OpenWF/SpaceNinjaServer
12
6
Fork 15
Code Issues 44 Pull Requests 5 Actions Packages Projects Releases Activity

feat: respect client-supplied version information #585

Merged
Sainan merged 2 commits from client-buildLabel into main 2024-12-19 18:11:10 -08:00
Conversation 6 Commits 2 Files Changed 3 +18 -6
Sainan commented 2024-12-18 19:35:49 -08:00
Owner
Copy Link

Newer versions of the DLL (>=0.6.0) can determine the client version and will tell the server via query parameters on these relevant requests. The server of course still needs to have a copy of the relevant H.Cache.bin file.

Newer versions of the DLL (>=0.6.0) can determine the client version and will tell the server via query parameters on these relevant requests. The server of course still needs to have a copy of the relevant H.Cache.bin file.
coderabbitai[bot] commented 2024-12-18 19:35:57 -08:00 (Migrated from github.com)
Author
Owner
Copy Link

Warning

Rate limit exceeded

@Sainan has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 25 minutes and 39 seconds before requesting another review.

How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between e659f228b131be22d04f47a5f7ab4e971d74584f and 48e0d6069e.

📒 Files selected for processing (3)
  • src/controllers/api/loginController.ts (3 hunks)
  • src/controllers/dynamic/worldStateController.ts (1 hunks)
  • src/routes/cache.ts (1 hunks)

Walkthrough

The pull request introduces modifications to three files: loginController.ts, worldStateController.ts, and cache.ts. The primary focus of these changes is to enhance the dynamic handling of build labels and cache versioning across different components of the application.

In the loginController.ts, a new approach is implemented for setting the buildLabel by allowing it to be dynamically sourced from the request query parameter, with a fallback to the default buildConfig.buildLabel. Similarly, the worldStateController.ts now processes the buildLabel by replacing spaces with plus signs and supports dynamic retrieval from the request query.

The cache.ts route has been updated to provide more flexible cache file serving. Instead of always using a static version from buildConfig, the route now supports an optional version query parameter. This parameter allows clients to request specific cache file versions that match a defined date format, with a default fallback to the configuration's version.

These changes collectively improve the application's flexibility in handling build labels and cache versioning, enabling more dynamic configuration and client-side control.

Sequence Diagram

sequenceDiagram
    participant Client
    participant LoginController
    participant WorldStateController
    participant CacheRouter

    Client->>LoginController: Request login with buildLabel
    alt buildLabel in query
        LoginController-->>Client: Process buildLabel from query
    else no buildLabel
        LoginController-->>Client: Use default buildConfig.buildLabel
    end

    Client->>WorldStateController: Request world state
    alt buildLabel in query
        WorldStateController->>WorldStateController: Replace spaces in buildLabel
        WorldStateController-->>Client: Return processed buildLabel
    else no buildLabel
        WorldStateController-->>Client: Use default buildConfig.buildLabel
    end

    Client->>CacheRouter: Request cache file with version
    alt version matches format
        CacheRouter-->>Client: Return specific version cache file
    else no version or invalid format
        CacheRouter-->>Client: Return default buildConfig version cache file
    end

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.
<!-- This is an auto-generated comment: summarize by coderabbit.ai --> <!-- This is an auto-generated comment: rate limited by coderabbit.ai --> > [!WARNING] > ## Rate limit exceeded > > @Sainan has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait **25 minutes and 39 seconds** before requesting another review. > > <details> > <summary>⌛ How to resolve this issue?</summary> > > After the wait time has elapsed, a review can be triggered using the `@coderabbitai review` command as a PR comment. Alternatively, push new commits to this PR. > > We recommend that you space out your commits to avoid hitting the rate limit. > > </details> > > > <details> > <summary>🚦 How do rate limits work?</summary> > > CodeRabbit enforces hourly rate limits for each developer per organization. > > Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. > > Please see our [FAQ](https://docs.coderabbit.ai/faq) for further information. > > </details> > > <details> > <summary>📥 Commits</summary> > > Reviewing files that changed from the base of the PR and between e659f228b131be22d04f47a5f7ab4e971d74584f and 48e0d6069e48195a8d35c7500cb85071ac5d72ec. > > </details> > > <details> > <summary>📒 Files selected for processing (3)</summary> > > * `src/controllers/api/loginController.ts` (3 hunks) > * `src/controllers/dynamic/worldStateController.ts` (1 hunks) > * `src/routes/cache.ts` (1 hunks) > > </details> <!-- end of auto-generated comment: rate limited by coderabbit.ai --> <!-- walkthrough_start --> ## Walkthrough The pull request introduces modifications to three files: `loginController.ts`, `worldStateController.ts`, and `cache.ts`. The primary focus of these changes is to enhance the dynamic handling of build labels and cache versioning across different components of the application. In the `loginController.ts`, a new approach is implemented for setting the `buildLabel` by allowing it to be dynamically sourced from the request query parameter, with a fallback to the default `buildConfig.buildLabel`. Similarly, the `worldStateController.ts` now processes the `buildLabel` by replacing spaces with plus signs and supports dynamic retrieval from the request query. The `cache.ts` route has been updated to provide more flexible cache file serving. Instead of always using a static version from `buildConfig`, the route now supports an optional `version` query parameter. This parameter allows clients to request specific cache file versions that match a defined date format, with a default fallback to the configuration's version. These changes collectively improve the application's flexibility in handling build labels and cache versioning, enabling more dynamic configuration and client-side control. ## Sequence Diagram ```mermaid sequenceDiagram