fix: Telegram proxy should be opt-in, not auto-discovered #73
Description
Problem
Currently, resolve_proxy() automatically discovers and uses proxies in this order:
- Explicit
BUB_TELEGRAM_PROXYconfig - Environment variables (
HTTPS_PROXY,http_proxy, etc.) - macOS system proxy (via
scutil --proxy) - No proxy
This is dangerous. Steps 2 and 3 cause "accidental proxying" - the bot may silently use a proxy that the user never intended to use.
Real-world scenario
User has a transparent proxy on their router. curl and browsers work fine without any configuration. But python-telegram-bot (using httpx) does NOT automatically use transparent proxies.
However, if the user happens to have HTTPS_PROXY set for some other tool, Bub will automatically pick it up and use it - this is unexpected and wrong.
Expected behavior
| Configuration | Behavior |
|---|---|
BUB_TELEGRAM_PROXY not set |
Direct connection, no proxy |
BUB_TELEGRAM_PROXY=http://... |
Use explicitly configured proxy |
HTTPS_PROXY (env var) |
Ignore (unless explicitly enabled) |
| macOS system proxy | Ignore (unless explicitly enabled) |
Suggested fix
Modify resolve_proxy() in src/bub/channels/utils.py:
def resolve_proxy(explicit_proxy: str | None) -> tuple[str | None, str]:
if explicit_proxy:
return explicit_proxy, "explicit"
# REMOVE: auto-discovery of env vars and system proxy
# Only use proxy if explicitly configured
return None, "none"If users want to use environment variables, they can explicitly opt-in:
# Option 1: Explicit config
export BUB_TELEGRAM_PROXY="$HTTPS_PROXY"
bub message
# Option 2: Direct parameter (if supported)
bub message --telegram-proxy "$HTTPS_PROXY"Impact
- Security: Prevents accidental proxy usage
- Predictability: Bot behaves the same regardless of user environment
- Transparency: User must explicitly choose to use a proxy
Related: The current behavior caused confusion in a real deployment where a user with a transparent router proxy expected the bot to "just work" without any proxy configuration, but the bot was trying (and failing) to auto-discover proxies.