Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

start-proxy: Fix bug when language is not provided #2723

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

start-proxy: Fix bug when language is not provided #2723

wants to merge 4 commits into from
+415 −140

Conversation

marcogario
Copy link
Contributor

In #2680, I wanted the behavior to consider all existing credentials if the language argument was not provided. This was not the case, though.

I've fixed the bug and added regression tests.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Confirm the readme has been updated if necessary.
  • Confirm the changelog has been updated if necessary.

@marcogario marcogario force-pushed the marcogario/start-proxy_tests branch 2 times, most recently from e934ea2 to 88693ea Compare January 24, 2025 16:39
@marcogario marcogario force-pushed the marcogario/start-proxy_tests branch from 88693ea to 51bb5eb Compare January 24, 2025 16:40
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 24, 2025
View reviewed changes
src/start-proxy.test.ts Dismissed
Comment on lines +36 to +41
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
registryCredentials,
undefined,
),

Check failure

Code scanning / CodeQL

Untrusted data passed to external API with additional heuristic sources High Experimental

Call to ava/types/assertions.ThrowsAssertion()() [callback 0 result] with untrusted data from
e.password
Loading
.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this is a false positive because this is part of the call to the test. The input is part of the input in the test.

@marcogario marcogario marked this pull request as ready for review January 24, 2025 16:49
@marcogario marcogario requested a review from a team as a code owner January 24, 2025 16:49
aeisenberg
aeisenberg reviewed Jan 24, 2025
View reviewed changes
src/start-proxy.ts Show resolved Hide resolved
src/start-proxy.ts Outdated Show resolved Hide resolved
src/start-proxy.ts
const parsed = JSON.parse(credentialsStr) as Credential[];
const out: Credential[] = [];
for (const e of parsed) {
if (e.url === undefined && e.host === undefined) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it also an error if both url and host are defined?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure, I believe the proxy will use the url in that case. I will double check.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a comment.

src/start-proxy.ts

// Filter credentials based on language if specified. `type` is the registry type.
// E.g., "maven_feed" for Java/Kotlin, "nuget_repository" for C#.
if (registryTypeForLanguage && e.type !== registryTypeForLanguage) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If registryTypeForLanguage is undefined and e.type is defined, do we still want to include this?

eg- if e.type is maven_feed and the language is cpp, is this registry still relevant?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this is the behavior that want mostly for backwards compatibility. If no language is specified, we keep the information for all registries. Otherwise, older versions that did not have this input will filter everything away.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 24, 2025
View reviewed changes
src/start-proxy.test.ts Fixed Show fixed Hide fixed
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 24, 2025
View reviewed changes
src/start-proxy.test.ts Dismissed Show dismissed Hide dismissed
@marcogario marcogario requested a review from aeisenberg January 24, 2025 20:55
aeisenberg
aeisenberg reviewed Jan 24, 2025
View reviewed changes
Copy link
Contributor

@aeisenberg aeisenberg left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for fixing. One more thing. I should have mentioned that in the original comment.

src/start-proxy.ts Outdated Show resolved Hide resolved
src/start-proxy.ts Outdated Show resolved Hide resolved
@marcogario marcogario force-pushed the marcogario/start-proxy_tests branch from a65575b to 7c2eafa Compare January 27, 2025 10:09
@marcogario marcogario requested a review from aeisenberg January 27, 2025 10:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aeisenberg aeisenberg Awaiting requested review from aeisenberg

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@marcogario @aeisenberg