participant Client participant LoginController participant WorldStateController participant CacheRouter Client->>LoginController: Request login with buildLabel alt buildLabel in query LoginController-->>Client: Process buildLabel from query else no buildLabel LoginController-->>Client: Use default buildConfig.buildLabel end Client->>WorldStateController: Request world state alt buildLabel in query WorldStateController->>WorldStateController: Replace spaces in buildLabel WorldStateController-->>Client: Return processed buildLabel else no buildLabel WorldStateController-->>Client: Use default buildConfig.buildLabel end Client->>CacheRouter: Request cache file with version alt version matches format CacheRouter-->>Client: Return specific version cache file else no version or invalid format CacheRouter-->>Client: Return default buildConfig version cache file end ``` <!-- walkthrough_end --> <!-- internal state start --> <!-- FAHghAtBAEAqAWBLAztF0CGA7TBXALgPYQDmAplmQE4b5kAm0AxoQLasX4Bc0ADldEIAjAFZkm+RADcyqIQE9mhetQxChifADoMiaFAB8wY+CjGAxOegAFAErQAyrnYYq84wjJ9cAGx/QqMgBHXFl8aEl8HwZoACIAMzJaHkDkXnFwph9ETghkXF5ebJiZKmREQhxELHjCKlZaCqxY6AB3DFR8oVZNOkYFaFxkakddLGxMLEZ0RBUsSXicxg7oLGchEYBWAA5NrTh4L15cKl5CYcF4iKRUOzRUImgKeGwmL3xD6GGqUoByVDUiGy+EUj0CLBIWEQAC8vNhGAQgTCvKVypU0DU6g1JOj+IQpLMYgMPl4sjl5vtjABBJgsKj0aokCKEa5eFTIJhURC8HFYAA0g14LB6WCZqKaqEIVxJ0AAIgAZeVtIH+DbMDC8NTRS7QFR0erVRms5jFebQcXo+HKvxKdi4KFMWjvG4Y2r1Rrox4y76la5UQi4EjwaAhaiKTU0Dj61DVAJkaJSbDhQKh5D4ZD7BDoJgvUVeRCsIo5B4vcLe6i+1oq1ZkGKPBrVfBjSaC+hOxgsXiKKXGgASWgAwhgc2QtBocIttY88ekqD5FLn6FPDhcU6E0xnoB5PnddKwHiyC3iZMbG6oJE1oBt8K1azgZWTOJNGD6RgMKPkuaLrrRja+BI6OAajOXJOvOcZpJUjBep8FpVJi7q8l8BRFkSoKfI+8wCiSgQDGcdDzIgGB+IozyvEawqapIGjAooVrxPaF6VMRmiKLGDH4CcXgFG2dCbsYABidTQAxVA4bqZBNkCyDYZ8xw2muYTqjgarDm8yDDMsZafLUfiEFW34AKq2PKPAANrwPg+C8MgXAAPR2SQmjwLgQhaMKdlpMOFDVCIHQVtQdkOJqbwAHK+RgDgBVQdnyT4dk7JsAC6AAUlnWbZDlOR8rnuWwnkhT5WB+f+QWFeFxWRdFsW+PFiUAJRaMYhgmJAMAUIwPYYAQxDkJQNB9LaHDzDw/CCKIGTSLIV6KCwKg0Oomg6HoLWmDAWYxgCQE9aQFCqINwrDdwAQYK0yEuG4M1KPNagaNouj6BARitWYwDIFQTB2Sw8z+n41DIHZGqIHZPiEE5WADpU+C/dEVBaOmXDALEyPAJY0BUgAkrt/XtudDSXT2ObYOQyDbl4AAGoPg5DP2EH9VDkyJjFIbG5PvZ933Q3TsMA0DINg9UNNc/T8PIIzLxyHe0CsMoiCLHWh5YFkuAqJgNZnYmoFCNq5NCLgQL0PKajxuTAqtEgOb3BJXIyIw8T+qwxqKWmIahJdEYYFGIy6/rPiG8bPjk/sGPSnJrie5JIzoFghDhBgXzQ4yAqaBJ8TdT46bMsaiY+KEIkO9APsGzTiwkGOvv+xsgeZi6RN5pgemtKgbrS3UbLyOMPRMNAi7ZN+PYyuTABCFdG1XjOxjKVOxqkZxYMMTXAJ4hcjwbY8myJOR+xixrk5QrTygLWC2LIc/DIzwhiBIPcrBsFCtrjjxDM6Xj7+BKiLJQjBF376+B+argiLa3zPPOgGBOpXAZOCKIihAiJECErI0P96Al0QGXPWa8A5BwOOgcBIghj4COlbBoqtYxCFjsGGUakAxmk5EkJCs9KgXCtDKMgAAPFAkhvzUPtMmU+TCyACg/CcCiTDOEUCYGxHA8B9K71Xr/LBVthjaGMAAUSoP6AQvcjSBAbPPDETYJBm2csadhnCjTT27i3HhtDAgeiAlMPgHRkCtDqIwUoctECOiQoxXM5B6A1y8PiVQNpOa/REqDM6A8dLM0vJzao64s69y8NPHAztM5WhsZkOxSFb5kDdII5UHxjTgIZEhaJr8yBnWQX/RmljF4WCsFSDO+0JRZxlCoLI4deSSiuOws4YkYjCWONrLxTxCKSFkM1aAoUWR1xJu0z4nSfDdLaT2fpdRBrDNctkbunBNDFjaNQLwJCQGF3Zl9KGMN/qA14MDVJQtrlw3TEHJGKNgBQAgMYC5YTuY3PoB3T2Xi7KuLnPQBwTY6CPL+c82ybzYioyaVjPq+0Yj5Aut2K48yplL0+OTUFfsIVOmhfTRmDElYsxwGzD6lzab0wBgCzuwKCXgshWQElsNRbizyffGWDJ5bQUVsrVW8d97QEsSJYS2jvyDwwQo8eTjIyRwEPbNgTtgjrnCKGNwgSmYUsvDHM6I4mAAGsYxXHJimLQ2r5Dl0wQq3BCcvwkAANxoCuCnFAydwh4nUsMEsKJiJ5wGIEIow4jReXUkU4MRQhhfDQfPYOHrwjR1jmrNMzrvWp3TpnJ+5RvzINQeg0eWCa7Zj8XCFpZRjTtHQhTeRlcN4zmoCCJRkkd4ygAFIOAAPKhQgmfQpoaVlMCNN6SFYyc55yrMUjpgKu7EXAr62QmlC5ysbdXA4QTSiLqdbgCQXEdQykYfPLwuixgBq+BHZOStc4MhlZ8aoys0Q4AqYXWABYyCM2bWJW1xhGnoyrfYg8xplmrKYTqDZgzOoCBGbs8ZkRizTIALKSRkS+BNtBD08XbDwcm30XYsqJVCq5MKeAn1TPgXs8JYbQAALzQBSgAfRTAKVI9UJ5Up+aR+ldlGVAs+kRtlHLqBcugIAJMJC4EfCEJ4lPHYbkY1WEajUxaMMZSqxiCHGd7Uo5vJ/587mV1EJcJ/TsLybwuaq9C5/oCCyC+sOQ4otEbIwRWjTG2NUUvmcPjTFzAK2k1xWyOWVw+WeOmjKclTFxi0SPXix0I5bABn1Focg+BGZRnQz+cIyTUDpObsJBLOkgSyF1XUNB1RiJoELNEI69ivgBWWAnRo3citeEnF4IQ/lOr3lgv9S8H9qgxFZuuotWgRDIEqNg5eOHBpHlq5werjZ/T0H3dNb6ZSmhVYlY8Y1JrJUCHjuTOCjMbWKojvqDtnx0lJt3id87XsBDoH4LIJ8VpsQjgBF8dIo7Fjd14u1rEv4UoAE0wcg60Mh5DWhZSyhh3D2H9VZJnuSyME99BUAzuDPHNrm9tR0nR2OlkHxfxwVu4Pe7HtHtWzUMMM0wl6CEGmjHcIH3KGfH6RkGIbpsRZo/jmkDPox0YUc+1kr33xDhf6IoQtlRS5aBO2W1A2Lxm5ijZF6IHCaKsTi14DqZxGxXUXfpCippc0snSRL37k7+sQbfbjjrbQkDaj0VJKE3CRKLq66axZbJ8k5vNLbrADTEWAf1MB33EkukDTWX0thAytmwZ2WM/ZkzAswFmf54mEXidLPECsmPdu48J6GUn0ZeyJmHNvIEaW4CzkfHQPy+ITVXNWeemtcZEC8BEE8wNGIh1OApFOnjVwigBhzVUIte6K0nqgDakNTQTHZjIBY2QAkVSGBMbTK4cILU59QCeAANk2AATniAAJnP9sIQABGAAzDfjYl/6AAAYAAs8Q38AHYMCbHiD/oQN/MgE/L/G/egL/N/HYD/R6dvefQ6RfZfVfdfW8egJjDqGAoAA --> <!-- internal state end --> <!-- tips_start --> --- Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? <details> <summary>❤️ Share</summary> - [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code) </details> <details> <summary>🪧 Tips</summary> ### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit <commit_id>, please review it.` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (Invoked using PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. ### Other keywords and placeholders - Add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. - Add `@coderabbitai summary` to generate the high-level summary at a specific location in the PR description. - Add `@coderabbitai` anywhere in the PR title to generate the title automatically. ### Documentation and Community - Visit our [Documentation](https://docs.coderabbit.ai) for detailed information on how to use CodeRabbit. - Join our [Discord Community](http://discord.gg/coderabbit) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements. </details> <!-- tips_end -->
coderabbitai[bot] (Migrated from github.com) reviewed 2024-12-18 19:38:32 -08:00
coderabbitai[bot] (Migrated from github.com) left a comment
Author
Owner
Copy Link

Actionable comments posted: 2

🧹 Nitpick comments (1)
src/controllers/dynamic/worldStateController.ts (1)

6-9: Consider enhancing input validation for buildLabel

While the space-to-plus conversion is good, consider adding more robust input validation:

  1. Maximum length check to prevent potential buffer overflow
  2. Character set validation to ensure only expected characters are present
 const buildLabel: string =
     typeof req.query.buildLabel == "string"
-        ? String(req.query.buildLabel).split(" ").join("+")
+        ? validateBuildLabel(req.query.buildLabel)
         : buildConfig.buildLabel;

+function validateBuildLabel(label: string): string {
+    if (label.length > 100) { // adjust max length as needed
+        return buildConfig.buildLabel;
+    }
+    if (!/^[a-zA-Z0-9\s+._-]*$/.test(label)) {
+        return buildConfig.buildLabel;
+    }
+    return label.split(" ").join("+");
+}
📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 259bfa1362 and e659f228b131be22d04f47a5f7ab4e971d74584f.

📒 Files selected for processing (3)
  • src/controllers/api/loginController.ts (3 hunks)
  • src/controllers/dynamic/worldStateController.ts (1 hunks)
  • src/routes/cache.ts (1 hunks)
🧰 Additional context used
🪛 GitHub Check: build (22)
src/routes/cache.ts

[failure] 9-9:
'req.query.version' may use Object's default stringification format ('[object Object]') when stringified

🪛 GitHub Check: build (20)
src/routes/cache.ts

[failure] 9-9:
'req.query.version' may use Object's default stringification format ('[object Object]') when stringified

🪛 GitHub Check: build (18)
src/routes/cache.ts

[failure] 9-9:
'req.query.version' may use Object's default stringification format ('[object Object]') when stringified

🔇 Additional comments (1)
src/controllers/api/loginController.ts (1)

53-53: Verify consistent BuildLabel usage across responses

The BuildLabel is set consistently in both the new account and existing account responses. However, let's verify this is used consistently across all endpoints.

Also applies to: 89-89

Verification successful

BuildLabel is used consistently across all endpoints and types

The verification shows that BuildLabel is used consistently throughout the codebase:

  • In login responses (loginTypes.ts and loginController.ts)
  • In world state responses (worldStateController.ts)
  • In purchase and sell types (purchaseTypes.ts and sellTypes.ts)

All instances follow the same pattern where:

  1. They use the same casing (BuildLabel in responses, buildLabel in request types)
  2. They consistently source the value from either the query parameter or buildConfig.buildLabel
  3. They handle the value in the same way (joining with '+' when from query)
🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for all BuildLabel usages to ensure consistency
rg -l 'BuildLabel.*buildConfig\.buildLabel' | while read -r file; do
    echo "=== $file ==="
    rg -A 2 -B 2 'BuildLabel.*buildConfig\.buildLabel' "$file"
done

Length of output: 60

Script:

#!/bin/bash
# Search for BuildLabel usage patterns more broadly
rg -i "buildlabel" -A 2 -B 2

Length of output: 3890

Script:

#!/bin/bash
# Search for response objects containing BuildLabel
ast-grep --pattern 'BuildLabel: $_'

Length of output: 37

Script:

#!/bin/bash
# Look for build label related configurations
rg -i "build.*label"

