Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Min/Max for type array to generate better faker.helpers.arrayElements functionality #1339

Merged
merged 3 commits into from
Oct 7, 2024
Merged

Min/Max for type array to generate better faker.helpers.arrayElements functionality #1339

merged 3 commits into from
Oct 7, 2024

Conversation

stijnvanhulle
Copy link
Collaborator

No description provided.

@stijnvanhulle stijnvanhulle added bug Something isn't working v3 Kubb v3 labels Oct 7, 2024
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Oct 7, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 646e6b2

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 24 packages
Name Type
@kubb/plugin-faker Patch
@kubb/plugin-msw Patch
@kubb/cli Patch
@kubb/config-biome Patch
@kubb/config-ts Patch
@kubb/config-tsup Patch
@kubb/core Patch
@kubb/fs Patch
@kubb/oas Patch
@kubb/parser-ts Patch
@kubb/plugin-client Patch
@kubb/plugin-oas Patch
@kubb/plugin-react-query Patch
@kubb/plugin-redoc Patch
@kubb/plugin-solid-query Patch
@kubb/plugin-svelte-query Patch
@kubb/plugin-swr Patch
@kubb/plugin-ts Patch
@kubb/plugin-vue-query Patch
@kubb/plugin-zod Patch
@kubb/react Patch
@kubb/types Patch
kubb Patch
unplugin-kubb Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@stijnvanhulle stijnvanhulle linked an issue Oct 7, 2024 that may be closed by this pull request
Generated mocks fails to match the requirements of Zod #1335
Closed
@codecov Codecov
Copy link

codecov bot commented Oct 7, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 86.11%. Comparing base (ab92467) to head (646e6b2).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1339      +/-   ##
==========================================
- Coverage   86.14%   86.11%   -0.04%     
==========================================
  Files         155      155              
  Lines        9571     9571              
  Branches     1824     1824              
==========================================
- Hits         8245     8242       -3     
- Misses       1315     1318       +3     
  Partials       11       11

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 7, 2024
View reviewed changes
packages/plugin-faker/src/parser/index.ts
const item = items.at(0)

if (min !== undefined && max !== undefined) {
return `faker.helpers.multiple(() => (${item}), { count: { min: ${min}, max: ${max} }}) as any`

Check warning

Code scanning / CodeQL

Improper code sanitization Medium

Code construction depends on an
improperly sanitized value
Loading
.

Copilot Autofix AI 3 months ago

To fix the problem, we need to ensure that any potentially dangerous characters in the item variable are properly escaped before being used in the template literal. This can be achieved by implementing an escapeUnsafeChars function that replaces dangerous characters with their escaped equivalents. We will then use this function to sanitize the item variable before including it in the template literal.

Suggested changeset 1
packages/plugin-faker/src/parser/index.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/packages/plugin-faker/src/parser/index.ts b/packages/plugin-faker/src/parser/index.ts
--- a/packages/plugin-faker/src/parser/index.ts
+++ b/packages/plugin-faker/src/parser/index.ts
@@ -6,2 +6,21 @@
 
+const charMap = {
+  '<': '\\u003C',
+  '>' : '\\u003E',
+  '/': '\\u002F',
+  '\\': '\\\\',
+  '\b': '\\b',
+  '\f': '\\f',
+  '\n': '\\n',
+  '\r': '\\r',
+  '\t': '\\t',
+  '\0': '\\0',
+  '\u2028': '\\u2028',
+  '\u2029': '\\u2029'
+};
+
+function escapeUnsafeChars(str) {
+  return str.replace(/[<>\b\f\n\r\t\0\u2028\u2029]/g, x => charMap[x])
+}
+
 const fakerKeywordMapper = {
@@ -61,3 +80,3 @@
     }
-    const item = items.at(0)
+    const item = escapeUnsafeChars(items.at(0))
 
EOF
@@ -6,2 +6,21 @@

const charMap = {
'<': '\\u003C',
'>' : '\\u003E',
'/': '\\u002F',
'\\': '\\\\',
'\b': '\\b',
'\f': '\\f',
'\n': '\\n',
'\r': '\\r',
'\t': '\\t',
'\0': '\\0',
'\u2028': '\\u2028',
'\u2029': '\\u2029'
};

function escapeUnsafeChars(str) {
return str.replace(/[<>\b\f\n\r\t\0\u2028\u2029]/g, x => charMap[x])
}

const fakerKeywordMapper = {
@@ -61,3 +80,3 @@
}
const item = items.at(0)
const item = escapeUnsafeChars(items.at(0))

Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
packages/plugin-faker/src/parser/index.ts
return `faker.helpers.multiple(() => (${item}), { count: { min: ${min}, max: ${max} }}) as any`
}
if (min !== undefined) {
return `faker.helpers.multiple(() => (${item}), { count: ${min} }) as any`

Check warning

Code scanning / CodeQL

Improper code sanitization Medium

Code construction depends on an
improperly sanitized value
Loading
.

