Website/API Suggestion

Description

The download location/link for JavaBotBlockAPI has been updated due to Bintray shutting down ("sundowning" in their words) in may this year.

Downloads are now provided through the nexus server of ci.codemc.io (Which was already used to host Dev Builds of the lib)

The latest release is the exact same as the latest dev build on the CI, so a direct link to the latest successful build on the CI should be sufficient enough for the "View on <page>" button:
https://ci.codemc.io/job/botblock/job/JavaBotBlockAPI/lastSuccessfulBuild/

For getting the latest version to display would you need to use the nexus badge type of shields.io:
https://img.shields.io/nexus/maven-public/org.botblock/javabotblockapi-core?label=CodeMC&server=https%3A%2F%2Frepo.codemc.io&style=flat-square

Result:

Why

The download links won't work anymore once bintray sundowned so an update should be made.

EDIT:
I also noticed that the YAML file used for storing info of libs (from the db iirc) seems to be outdated and no longer represents the latest iteration of the description found on botblock.org
This should perhaps also be updated.

Website/API Suggestion

Description

The Discord icon syncing process is currently only run through a scheduler and moderators of the website have no way to manually run this check/update.

There should be a button, only shown to moderators, in the navbar lists dropdown that syncs all lists' icons, as well as a button shown on each list card to sync the icon for that list only.

Why

Sometimes a list may change their icon right after the scheduler has run and a moderator of the website may want to update this before the scheduler runs again.

Sorry if wrong topic but I currently have namecheap, willing to get another for this
does anyone have a quick rundown on how to set this up?

The lists_messages table is used to track the relevant Discord message that displays the list info.

When the ID for the list is updated, this change is reflected in the lists & feature_map tables but not in the lists_messages table which causes a new Discord message to be posted.

Website/API Suggestion

Description

Bring back the bot lookup feature that the old website had. This should hook into the BotBlock bot API endpoint for the primary results but may also consider crawling bot list HTML/badge pages from the data we have in the DB to attempt to determine if a bot is listed where there is no API endpoint.

The old version is still live (ish) on the PHP dev version of the site at https://dev.botblock.org/lookup

Why

Bot lookup was a useful feature to have on the website, let's bring it back.

Bug Report

Description

String fields within the list DB model don't support non-ascii chars and this means that any non-ascii char will cause the DB to fail to save the entry.

Steps to reproduce

1. Have a valid list saved in the DB
2. Edit the list and set the owners field to contain non-ascii chars, such as ᴀᴄᴋ
3. Save the list and observe the error raised: Error: ER_TRUNCATED_WRONG_VALUE_FOR_FIELD: Incorrect string value

Expected behavior

Saves without error.

Logs or Screenshots

Error: ER_TRUNCATED_WRONG_VALUE_FOR_FIELD: Incorrect string value: '...' for column 'owners' at row 1

Website/API Suggestion

Description

Basic code style settings like line endings, file endings, tab vs spaces & indent size can be set in a .editorconfig file that most IDEs will detect and follow.

Why

Consistent code style.

Website/API Suggestion

Description

Currently, if you edit a website on the staging deployment or the scheduled tasks update an icon on staging, this will still send a message to the Discord channel. We should add a boolean flag to the config file that disables the notifications to Discord so that staging can have them disabled.

Why

Discord messages from staging are annoying and confusing for people in the Discord guild.

Main insight script, which should live in the header:

<script>
window['_fs_debug'] = false;
window['_fs_host'] = 'fullstory.com';
window['_fs_script'] = 'edge.fullstory.com/s/fs.js';
window['_fs_org'] = 'Q8TN6';
window['_fs_namespace'] = 'FS';
(function(m,n,e,t,l,o,g,y){
    if (e in m) {if(m.console && m.console.log) { m.console.log('FullStory namespace conflict. Please set window["_fs_namespace"].');} return;}
    g=m[e]=function(a,b,s){g.q?g.q.push([a,b,s]):g._api(a,b,s);};g.q=[];
    o=n.createElement(t);o.async=1;o.crossOrigin='anonymous';o.src='https://'+_fs_script;
    y=n.getElementsByTagName(t)[0];y.parentNode.insertBefore(o,y);
    g.identify=function(i,v,s){g(l,{uid:i},s);if(v)g(l,v,s)};g.setUserVars=function(v,s){g(l,v,s)};g.event=function(i,v,s){g('event',{n:i,p:v},s)};
    g.shutdown=function(){g("rec",!1)};g.restart=function(){g("rec",!0)};
    g.log = function(a,b) { g("log", [a,b]) };
    g.consent=function(a){g("consent",!arguments.length||a)};
    g.identifyAccount=function(i,v){o='account';v=v||{};v.acctId=i;g(o,v)};
    g.clearUserCookie=function(){};
})(window,document,window['_fs_namespace'],'script','user');
</script>

Identify script for signed in users:

// This is an example script - don't forget to change it!
FS.identify('<THE_ID_THAT_YOU_USE_IN_YOUR_APP_FOR_THIS_USER>', {
  displayName: '<DISPLAY_NAME_HERE>',
  email: '<EMAIL_HERE>',
  // TODO: Add your own custom user variables here, details at
  // https://help.fullstory.com/hc/en-us/articles/360020623294
  reviewsWritten_int: 14
});

This also needs a section added to the about page disclosing the use of FullStory for analytical purposes.

Website/API Suggestion

Description

Much like the API libraries page, the content sections on the about page are also controlled from a database table but there is currently no web interface on the site to add, edit or remove sections from the page.

An interface should be added to the website, for admins only, that allows them to add new sections to the about page, edit existing ones and also remove sections.

This page uses markdown rendering and the editing interface for the content could consider rendering on-the-fly for a preview of the content.

Why

Ease of use instead of editing the database directly.

Website/API Suggestion

Description

All PRs that are submitted to the repo should make use of GitHub Actions to run the test suite.

Things to consider:

• This will need to generate its own config.js
  • Don't want to give it Discord details
  • Will need its own DB details
• This will need its own DB
  • SQLite may be the simplest solution, but it will need to create this with a blank schema before migrations & seed

Why

Whilst most developers will test their code locally before PR'ing, having CI to ensure tests pass on PRs will be useful for reviewers.

Bug Report

Description

Steps to reproduce

(This is with a test api token)

python3
import requests
a = requests.post(“https://botblock.org/api/count”, json = {“server_count”: 1414, “shard_count”: 1253, “bot_id”: “ 631115725876101150”, “fateslist.xyz”: “ MYKRbUWNi09bTk4OBdQgPTYBQaT2NnJu57tt0Sto1zdUEKb2Uf31LFPp0ImoKnSbvhiwt2SgRjGW2noiPsiUB8YwOVk8DavWrZDgTHBFwsKZpQfKjCfb6nppF32GgLVcc204“)
a = a,json()
a

Expected behavior

guild and shard count should be sent to the list as fates list does support shard count: https://botblock.org/lists/fateslist.xyz but only the guild count is actually sent which is odd.

Logs or Screenshots

Bug Report

Description

it says

Service Unavailable
HTTP Error 503. The service is unavailable.

Steps to reproduce

go to https://botblock.org/api/bots/438978127973318656 or with any other bot id

Expected behavior

the object with the bot info that it used to have

Logs or Screenshots

Website/API Suggestion

Description

The beginnings of this already exist in src/Util/handleError.js but currently this only handles logging the error to the database.

It would be great if this also handled sending the correct response to the web request so that we can reduce code duplication on all routes that catch errors.

This needs to consider that website routes will want an HTML 500 response but for all API routes, they will expect a JSON response.

Example website usage: src/Routes/Lists.js#L44-L45
Example API usage: src/Routes/API.js#L92-L97

Why

Code duplication is a pain and we want to ensure all errors across the site return a consistent response (API should have a consistent JSON response too).

Website/API Suggestion

Description

The code that is used on the post routes for adding a new list and editing an existing list is almost identical and it this should be consolidated down to a single set of code that bot routes can call to.