Length of output: 1285

**Actionable comments posted: 2** <details> <summary>🧹 Nitpick comments (1)</summary><blockquote> <details> <summary>src/controllers/dynamic/worldStateController.ts (1)</summary><blockquote> `6-9`: **Consider enhancing input validation for buildLabel** While the space-to-plus conversion is good, consider adding more robust input validation: 1. Maximum length check to prevent potential buffer overflow 2. Character set validation to ensure only expected characters are present ```diff const buildLabel: string = typeof req.query.buildLabel == "string" - ? String(req.query.buildLabel).split(" ").join("+") + ? validateBuildLabel(req.query.buildLabel) : buildConfig.buildLabel; +function validateBuildLabel(label: string): string { + if (label.length > 100) { // adjust max length as needed + return buildConfig.buildLabel; + } + if (!/^[a-zA-Z0-9\s+._-]*$/.test(label)) { + return buildConfig.buildLabel; + } + return label.split(" ").join("+"); +} ``` </blockquote></details> </blockquote></details> <details> <summary>📜 Review details</summary> **Configuration used: .coderabbit.yaml** **Review profile: CHILL** **Plan: Pro** <details> <summary>📥 Commits</summary> Reviewing files that changed from the base of the PR and between 259bfa136220e663fe5205dfb1db8b5a6630e71a and e659f228b131be22d04f47a5f7ab4e971d74584f. </details> <details> <summary>📒 Files selected for processing (3)</summary> * `src/controllers/api/loginController.ts` (3 hunks) * `src/controllers/dynamic/worldStateController.ts` (1 hunks) * `src/routes/cache.ts` (1 hunks) </details> <details> <summary>🧰 Additional context used</summary> <details> <summary>🪛 GitHub Check: build (22)</summary> <details> <summary>src/routes/cache.ts</summary> [failure] 9-9: 'req.query.version' may use Object's default stringification format ('[object Object]') when stringified </details> </details> <details> <summary>🪛 GitHub Check: build (20)</summary> <details> <summary>src/routes/cache.ts</summary> [failure] 9-9: 'req.query.version' may use Object's default stringification format ('[object Object]') when stringified </details> </details> <details> <summary>🪛 GitHub Check: build (18)</summary> <details> <summary>src/routes/cache.ts</summary> [failure] 9-9: 'req.query.version' may use Object's default stringification format ('[object Object]') when stringified </details> </details> </details> <details> <summary>🔇 Additional comments (1)</summary> <details> <summary>src/controllers/api/loginController.ts (1)</summary> `53-53`: **Verify consistent BuildLabel usage across responses** The BuildLabel is set consistently in both the new account and existing account responses. However, let's verify this is used consistently across all endpoints. Also applies to: 89-89 <details> <summary>✅ Verification successful</summary> **BuildLabel is used consistently across all endpoints and types** The verification shows that BuildLabel is used consistently throughout the codebase: - In login responses (`loginTypes.ts` and `loginController.ts`) - In world state responses (`worldStateController.ts`) - In purchase and sell types (`purchaseTypes.ts` and `sellTypes.ts`) All instances follow the same pattern where: 1. They use the same casing (`BuildLabel` in responses, `buildLabel` in request types) 2. They consistently source the value from either the query parameter or `buildConfig.buildLabel` 3. They handle the value in the same way (joining with '+' when from query) </details> <details> <summary>🏁 Scripts executed</summary> The following scripts were executed for the analysis: Script: ```shell #!/bin/bash # Search for all BuildLabel usages to ensure consistency rg -l 'BuildLabel.*buildConfig\.buildLabel' | while read -r file; do echo "=== $file ===" rg -A 2 -B 2 'BuildLabel.*buildConfig\.buildLabel' "$file" done ``` Length of output: 60 --- Script: ```shell #!/bin/bash # Search for BuildLabel usage patterns more broadly rg -i "buildlabel" -A 2 -B 2 ``` Length of output: 3890 --- Script: ```shell #!/bin/bash # Search for response objects containing BuildLabel ast-grep --pattern 'BuildLabel: $_' ``` Length of output: 37 --- Script: ```shell #!/bin/bash # Look for build label related configurations rg -i "build.*label" ``` Length of output: 1285 </details> </details> </details> </details> <!-- This is an auto-generated comment by CodeRabbit for review status -->
src/controllers/api/loginController.ts
coderabbitai[bot] (Migrated from github.com) commented 2024-12-18 19:38:31 -08:00
Author
Owner
Copy Link

🛠️ Refactor suggestion

Extract common buildLabel logic to shared utility

The buildLabel processing logic is duplicated across controllers. Consider extracting it to a shared utility function.

+// src/utils/buildLabelUtils.ts
+export function processBuildLabel(label: string | undefined): string {
+    if (typeof label !== 'string') {
+        return buildConfig.buildLabel;
+    }
+    if (label.length > 100) {
+        return buildConfig.buildLabel;
+    }
+    if (!/^[a-zA-Z0-9\s+._-]*$/.test(label)) {
+        return buildConfig.buildLabel;
+    }
+    return label.split(" ").join("+");
+}

-const buildLabel: string =
-    typeof request.query.buildLabel == "string"
-        ? String(request.query.buildLabel).split(" ").join("+")
-        : buildConfig.buildLabel;
+const buildLabel = processBuildLabel(request.query.buildLabel);

Committable suggestion skipped: line range outside the PR's diff.

