Fix: Improve firewall configuration based on code review

- Remove redundant subdomain entries (www.gnu.org, ftp.gnu.org) already covered by *.gnu.org wildcard
- Improve error handling in setup-firewall.sh - fail explicitly on JSON parse errors instead of silently continuing
- Better error messages for troubleshooting configuration issues

Co-authored-by: jmiller-moko <230051081+jmiller-moko@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-01-16 07:13:42 +00:00
parent c1837f51d1
commit d5c282db6e
2 changed files with 4 additions and 3 deletions
-2
View File
@@ -5,8 +5,6 @@
"allowlist": {
"domains": [
"*.gnu.org",
"www.gnu.org",
"ftp.gnu.org",
"fsf.org",
"www.fsf.org",
"spdx.org",
+4 -1
View File
@@ -19,7 +19,10 @@ if [ ! -f "$ALLOWLIST_FILE" ]; then
fi
# Read domains from the allowlist configuration
DOMAINS=$(jq -r '.allowlist.domains[]' "$ALLOWLIST_FILE" 2>/dev/null || echo "")
if ! DOMAINS=$(jq -r '.allowlist.domains[]' "$ALLOWLIST_FILE" 2>&1); then
echo "ERROR: Failed to parse allowlist configuration: $DOMAINS"
exit 1
fi
if [ -z "$DOMAINS" ]; then
echo "WARNING: No domains found in allowlist configuration"