Copilot Autofix AI 3 months ago

To fix the problem, we need to ensure that any user-controlled input used in constructing JavaScript code is properly sanitized. This involves escaping potentially dangerous characters before using them in template literals. We can create a utility function to escape these characters and use it in the relevant parts of the code.

  1. Create a utility function escapeUnsafeChars to escape potentially dangerous characters.
  2. Use this function to sanitize the item variable in the fakerKeywordMapper.array function.
Suggested changeset 1
packages/plugin-faker/src/parser/index.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/packages/plugin-faker/src/parser/index.ts b/packages/plugin-faker/src/parser/index.ts
--- a/packages/plugin-faker/src/parser/index.ts
+++ b/packages/plugin-faker/src/parser/index.ts
@@ -6,2 +6,21 @@
 
+const charMap = {
+  '<': '\\u003C',
+  '>' : '\\u003E',
+  '/': '\\u002F',
+  '\\': '\\\\',
+  '\b': '\\b',
+  '\f': '\\f',
+  '\n': '\\n',
+  '\r': '\\r',
+  '\t': '\\t',
+  '\0': '\\0',
+  '\u2028': '\\u2028',
+  '\u2029': '\\u2029'
+};
+
+function escapeUnsafeChars(str) {
+  return str.replace(/[<>\b\f\n\r\t\0\u2028\u2029]/g, x => charMap[x])
+}
+
 const fakerKeywordMapper = {
@@ -61,3 +80,3 @@
     }
-    const item = items.at(0)
+    const item = escapeUnsafeChars(items.at(0))
 
EOF
@@ -6,2 +6,21 @@

const charMap = {
'<': '\\u003C',
'>' : '\\u003E',
'/': '\\u002F',
'\\': '\\\\',
'\b': '\\b',
'\f': '\\f',
'\n': '\\n',
'\r': '\\r',
'\t': '\\t',
'\0': '\\0',
'\u2028': '\\u2028',
'\u2029': '\\u2029'
};

function escapeUnsafeChars(str) {
return str.replace(/[<>\b\f\n\r\t\0\u2028\u2029]/g, x => charMap[x])
}

const fakerKeywordMapper = {
@@ -61,3 +80,3 @@
}
const item = items.at(0)
const item = escapeUnsafeChars(items.at(0))

Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
packages/plugin-faker/src/parser/index.ts
return `faker.helpers.multiple(() => (${item}), { count: ${min} }) as any`
}
if (max !== undefined) {
return `faker.helpers.multiple(() => (${item}), { count: { min: 0, max: ${max} }}) as any`

Check warning

Code scanning / CodeQL

Improper code sanitization Medium

Code construction depends on an
improperly sanitized value
Loading
.

Copilot Autofix AI 3 months ago

To fix the problem, we need to ensure that the item variable is properly sanitized before being used in the template literal. We can achieve this by escaping potentially dangerous characters in the item string. This can be done by creating a utility function to escape unsafe characters and applying it to the item variable before it is used in the template literal.

  1. Create a utility function escapeUnsafeChars to escape potentially dangerous characters.
  2. Apply this function to the item variable before it is used in the template literal on line 71 in packages/plugin-faker/src/parser/index.ts.
Suggested changeset 1
packages/plugin-faker/src/parser/index.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/packages/plugin-faker/src/parser/index.ts b/packages/plugin-faker/src/parser/index.ts
--- a/packages/plugin-faker/src/parser/index.ts
+++ b/packages/plugin-faker/src/parser/index.ts
@@ -6,2 +6,21 @@
 
+const charMap = {
+  '<': '\\u003C',
+  '>' : '\\u003E',
+  '/': '\\u002F',
+  '\\': '\\\\',
+  '\b': '\\b',
+  '\f': '\\f',
+  '\n': '\\n',
+  '\r': '\\r',
+  '\t': '\\t',
+  '\0': '\\0',
+  '\u2028': '\\u2028',
+  '\u2029': '\\u2029'
+};
+
+function escapeUnsafeChars(str) {
+  return str.replace(/[<>\b\f\n\r\t\0\u2028\u2029]/g, x => charMap[x])
+}
+
 const fakerKeywordMapper = {
@@ -61,3 +80,3 @@
     }
-    const item = items.at(0)
+    const item = escapeUnsafeChars(items.at(0))
 
EOF
@@ -6,2 +6,21 @@

const charMap = {
'<': '\\u003C',
'>' : '\\u003E',
'/': '\\u002F',
'\\': '\\\\',
'\b': '\\b',
'\f': '\\f',
'\n': '\\n',
'\r': '\\r',
'\t': '\\t',
'\0': '\\0',
'\u2028': '\\u2028',
'\u2029': '\\u2029'
};

function escapeUnsafeChars(str) {
return str.replace(/[<>\b\f\n\r\t\0\u2028\u2029]/g, x => charMap[x])
}

const fakerKeywordMapper = {
@@ -61,3 +80,3 @@
}
const item = items.at(0)
const item = escapeUnsafeChars(items.at(0))

Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
packages/plugin-faker/src/parser/index.ts
return `faker.helpers.multiple(() => (${item}), { count: { min: 0, max: ${max} }}) as any`
}

return `faker.helpers.multiple(() => (${item})) as any`

Check warning

Code scanning / CodeQL

Improper code sanitization Medium

Code construction depends on an
improperly sanitized value
Loading
.

Copilot Autofix AI 3 months ago

To fix the problem, we need to ensure that any potentially dangerous characters in the item variable are properly escaped before being used in string concatenation. We can achieve this by implementing an escapeUnsafeChars function similar to the one provided in the example and using it to sanitize the item variable.

  1. Implement an escapeUnsafeChars function to escape potentially dangerous characters.
  2. Use this function to sanitize the item variable before it is used in string concatenation.
Suggested changeset 1
packages/plugin-faker/src/parser/index.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/packages/plugin-faker/src/parser/index.ts b/packages/plugin-faker/src/parser/index.ts
--- a/packages/plugin-faker/src/parser/index.ts
+++ b/packages/plugin-faker/src/parser/index.ts
@@ -6,2 +6,21 @@
 
+const charMap = {
+  '<': '\\u003C',
+  '>' : '\\u003E',
+  '/': '\\u002F',
+  '\\': '\\\\',
+  '\b': '\\b',
+  '\f': '\\f',
+  '\n': '\\n',
+  '\r': '\\r',
+  '\t': '\\t',
+  '\0': '\\0',
+  '\u2028': '\\u2028',
+  '\u2029': '\\u2029'
+};
+
+function escapeUnsafeChars(str) {
+  return str.replace(/[<>\b\f\n\r\t\0\u2028\u2029]/g, x => charMap[x])
+}
+
 const fakerKeywordMapper = {
@@ -61,3 +80,3 @@
     }
-    const item = items.at(0)
+    const item = escapeUnsafeChars(items.at(0))
 
EOF
@@ -6,2 +6,21 @@

const charMap = {
'<': '\\u003C',
'>' : '\\u003E',
'/': '\\u002F',
'\\': '\\\\',
'\b': '\\b',
'\f': '\\f',
'\n': '\\n',
'\r': '\\r',
'\t': '\\t',
'\0': '\\0',
'\u2028': '\\u2028',
'\u2029': '\\u2029'
};

function escapeUnsafeChars(str) {
return str.replace(/[<>\b\f\n\r\t\0\u2028\u2029]/g, x => charMap[x])
}

const fakerKeywordMapper = {
@@ -61,3 +80,3 @@
}
const item = items.at(0)
const item = escapeUnsafeChars(items.at(0))

Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@stijnvanhulle stijnvanhulle merged commit 5ca19f7 into main Oct 7, 2024
10 checks passed
@stijnvanhulle stijnvanhulle deleted the fix/1335 branch October 7, 2024 18:21
@github-actions github-actions bot mentioned this pull request Oct 7, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug Something isn't working v3 Kubb v3
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Generated mocks fails to match the requirements of Zod
1 participant
@stijnvanhulle