Skip to content

Commit

Permalink
Escape @s in namespaces in OSS-Health Tool (#434)
Browse files Browse the repository at this point in the history
  • Loading branch information
gfs authored Jun 28, 2023
1 parent bc0a736 commit d2c21b9
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 12 deletions.
18 changes: 18 additions & 0 deletions src/Shared.CLI/OSSGadget.cs
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ namespace Microsoft.CST.OpenSource
using System.IO;
using System.Linq;
using System.Reflection;
using System.Text.RegularExpressions;
using static Microsoft.CST.OpenSource.Shared.OutputBuilderFactory;

public class OSSGadget : OssGadgetLib
Expand Down Expand Up @@ -202,5 +203,22 @@ private static List<string> GetCommonSupportedHelpTextLines()
{
return GetCommonSupportedHelpText().Split(Environment.NewLine).ToList<string>();
}

private static Regex detectUnencodedNamespace = new Regex("pkg:[^/]+/(@)[^/]+/[^/]+");
/// <summary>
/// This method converts an @ specified in a PackageURL namespace to %40 to comply with the PackageURL specification.
/// This is only intended for use from CLI context where the input is provided by an interactive user to the application to reduce confusion.
/// </summary>
/// <returns>The PackageURL with @ converted to %40 if it appears in as the first character in the namespace specification.</returns>
protected static string EscapeAtSymbolInNameSpace(string originalPackageUrlString)
{
MatchCollection matches = detectUnencodedNamespace.Matches(originalPackageUrlString);
if (matches.Any())
{
var indexOfAt = matches.First().Groups[1].Index;
return originalPackageUrlString[0..indexOfAt] + "%40" + originalPackageUrlString[(indexOfAt +1)..];
}
return originalPackageUrlString;
}
}
}
12 changes: 2 additions & 10 deletions src/oss-download/DownloadTool.cs
Original file line number Diff line number Diff line change
Expand Up @@ -89,8 +89,6 @@ static async Task<int> Main(string[] args)
return (int)(await downloadTool.RunAsync(opts.Value));
}
}

private Regex detectUnencodedNamespace = new Regex("pkg:[^/]+/(@)[^/]+/[^/]+");

private async Task<ErrorCode> RunAsync(Options options)
{
Expand All @@ -103,14 +101,8 @@ private async Task<ErrorCode> RunAsync(Options options)
// PackageURL requires the @ in a namespace declaration to be escaped
// We find if the namespace contains an @ in the namespace
// And replace it with %40
string? mutableIterationTarget = target;
MatchCollection matches = detectUnencodedNamespace.Matches(target);
if (matches.Any())
{
var indexOfAt = matches.First().Groups[1].Index;
mutableIterationTarget = target[0..indexOfAt] + "%40" + target[(indexOfAt +1)..];
}
PackageURL? purl = new PackageURL(mutableIterationTarget);
string escapedNameSpaceTarget = EscapeAtSymbolInNameSpace(target);
PackageURL? purl = new PackageURL(escapedNameSpaceTarget);
string downloadDirectory = options.DownloadDirectory == "." ? System.IO.Directory.GetCurrentDirectory() : options.DownloadDirectory;
bool useCache = options.UseCache;
PackageDownloader? packageDownloader = new PackageDownloader(purl, ProjectManagerFactory, downloadDirectory, useCache);
Expand Down
11 changes: 9 additions & 2 deletions src/oss-health/HealthTool.cs
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,8 @@ namespace Microsoft.CST.OpenSource
using Contracts;
using Microsoft.CST.OpenSource.PackageManagers;
using PackageUrl;
using System.Linq;
using System.Text.RegularExpressions;

public class HealthTool : OSSGadget
{
Expand Down Expand Up @@ -113,18 +115,23 @@ private void AppendOutput(IOutputBuilder outputBuilder, PackageURL purl, HealthM
}
}


private async Task RunAsync(Options options)
{
// select output destination and format
SelectOutput(options.OutputFile);
IOutputBuilder outputBuilder = SelectFormat(options.Format ?? OutputFormat.text.ToString());
if (options.Targets is IList<string> targetList && targetList.Count > 0)
{
foreach (string? target in targetList)
foreach (string target in targetList)
{
try
{
PackageURL? purl = new PackageURL(target);
// PackageURL requires the @ in a namespace declaration to be escaped
// We find if the namespace contains an @ in the namespace
// And replace it with %40
string escapedNameSpaceTarget = EscapeAtSymbolInNameSpace(target);
PackageURL? purl = new PackageURL(escapedNameSpaceTarget);
HealthMetrics? healthMetrics = CheckHealth(purl).Result;
if (healthMetrics == null)
{
Expand Down

0 comments on commit d2c21b9

Please sign in to comment.