Adding: src/Routes/Lists.js#L226-L269
Editing: src/Routes/Lists.js#L321-L393

Why

Code duplication is a pain to deal with and keep track of. If we added new bits to the list model, both routes may need to be updated etc.

Bug Report

Description

When using the website on a smaller screen (In my case 1680x1050) does the navbar switch between showing the description on two lines and on one line. (See gif attached)

This doesn't seem to happen with larger screens (e.g. 1920x1080)

Steps to reproduce

1. Make sure to use a small screen (which may not have "conventional" dimensions like 1680x1050 in my case)
2. Go to any site you want on BotBlock.org

• The navbar on the left should now depict the description of POST /api/count on two lines.

3. Hover over any kind of option in the navbar. Maybe move over it.

• The description for POST /api/count should now switch to one line, or switch constantly between both.

Expected behavior

The description should stay on either one or two lines and not switch between both.

Logs or Screenshots

Bug Report

Description

This bug is only reproducible in the production test suite.

When making multiple valid requests in quick succession to the /api/count endpoint, the ratelimit response is returned as expected.

However, the bot id contained within that response does not match the bot id the request was sent as.

I really have no idea where this failure is coming from, it might be the app itself, but I would expect to then be able to reproduce this in staging or development -- perhaps its related to the load on the site. This could also be some form of caching issue, though Cloudflare is set to never cache API requests and IIS should not be caching anything at all.

Steps to reproduce

1. Be a moderator logged into the production site
2. Run the test suite at /test
3. Observe test failure

Expected behavior

The ratelimit response should have the correct bot id.

Logs or Screenshots

See above.

Website/API Suggestion

Description

The set of features that all bot lists can have run from a database table but there is currently no interface on the website for moderators and admins to easily edit this.

We should add an interface that allows moderators to add new features and edit the display/name of existing features. Admins should have the additional ability to remove features.

This needs to consider the database relation between features & feature_map when features are removed by an admin.

Why

Ease of use, don't want to have to manually edit the database to add or edit a feature.

Website/API Suggestion

Description

The website should have the content from https://github.com/botblock/discord-botlist-best-practices as a sub-page available, to find it easier.

Why

It looks and feels better to have the content of the readme as a page instead of it being a readme on a GitHub repo that barely someone looks at.

Website/API Suggestion

Description

We don't currently have a sitemap available on the site. We should use a job to generate a new sitemap.xml file in the correct static folder every 30 mins.

We should also have a HTML view of the sitemap, which generates on demand. This can also act as a way to regenerate the XML file on the fly, as a request to this page can trigger the job again.

Why

Sitemap.

Website/API Suggestion

Description

Allow the test suite to authenticate into the website as a moderator or as an admin.

Why

This should be done so that fuller tests can be written for staff-only routes within the app.

Website/API Suggestion

Description

The list edit functionality should use an update call on the database to apply any changes from the POST submission, not the current delete/insert logic.

Why

Delete/insert leaves the site vulnerable to data loss if the insert fails, as the previous version of the list has already been deleted. By using an update, if it fails, the old version of the data remains.

Bug Report

Description

Whenever you search for a bot list, at the bottom of the page on the 'footer' it shows the search term with '%20' in between the words

Steps to reproduce

Search for a bot list, scroll to the bottom

Expected behavior

Display the name of the bot list normally

Logs or Screenshots

Like is done for changes to lists, changes to the legacy IDs should send Discord messages to the edit log channel.

Website/API Suggestion

Description

When logging in to the website, upon returning from the OAuth flow, the site should return you to the page you were on when you triggered the login process. The same should apply for logging out, where once the session is cleared it should take you back to the page you were on before (unless it requires auth -- this can either send them to the homepage or back into the login process).

Why

Convenience factor if someone directly navigates to a page that requires auth, they'd like to end up back there once they've logged in instead of on the homepage. The same thing for logging out, they'd like to be able to remain on their current page, not thrown back to the homepage.