_:hammer_and_wrench: Refactor suggestion_ **Extract common buildLabel logic to shared utility** The buildLabel processing logic is duplicated across controllers. Consider extracting it to a shared utility function. ```diff +// src/utils/buildLabelUtils.ts +export function processBuildLabel(label: string | undefined): string { + if (typeof label !== 'string') { + return buildConfig.buildLabel; + } + if (label.length > 100) { + return buildConfig.buildLabel; + } + if (!/^[a-zA-Z0-9\s+._-]*$/.test(label)) { + return buildConfig.buildLabel; + } + return label.split(" ").join("+"); +} -const buildLabel: string = - typeof request.query.buildLabel == "string" - ? String(request.query.buildLabel).split(" ").join("+") - : buildConfig.buildLabel; +const buildLabel = processBuildLabel(request.query.buildLabel); ``` > Committable suggestion skipped: line range outside the PR's diff. <!-- This is an auto-generated reply by CodeRabbit -->
src/routes/cache.ts
coderabbitai[bot] (Migrated from github.com) commented 2024-12-18 19:38:31 -08:00
Author
Owner
Copy Link

⚠️ Potential issue

Address potential security and robustness issues

Several concerns need to be addressed:

  1. Potential Object stringification issue with req.query.version
  2. Path traversal vulnerability risk
  3. Missing error handling for non-existent cache files
-if (req.query.version && String(req.query.version).match(/^\d\d\d\d\.\d\d\.\d\d\.\d\d\.\d\d$/)) {
-    res.sendFile(`static/data/H.Cache_${req.query.version}.bin`, { root: "./" });
-} else {
-    res.sendFile(`static/data/H.Cache_${buildConfig.version}.bin`, { root: "./" });
-}
+const version = typeof req.query.version === 'string' ? req.query.version : '';
+if (version && version.match(/^\d{4}\.\d{2}\.\d{2}\.\d{2}\.\d{2}$/)) {
+    const safePath = `static/data/H.Cache_${version}.bin`;
+    try {
+        await fs.access(safePath);
+        res.sendFile(safePath, { root: "./" });
+    } catch (err) {
+        logger.warn(`Cache file not found for version ${version}`);
+        res.sendFile(`static/data/H.Cache_${buildConfig.version}.bin`, { root: "./" });
+    }
+} else {
+    res.sendFile(`static/data/H.Cache_${buildConfig.version}.bin`, { root: "./" });
+}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

    const version = typeof req.query.version === 'string' ? req.query.version : '';
    if (version && version.match(/^\d{4}\.\d{2}\.\d{2}\.\d{2}\.\d{2}$/)) {
        const safePath = `static/data/H.Cache_${version}.bin`;
        try {
            await fs.access(safePath);
            res.sendFile(safePath, { root: "./" });
        } catch (err) {
            logger.warn(`Cache file not found for version ${version}`);
            res.sendFile(`static/data/H.Cache_${buildConfig.version}.bin`, { root: "./" });
        }
    } else {
        res.sendFile(`static/data/H.Cache_${buildConfig.version}.bin`, { root: "./" });
    }
🧰 Tools
🪛 GitHub Check: build (22)

[failure] 9-9:
'req.query.version' may use Object's default stringification format ('[object Object]') when stringified

🪛 GitHub Check: build (20)

[failure] 9-9:
'req.query.version' may use Object's default stringification format ('[object Object]') when stringified

🪛 GitHub Check: build (18)

[failure] 9-9:
'req.query.version' may use Object's default stringification format ('[object Object]') when stringified

