From db3d96999e3cc2f54a186c49114ed65f6bc63c32 Mon Sep 17 00:00:00 2001 From: Knowit <1604106@ce.buet.ac.bd> Date: Mon, 20 Apr 2026 15:29:48 +0800 Subject: [PATCH] Fix FX endpoint and harden gitignore - frankfurter.app now redirects to frankfurter.dev/v1/ and blocks the default Python urllib UA with 403. Hit the new endpoint directly and send a named User-Agent. - Extend .gitignore to block common service-account and credential file patterns (asset/, *-sa.json, *-service-account*.json, *credentials*.json, *-key.json) so keys can't be committed by accident. Co-Authored-By: Claude Opus 4.7 (1M context) --- .gitignore | 7 +++++++ scripts/fx_convert.py | 5 +++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index a4fb6d7..bce4dfa 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,10 @@ config.json *.pyc __pycache__/ .DS_Store + +# Never commit service-account keys or credentials +asset/ +*-sa.json +*-service-account*.json +*credentials*.json +*-key.json diff --git a/scripts/fx_convert.py b/scripts/fx_convert.py index 6225e16..b8c211d 100755 --- a/scripts/fx_convert.py +++ b/scripts/fx_convert.py @@ -22,8 +22,9 @@ def fetch_rate(currency: str, on_date: str) -> tuple[float, str]: currency = currency.upper() if currency == "HKD": return 1.0, on_date - url = f"https://api.frankfurter.app/{on_date}?from={currency}&to=HKD" - with urllib.request.urlopen(url, timeout=10) as resp: + url = f"https://api.frankfurter.dev/v1/{on_date}?from={currency}&to=HKD" + req = urllib.request.Request(url, headers={"User-Agent": "AutoACCT/1.0"}) + with urllib.request.urlopen(req, timeout=10) as resp: data = json.loads(resp.read()) rate = data["rates"]["HKD"] return float(rate), data["date"]