Skip to content

Open Sourced CarbonDB and PowerHOG #1441

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Open Sourced CarbonDB and PowerHOG #1441

wants to merge 3 commits into from

Conversation

@ArneTR
Copy link
Member

@ArneTR ArneTR commented Nov 20, 2025
edited by greptile-apps bot
Loading

Greptile Overview

Greptile Summary

Moved CarbonDB and PowerHOG features from enterprise (ee/) to open source, making them publicly available through new API routes and frontend interfaces.

Major changes:

  • Added 8 new public API routes for CarbonDB and PowerHOG data collection and retrieval
  • Created database schema with 10 new tables for storing energy/carbon metrics and process measurements
  • Implemented geo-IP lookup and carbon intensity calculation via ElectricityMaps API
  • Added frontend dashboards for visualizing carbon and energy data
  • Updated test configuration to enable features by default instead of requiring enterprise flag

Critical issues found:

  • SQL injection vulnerability in api/carbondb.py:187 where table column names are interpolated directly into queries
  • Missing input validation across multiple filter parameters in /v2/carbondb endpoint - comma-separated values aren't validated as integers before database casting
  • Error handling issue in carbondb_add() where negative carbon intensity values (-1 error codes) propagate into calculations, resulting in negative carbon measurements

Other concerns:

  • Hardcoded Berlin coordinates for private IPs may produce misleading production data
  • Frontend uses proper XSS escaping with escapeString() function

@ArneTR
Open Sourced CarbonDB and PowerHOG
9221326
@ArneTR
Merge branch 'main' into open-source-carbondb-powerhog
27aa048 
* main:
  (feat): Added internal self tests for test data validity
  Removing confusing info that message was transported via email
  Update cron schedule and randomize URL input in GitHub Action for testing webNRG
@ArneTR
Setting carbondb and powerhog activate default for tests
fe78664
@ArneTR
Copy link
Member Author

ArneTR commented Nov 20, 2025

@greptileai

greptile-apps[bot]
greptile-apps bot reviewed Nov 20, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

28 files reviewed, 12 comments

Edit Code Review Agent Settings | Greptile

api/api_helpers.py
Comment on lines +1014 to +1018
carbon_intensity_g_per_kWh = get_carbon_intensity(latitude, longitude) # cached

energy_J = float(data['energy_uj']) / 1e6
energy_kWh = energy_J / (3_600*1_000)
carbon_kg = (energy_kWh * carbon_intensity_g_per_kWh)/1_000
Copy link
Contributor

@greptile-apps greptile-apps bot Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

logic: get_carbon_intensity() returns -1 on error but this negative value is used directly in carbon calculation without validation, resulting in negative carbon_kg

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ArneTR