_:warning: Potential issue_ **Address potential security and robustness issues** Several concerns need to be addressed: 1. Potential Object stringification issue with req.query.version 2. Path traversal vulnerability risk 3. Missing error handling for non-existent cache files ```diff -if (req.query.version && String(req.query.version).match(/^\d\d\d\d\.\d\d\.\d\d\.\d\d\.\d\d$/)) { - res.sendFile(`static/data/H.Cache_${req.query.version}.bin`, { root: "./" }); -} else { - res.sendFile(`static/data/H.Cache_${buildConfig.version}.bin`, { root: "./" }); -} +const version = typeof req.query.version === 'string' ? req.query.version : ''; +if (version && version.match(/^\d{4}\.\d{2}\.\d{2}\.\d{2}\.\d{2}$/)) { + const safePath = `static/data/H.Cache_${version}.bin`; + try { + await fs.access(safePath); + res.sendFile(safePath, { root: "./" }); + } catch (err) { + logger.warn(`Cache file not found for version ${version}`); + res.sendFile(`static/data/H.Cache_${buildConfig.version}.bin`, { root: "./" }); + } +} else { + res.sendFile(`static/data/H.Cache_${buildConfig.version}.bin`, { root: "./" }); +} ``` <!-- suggestion_start --> <details> <summary>📝 Committable suggestion</summary> > ‼️ **IMPORTANT** > Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements. `````suggestion const version = typeof req.query.version === 'string' ? req.query.version : ''; if (version && version.match(/^\d{4}\.\d{2}\.\d{2}\.\d{2}\.\d{2}$/)) { const safePath = `static/data/H.Cache_${version}.bin`; try { await fs.access(safePath); res.sendFile(safePath, { root: "./" }); } catch (err) { logger.warn(`Cache file not found for version ${version}`); res.sendFile(`static/data/H.Cache_${buildConfig.version}.bin`, { root: "./" }); } } else { res.sendFile(`static/data/H.Cache_${buildConfig.version}.bin`, { root: "./" }); } ````` </details> <!-- suggestion_end --> <details> <summary>🧰 Tools</summary> <details> <summary>🪛 GitHub Check: build (22)</summary> [failure] 9-9: 'req.query.version' may use Object's default stringification format ('[object Object]') when stringified </details> <details> <summary>🪛 GitHub Check: build (20)</summary> [failure] 9-9: 'req.query.version' may use Object's default stringification format ('[object Object]') when stringified </details> <details> <summary>🪛 GitHub Check: build (18)</summary> [failure] 9-9: 'req.query.version' may use Object's default stringification format ('[object Object]') when stringified </details> </details> <!-- This is an auto-generated reply by CodeRabbit -->
Sainan reviewed 2024-12-18 19:41:04 -08:00
src/routes/cache.ts
Sainan commented 2024-12-18 19:41:04 -08:00
Author
Owner
Copy Link

Bro's on that dollar store kush

Bro's on that dollar store kush
coderabbitai[bot] (Migrated from github.com) reviewed 2024-12-18 19:41:24 -08:00
src/routes/cache.ts
coderabbitai[bot] (Migrated from github.com) commented 2024-12-18 19:41:24 -08:00
Author
Owner
Copy Link

@Sainan, thanks for your comment. Let me know if there’s anything specific you’d like me to address or clarify.

@Sainan, thanks for your comment. Let me know if there’s anything specific you’d like me to address or clarify. <!-- This is an auto-generated reply by CodeRabbit -->
Sainan reviewed 2024-12-18 19:41:29 -08:00
src/controllers/api/loginController.ts
Sainan commented 2024-12-18 19:41:29 -08:00
Author
Owner
Copy Link

Label my builds daddy

Label my builds daddy
coderabbitai[bot] (Migrated from github.com) reviewed 2024-12-18 19:42:05 -08:00
src/controllers/api/loginController.ts
coderabbitai[bot] (Migrated from github.com) commented 2024-12-18 19:42:05 -08:00
Author
Owner
Copy Link

@Sainan, it looks like you’re ready to roll with those build labels! Let me know if there’s any specific change you’d like me to make regarding the label processing logic, or if everything is good as-is.

@Sainan, it looks like you’re ready to roll with those build labels! Let me know if there’s any specific change you’d like me to make regarding the label processing logic, or if everything is good as-is. <!-- This is an auto-generated reply by CodeRabbit -->
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
bug
An existing implemention is incorrect
dependencies
Pull requests that update a dependency file
documentation
Improvements or additions to documentation
enhancement
New feature or request specific to the emulator
help wanted
Extra attention is needed
improvement
missing data
part of more major rehaul
Can't be worked on right now without merge conflicts later
pr'd for
Soon™
question
Further information is requested
unimplemented
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: OpenWF/SpaceNinjaServer#585
No description provided.
Delete Branch "client-buildLabel"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?