ensure that this logic doesn't introduce performance bottlenecks.

Merge Readiness

The pull request introduces important security and logic improvements. However, the potential XSS vulnerability and SQL injection risk in dl.php must be addressed before merging. Additionally, consider refactoring the tile cache code to reduce redundancy. I am unable to directly approve this pull request, and recommend that another reviewer also assesses these changes before merging.

[deepsource-io]

Here's the code health analysis summary for commits 20f69cc..0a196fe. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
Shell	✅ Success		View Check ↗
JavaScript	✅ Success		View Check ↗
Python	✅ Success		View Check ↗
PHP	✅ Success		View Check ↗

---

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 66.66667% with 6 lines in your changes missing coverage. Please review.

Project coverage is 89.03%. Comparing base (20f69cc) to head (0a196fe).
Report is 6 commits behind head on main.

Files with missing lines	Patch %	Lines
pylib/iemweb/util.py	50.00%	6 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1152      +/-   ##
==========================================
+ Coverage   89.01%   89.03%   +0.01%     
==========================================
  Files         410      410              
  Lines       31339    31333       -6     
==========================================
  Hits        27897    27897              
+ Misses       3442     3436       -6     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.