Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Correctly validate characters in semantic version identifiers #254

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

WowbaggersLiquidLunch
Copy link
Contributor

Semantic Versioning 2.0.0 allows only ASCII alpha-numeric characters and "-" in identifiers.

This change makes version initialization more restrictive, so it might be source breaking.

Same as swiftlang/swift-package-manager#3839, but for TSC's Version.

Semantic Versioning 2.0.0 allows only _ASCII_ alpha-numeric characters and "-" in identifiers.
@WowbaggersLiquidLunch

This comment has been minimized.

1 similar comment
@WowbaggersLiquidLunch

This comment has been minimized.

@tomerd
Copy link
Contributor

tomerd commented Dec 2, 2021

@elsh please help review this one

@tomerd tomerd requested review from elsh and removed request for friedbunny and aciidgh December 2, 2021 00:14
$0.allSatisfy { $0.isASCII && ($0.isLetter || $0.isNumber || $0 == "-") }
},
#"Build metadata identifiers can contain only ASCII alpha-numeric characters and "-"."#
)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am concerned about the use of preconditions here for what could be a runtime issue. should this be throwing instead?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a good point/suggestion. Making it throwing (or failable) also makes it possible to write tests against it.

Also, I found a few more bugs that I'm trying to fix before the 5.6 branch is cut: empty identifiers, leading zeros in numeric identifiers, and negative identifiers should not be allowed according to semver 2.0.0. With so many things to validate, it makes sense to throw errors for them instead of more lines of preconditions.

One slight problem though is that the call sites of this initializer in SwiftPM (and possibly llbuild and swift-driver too) need to be updated when this initializer becomes throwing or failable, so there might need some deprecation dances.

@WowbaggersLiquidLunch WowbaggersLiquidLunch marked this pull request as draft December 2, 2021 14:21
@WowbaggersLiquidLunch
Copy link
Contributor Author

Changed this PR to a draft, because I'm going to do a new PR using throwing initializer as @tomerd suggested.

I'm leaving this draft open until the new PR is opened to gather additional reviews/suggestions.

@elsh elsh self-assigned this Dec 6, 2021
@tomerd tomerd added the wip Work in progress label Mar 2, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
wip Work in progress
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants