This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
The following commit(s) were added to refs/heads/main by this push:
new 44ee502 Fix some problems with file tag YAML validation
44ee502 is described below
commit 44ee50290789552005d3fb71fed0f637ee7368fe
Author: Sean B. Palmer <[email protected]>
AuthorDate: Fri Jan 23 17:02:48 2026 +0000
Fix some problems with file tag YAML validation
---
atr/get/projects.py | 5 ++++-
atr/storage/writers/policy.py | 11 ++++++++---
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/atr/get/projects.py b/atr/get/projects.py
index 6db986b..8703c57 100644
--- a/atr/get/projects.py
+++ b/atr/get/projects.py
@@ -322,7 +322,10 @@ def _render_compose_form(project: sql.Project) ->
htm.Element:
]
schema = strictyaml.EmptyDict() | strictyaml.MapPattern(strictyaml.Str(),
strictyaml.UniqueSeq(strictyaml.Str()))
- atr_tag_yaml = strictyaml.as_document(project.policy_file_tag_mappings,
schema).as_yaml()
+ if project.policy_file_tag_mappings:
+ atr_tag_yaml =
strictyaml.as_document(project.policy_file_tag_mappings, schema).as_yaml()
+ else:
+ atr_tag_yaml = ""
with card.block(htm.div, classes=".card-body") as card_body:
form.render_block(
card_body,
diff --git a/atr/storage/writers/policy.py b/atr/storage/writers/policy.py
index cb61e86..fc264b1 100644
--- a/atr/storage/writers/policy.py
+++ b/atr/storage/writers/policy.py
@@ -21,6 +21,7 @@ from __future__ import annotations
from typing import TYPE_CHECKING
import strictyaml
+import strictyaml.ruamel.error as error
import atr.db as db
import atr.models as models
@@ -97,8 +98,6 @@ class CommitteeMember(CommitteeParticipant):
project_name = form.project_name
_, release_policy = await self.__get_or_create_policy(project_name)
- if ".." in form.file_tag_mappings:
- raise ValueError("File tag mappings may not contain '..'")
try:
schema = strictyaml.EmptyDict() | strictyaml.MapPattern(
strictyaml.Str(),
@@ -107,12 +106,18 @@ class CommitteeMember(CommitteeParticipant):
),
)
atr_tags_yaml = strictyaml.load(form.file_tag_mappings, schema)
- except strictyaml.exceptions.YAMLValidationError:
+ except (strictyaml.exceptions.YAMLValidationError, error.YAMLError):
raise ValueError("Invalid file tag mappings")
atr_tags_data = atr_tags_yaml.data
if not isinstance(atr_tags_data, dict):
raise ValueError("Invalid file tag mappings")
atr_tags_dict: dict[str, list[str]] = atr_tags_data
+ for key, values in atr_tags_dict.items():
+ if ".." in key:
+ raise ValueError("File tag mapping keys may not contain '..'")
+ for value in values:
+ if ".." in value:
+ raise ValueError("File tag mapping values may not contain
'..'")
release_policy.source_artifact_paths =
_split_lines(form.source_artifact_paths)
release_policy.license_check_mode = form.license_check_mode #
pyright: ignore[reportAttributeAccessIssue]
release_policy.source_excludes_lightweight =
_split_lines_verbatim(form.source_excludes_lightweight)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
