osv.dev icon indicating copy to clipboard operation
osv.dev copied to clipboard
verified publisher icon google

Implemented input validation for package name length

Open masterismail opened this issue 2 years ago • 17 comments

I've implemented the input validation for the package name length. The package name will now be checked to ensure it does not exceed the maximum allowed length of 100 characters.

Please review the changes and let me know if you have any feedback or concerns. Once the changes are merged, this issue closes #1452

masterismail avatar Jul 10 '23 13:07 masterismail

@masterismail do you plan on completing this, or should we close it out?

andrewpollock avatar Aug 08 '23 00:08 andrewpollock

hey @andrewpollock , apologise for the delay in getting back to you. I'll be updating the code with the requested changes asap.

masterismail avatar Aug 08 '23 04:08 masterismail

/gcbrun

andrewpollock avatar Aug 08 '23 07:08 andrewpollock

@masterismail there's some linter errors on your change:

gcp/api/server.py:440:0: W0311: Bad indentation. Found 4 spaces, expected 2 (bad-indentation)
gcp/api/server.py:441:0: W0311: Bad indentation. Found 8 spaces, expected 4 (bad-indentation)
gcp/api/server.py:442:0: C0303: Trailing whitespace (trailing-whitespace)
gcp/api/server.py:794:0: C0303: Trailing whitespace (trailing-whitespace)

Please run https://github.com/google/osv.dev/blob/master/tools/lint_and_format.sh on your changes prior to pushing them.

andrewpollock avatar Aug 08 '23 07:08 andrewpollock

@masterismail there's still some formatting errors with this change. Have you run https://github.com/google/osv.dev/blob/master/tools/lint_and_format.sh on it locally? If you run yapf -i gcp/api/server.py it should fix them.

andrewpollock avatar Aug 08 '23 10:08 andrewpollock

@masterismail there's still some formatting errors with this change. Have you run https://github.com/google/osv.dev/blob/master/tools/lint_and_format.sh on it locally? If you run yapf -i gcp/api/server.py it should fix them.

yes, I have run "https://github.com/google/osv.dev/blob/master/tools/lint_and_format.sh " locally, this is what I am getting

Screenshot from 2023-08-08 16-52-25

Please let me know what exactly needs to fixed

masterismail avatar Aug 08 '23 11:08 masterismail

this is what I am getting

Hi, have you set up your local development environment per https://github.com/google/osv.dev/blob/master/CONTRIBUTING.md#contributing-code?

Actually, reviewing that in conjunction with the output you've screenshotted, I can see that there's an undocumented requirement on having the Go toolchain installed. And yapf, which is why you didn't get locally notified about the formatting issues.

Are you as a contributor able to view https://github.com/google/osv.dev/actions/runs/5795924263/job/15708435878?pr=1455 ? That's showing the output of running lint_and_format.sh as part of our CI pipeline.

andrewpollock avatar Aug 08 '23 21:08 andrewpollock

Are you as a contributor able to view https://github.com/google/osv.dev/actions/runs/5795924263/job/15708435878?pr=1455 ? That's showing the output of running lint_and_format.sh as part of our CI pipeline.

yes, i'm able to see those test fails

masterismail avatar Aug 09 '23 13:08 masterismail

this is what I am getting

Hi, have you set up your local development environment per https://github.com/google/osv.dev/blob/master/CONTRIBUTING.md#contributing-code?

yes, I did

masterismail avatar Aug 09 '23 13:08 masterismail

yes, I did

Yes, it turns out there were a few things necessary that weren't explicitly in the documentation, see the #1542 for what else you need to have to be able to properly check your changes locally.

andrewpollock avatar Aug 09 '23 21:08 andrewpollock

yes, i'm able to see those test fails

Cool, do you understand what you need to do to get your PR to pass, based on the failure?

andrewpollock avatar Aug 09 '23 21:08 andrewpollock

yes, i'm able to see those test fails

Cool, do you understand what you need to do to get your PR to pass, based on the failure?

I don't understand why its actually failing, it rates my code 10/10

masterismail avatar Aug 11 '23 15:08 masterismail

I don't understand why its actually failing, it rates my code 10/10

pylint is happy with the change, yapf is not:

--- gcp/api/server.py	(original)
+++ gcp/api/server.py	(reformatted)
@@ -436,9 +436,12 @@
                                         empty_bucket_bitmap,
                                         len(version_query.file_hashes))
 
+
 def validate_package_name(package_name):
   if len(package_name) > MAX_PACKAGE_NAME_LENGTH:
     raise ValueError("Package name exceeds the maximum allowed length.")
+
+
 @ndb.tasklet
 def do_query(query, context: QueryContext, include_details=True):
   """Do a query."""
@@ -780,6 +783,7 @@
 
   return results, cursor
 
+

This is basically saying that you need to insert a blank line before your validate_package_name function and two blank lines after it (before the next function definition, do_query).

Take a moment to look at the formatting of the rest of the file, and you'll see that your change is inconsistent with the formatting of the file. You may also like to familiarise yourself with the Google Python Style Guide more broadly, for future reference.

andrewpollock avatar Aug 14 '23 04:08 andrewpollock

@masterismail checking back in to see if you plan on completing this, or if we should close it?

andrewpollock avatar Oct 10 '23 02:10 andrewpollock

I've committed the changes as requested !

masterismail avatar Oct 10 '23 20:10 masterismail

/gcbrun

andrewpollock avatar Nov 20 '23 04:11 andrewpollock

@masterismail it looks like there's one last lint finding to address, you're close!

andrewpollock avatar Nov 20 '23 05:11 andrewpollock