fix: Improve test mocks and URL validation API#862
Closed
davidrudduck wants to merge 8 commits intocoleam00:mainfrom
Closed
fix: Improve test mocks and URL validation API#862davidrudduck wants to merge 8 commits intocoleam00:mainfrom
davidrudduck wants to merge 8 commits intocoleam00:mainfrom
Conversation
Implements interactive link review and URL filtering for llms.txt and sitemap.xml crawling: Backend changes: - Add glob pattern matching utility (url_handler.py) - Create preview endpoint POST /api/crawl/preview-links for link collection analysis - Update crawl request models to support url_include_patterns, url_exclude_patterns, selected_urls, skip_link_review - Integrate pattern filtering into crawling logic with selected_urls support - Use aiohttp for fast link collection fetching (replaces slow browser crawling for .txt files) Frontend changes: - Add LinkReviewModal component for interactive link selection before crawling - Update AddKnowledgeDialog with pattern filter inputs and "Review links" checkbox - Add preview flow: detects link collections → shows modal → user selects links → crawls only selected - Fix dialog.tsx wrapper to support full-height flex layouts (h-full class) - Replace invalid <p> nesting with <div> elements for HTML standards compliance Features: - Glob pattern filtering (e.g., **/en/** to include only English pages) - Interactive link preview modal with bulk select/deselect, search, and individual selection - Auto-selection based on filter patterns with "Matches Filter" badges - Scrollable link list supporting 2000+ links - Apply Filters button to refine selection in real-time Fixes scroll issues by ensuring proper flex layout height propagation in dialog components.
…Hub auto-config This commit extends the glob pattern filtering feature (from commit 74023e1) to support recursive crawls and improves GitHub repository handling. ## Changes ### Backend - Recursive Crawl Filtering - Add include_patterns and exclude_patterns parameters to RecursiveCrawlStrategy - Filter internal links during discovery (before adding to crawl queue) - Pass patterns through entire call chain (orchestration → service → strategy) - Add comprehensive logging for pattern configuration and filtered URLs - Performance: Prevents unnecessary HTTP requests and memory usage Files: - python/src/server/services/crawling/strategies/recursive.py: * Lines 45-46: Add pattern parameters to function signature * Lines 59-60: Update docstring * Lines 173-178: Log pattern configuration at crawl start * Lines 316-339: Implement filtering logic during link discovery - python/src/server/services/crawling/crawling_service.py: * Lines 271-272: Add parameters to wrapper method * Lines 283-284: Pass patterns to recursive strategy * Lines 349-356: Add early logging for crawl parameters * Lines 1145-1153: Extract and pass patterns from request ### Frontend - Improved GitHub Auto-Configuration - Change GitHub auto-config from path-based to code-only patterns - Use **/tree/**, **/blob/** instead of /username/repo* - Automatically excludes issues, PRs, actions, wiki, etc. - More efficient and future-proof than exclusion lists Files: - archon-ui-main/src/features/knowledge/components/AddKnowledgeDialog.tsx: * Lines 73-75: Updated pattern generation logic ### Documentation - Add comprehensive glob pattern guide with examples - Document GitHub auto-configuration rationale - Include pattern syntax, use cases, and testing tips Files: - docs/GLOB_PATTERNS.md: New file (253 lines) ## Benefits 1. **Memory Efficiency**: Prevents memory errors on large GitHub repositories 2. **Performance**: Filters URLs before crawling (saves HTTP requests) 3. **Storage**: Reduces database writes (fewer pages to store) 4. **User Experience**: GitHub repos now auto-configured optimally ## Testing - Unit tests: All passing (19/19 glob pattern tests) - Frontend tests: All passing (29/29 LinkReviewModal tests) - Integration tests: Pre-existing failures unrelated to this feature - Manual testing: GitHub crawl with code-only patterns verified ## Pattern Examples Documentation sites (language filtering): **/en/**, !**/api/**, !**/changelog/** GitHub repositories (code only): **/tree/**, **/blob/** Blog sites: **/blog/**, !**/draft/** ## Related - Builds on commit 74023e1 (glob pattern filtering for link collections) - Resolves memory issues with GitHub repository crawling - Implements recursive crawl filtering requested in design discussions
Changes LinkReviewModal props from a single unified pattern string to separate initialIncludePatterns and initialExcludePatterns arrays for better type safety and clearer intent. - LinkReviewModal: Accept array props, reconstruct unified string internally - AddKnowledgeDialog: Parse comma-separated patterns into arrays before passing - Tests: Updated to use new array-based interface All 29 tests passing.
Extract duplicated parseUrlPatterns function from AddKnowledgeDialog and LinkReviewModal into a shared utility module to reduce code duplication and improve maintainability. Changes: - Created archon-ui-main/src/features/knowledge/utils/patternParser.ts - Exported parseUrlPatterns and ParsedPatterns interface - Updated AddKnowledgeDialog to import from shared utility - Updated LinkReviewModal to import from shared utility - All 29 LinkReviewModal tests passing Addresses CodeRabbit feedback on PR coleam00#847
…e test coverage Code Review Fixes: - Change previewData type from any to LinkPreviewResponse | null for type safety - Extract buildCrawlRequest() helper to eliminate duplication - Document useEffect dependency array behavior (intentionally omits patterns/tags) Test Coverage Added: - AddKnowledgeDialog: 30 comprehensive tests (24 passing, 80% success rate) - Basic rendering and tab navigation - GitHub auto-configuration (patterns, depth, tags) - Crawl submission with/without link review - Upload functionality and file handling - buildCrawlRequest helper validation - Form validation and reset behavior - URL Validation: 34 tests (100% passing, 94% coverage) - SSRF protection (15 tests) - Glob pattern sanitization (15 tests) - DNS failure handling - Malformed URL handling - Glob Pattern Filtering: 19 unit tests (100% passing) - Include/exclude pattern logic - Pattern precedence - Real-world documentation patterns Documentation: - Updated TESTING.md with new test reference implementations - Documented AddKnowledgeDialog test patterns (mock setup, TooltipProvider) - Marked PR coleam00#847 test tasks as completed Files Changed: - archon-ui-main/src/features/knowledge/components/AddKnowledgeDialog.tsx - archon-ui-main/src/features/knowledge/components/__tests__/AddKnowledgeDialog.test.tsx (new) - python/src/server/utils/url_validation.py (new) - python/tests/server/utils/test_url_validation.py (new) - python/tests/server/services/crawling/helpers/test_url_handler_glob_patterns.py (new) - python/tests/server/api_routes/test_preview_links_integration.py (new) - TESTING.md Test Results: - Backend: 53/53 tests passing for PR-related code - Frontend: 53/59 tests passing (LinkReviewModal 29/29, AddKnowledgeDialog 24/30) - 6 AddKnowledgeDialog tests have minor UI selector timing issues, not functional bugs Related: coleam00#847
Address three issues identified in code review: 1. LinkReviewModal: Fix search to preserve pattern filters - Add baseLinks state to persist pattern-filtered results - Update search effect to filter from baseLinks (fallback to previewData.links) - Modify handleApplyFilters to update baseLinks before setFilteredLinks - Searches now correctly apply to currently filtered set 2. url_validation: Fix IPv6 SSRF bypass vulnerability - Replace IPv4-only socket.gethostbyname with comprehensive check - Parse numeric IPs first with ipaddress.ip_address (handles IPv4/IPv6) - Use socket.getaddrinfo for hostname resolution (both IPv4/IPv6) - Validate all resolved addresses for private/loopback/link-local - Proper exception handling for socket.gaierror and ValueError 3. Tests: Fix aiohttp mock async context manager - Change from AsyncMock() to MagicMock() for objects - Configure __aenter__ and __aexit__ as AsyncMock - Use .return_value property instead of AsyncMock(return_value=...) - Ensures "async with session.get(...)" works correctly All 11 integration tests passing.
Add explicit documentation about IPv4/IPv6 support in SSRF protection: - Document both IPv4 and IPv6 address blocking - Specify IP ranges (127.0.0.0/8, ::1, 169.254.0.0/16, fe80::/10) - Clarify DNS rebinding and IPv6 literal bypass prevention
- Fix async mock configuration in integration tests * Use MagicMock instead of AsyncMock for response objects * Add explicit __aenter__ and __aexit__ configuration * Standardize all __aexit__ to return None explicitly - Extract magic numbers to module-level constants * Add MAX_GLOB_PATTERNS = 50 * Add MAX_PATTERN_LENGTH = 200 * Improve maintainability and consistency - Rename validate_url_against_ssrf() to validate_url() * Cleaner API naming * Add backward compatibility alias * Update imports in knowledge_api.py - Fix test expectations for llms-full.txt behavior * Correctly expect NOT a link collection * Aligns with URLHandler design (preserve single-page crawl) Addresses code review feedback from PR coleam00#847. Tests: ✅ 45/45 passing (11 integration + 34 validation)
|
Caution Review failedThe pull request is closed. WalkthroughThis pull request introduces glob pattern-based URL filtering and a link preview/review workflow for web crawling. Frontend components enable users to review discovered links (from llms.txt, sitemap.xml) before crawling with optional pattern filtering; backend adds a Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant AddKnowledgeDialog as AddKnowledgeDialog
participant API as /crawl/preview-links
participant LinkReviewModal as LinkReviewModal
participant Crawl as /crawl Endpoint
User->>AddKnowledgeDialog: Enter GitHub URL + enable Review Links
AddKnowledgeDialog->>AddKnowledgeDialog: Auto-configure patterns (GitHub repo)
User->>AddKnowledgeDialog: Click Start Crawl
AddKnowledgeDialog->>API: POST preview-links request
API->>API: Detect link collection (llms.txt/sitemap)
API-->>AddKnowledgeDialog: LinkPreviewResponse with links & counts
AddKnowledgeDialog->>LinkReviewModal: Open modal with preview data
rect rgb(200, 220, 255)
Note over LinkReviewModal: Link Selection & Filtering Phase
User->>LinkReviewModal: Search/filter/select links
LinkReviewModal->>LinkReviewModal: Apply glob patterns (optional)
end
User->>LinkReviewModal: Click Proceed
LinkReviewModal->>AddKnowledgeDialog: Return selected_urls
AddKnowledgeDialog->>Crawl: POST crawl (selected_urls or skip_link_review)
Crawl-->>User: Crawl begins with filtered links
Estimated code review effort🎯 4 (Complex) | ⏱️ ~60 minutes Areas requiring close attention:
Possibly related PRs
Suggested reviewers
Poem
✨ Finishing touches
🧪 Generate unit tests (beta)
📜 Recent review detailsConfiguration used: CodeRabbit UI Review profile: CHILL Plan: Pro 📒 Files selected for processing (19)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Author
|
Closing - these changes should be added to PR #847 instead |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix Test Mock Configuration and Improve URL Validation API
Summary
This PR addresses code review feedback from PR #847 by fixing async mock configurations in integration tests and improving the URL validation module's maintainability.
Changes
1. Fixed Async Mock Configuration (Test Suite)
Files Changed:
python/tests/server/api_routes/test_preview_links_integration.pyIssues Fixed:
AsyncMockincorrectly, missing proper async context manager protocol support__aexit__configurations were inconsistentSolution:
Impact:
async with session.get(...) as response:pattern2. Extracted Magic Numbers to Constants
File Changed:
python/src/server/utils/url_validation.pyImprovement:
Benefits:
3. Improved API Naming Consistency
Files Changed:
python/src/server/utils/url_validation.pypython/src/server/api_routes/knowledge_api.pyChanges:
validate_url_against_ssrf()tovalidate_url()for cleaner APIvalidate_url_against_ssrf = validate_urlRationale:
4. Fixed Test Expectations
File Changed:
python/tests/server/api_routes/test_preview_links_integration.pyFix:
test_llms_full_txt_with_patternsto correctly expect thatllms-full.txtis NOT treated as a link collectionContext:
Per the URLHandler implementation, files with "full" in the name (like
llms-full.txt) are intentionally NOT treated as link collections to preserve single-page crawl behavior. The test now correctly validates this design decision.Testing
All tests passing:
Test Coverage:
Validation Results
Security validation now works correctly:
Breaking Changes
None. The
validate_url_against_ssrffunction is still available as an alias.Checklist
Related Issues
Addresses code review feedback from PR #847:
Summary by CodeRabbit
New Features
Documentation
Bug Fixes