Website/API Suggestion

Description

We should add eslint to the test suite with a full rule set based off of the existing code style of the project (pretty standard). If there exists an eslint plugin for pug, we should also make use of that.

Why

Consistent code style.

Website/API Suggestion

Description

The API libraries page runs off of a database table that contains all the library information that is displayed. This should have a way on the website to be able to add, edit & remove API libraries without having to manually access the database to make the changes.

Auth restrictions on this page:

• Moderators can add & edit
• Admins can remove

Why

No one likes having to manually edit a database to make changes to a website page, let's make this moderator friendly by having a page on the website for it.

Bug Report

Description

When going to https://botblock.org/api/docs and clicking on the text in the navigation that reads "Get all BotBlock legacy IDs" does nothing happen.

Steps to reproduce

1. Go to https://botblock.org/api/docs
2. Click on "Get all BotBlock legacy IDs"

Expected behavior

The page should scroll down to the right section.

Logs or Screenshots

Website/API Suggestion

Description

The api send server count but not user count, so using discordbotlist.com it only sends half the information that gets display on the bot page. So an ability to add more fields so we can send more information.

Bug Report

Description

When editing the id of an existing list within the app, it will generate a new message in the lists Discord channel instead of updating the old one. This results in two entries being in the lists_messages table, one with the old list id / message id and another with the new list id / message id.

Steps to reproduce

• Add a list to the app
• Ensure the app posted to the lists Discord channel
• Edit the list id
• Observe the new message generated in the lists Discord channel

Expected behavior

Should update the existing messaged referenced by the old list id.

Logs or Screenshots

N/A

Website/API Suggestion

Description

The listed features in the JSON array features (In GET /api/lists) seems to have a description filed, which contains null values for every feature.
I assume this is for future use of having a description about the specific feature (What makes it positive/negative perhaps)?

If that's the case would I give some ideas for possible descriptions.

• Has Ads on Site
  Site displays advertisement.
• Offers Paid Promotion
  Site offers a way to promote a bot through payment (e.g. paid slots on frontpage).
• Paid Access
  You have to pay in order to gain access to the site and its API.
• HTML Long Description
  Site supports HTML in the bot's long description.
• Has internationalisation Support
  Site supports adding descriptions of a bot in multiple languages.
• Iframe Long Description
  Site supports iframes in the bot's long description.
• Markdown Long Description
  Site supports Markdown in the bot's long description.
• Certified Bot Vanity URLs
  Site offers vanity URLs for certified bots.
• Custom Bot Donate Link
  Site has an option to add a custom donation link for the bot.
• Custom Bot GitHub Link
  Site has an option to add a custom GitHub link to the bot.
• Custom Bot Invite Link
  Site has an option to add a custom invite link for the bot.
• Custom Bot Support Link
  Site has an option to add a custom support link for the bot.
• Custom Bot Website Link
  Site has an option to add a custom website link for the bot.
• Discord Bot Support Link
  Site has an option to add a discord support link.
• Vanity URLs for all
  Site offers a vanity URL for bots.
• Has Voting
  Site offers a way to vote for a bot.
• Votes sent to Webhooks
  Site sends votes through Webhooks.
• Voting Data Exposed
  Site allows others to lookup vote data of a bot (e.g. through an API endpoint).
• Additional Bot Owners/Editors
  Site allows to add additional Bot Owners/Editors to the bot.
• Has Categories or Tags
  Site offers categories or tags that can be added to a bot.
• Has Certification Programm
  Site has an option to get a bot certified.
• Has Mobile Support
  Site is mobile friendly (Can be used on smartphones/tablets).
• Has Search
  Site offers a way to search for bots on it.
• Has Widget
  Site offers a widget (Image depicting specific stats of the bot).
• Requires Owner in Server
  Site requires the Bot Owner to be in its Discord Server.
• Server Count API
  Site offers an API to post the server count of a bot.

Why

Some of the Features can sound confusing or may sound similar. For example, what is the exact difference between Custom Bot Support Link and Discord Bot Support Link?
So a description that might be shown when hovering over it would be a good option imo.