Skip to content

Commit 25d9ece

Browse files
authored
Add version parsing check skip malformed versions and avoid panic (#1469)
* Add version parsing check skip malformed versions and avoid panic Signed-off-by: Anton Troshin <[email protected]> * lint Signed-off-by: Anton Troshin <[email protected]> * do not return error on nil, skip bad versions Signed-off-by: Anton Troshin <[email protected]> * simplify condition to skip prerelease and versions with metadata print warning on error and non-semver version tag Signed-off-by: Anton Troshin <[email protected]> --------- Signed-off-by: Anton Troshin <[email protected]>
1 parent 6d5e64d commit 25d9ece

File tree

2 files changed

+58
-5
lines changed

2 files changed

+58
-5
lines changed

pkg/version/version.go

+12-5
Original file line numberDiff line numberDiff line change
@@ -119,11 +119,18 @@ func GetLatestReleaseGithub(githubURL string) (string, error) {
119119
latestVersion := defaultVersion
120120

121121
for _, release := range githubRepoReleases {
122-
if !strings.Contains(release.TagName, "-rc") {
123-
cur, _ := version.NewVersion(strings.TrimPrefix(release.TagName, "v"))
124-
if cur.GreaterThan(latestVersion) {
125-
latestVersion = cur
126-
}
122+
cur, err := version.NewVersion(strings.TrimPrefix(release.TagName, "v"))
123+
if err != nil || cur == nil {
124+
print.WarningStatusEvent(os.Stdout, "Malformed version %s, skipping", release.TagName)
125+
continue
126+
}
127+
// Prerelease versions and versions with metadata are skipped.
128+
if cur.Prerelease() != "" || cur.Metadata() != "" {
129+
continue
130+
}
131+
132+
if cur.GreaterThan(latestVersion) {
133+
latestVersion = cur
127134
}
128135
}
129136

pkg/version/version_test.go

+46
Original file line numberDiff line numberDiff line change
@@ -162,6 +162,52 @@ func TestGetVersionsGithub(t *testing.T) {
162162
"no releases",
163163
"",
164164
},
165+
{
166+
"Malformed version no releases",
167+
"/malformed_version_no_releases",
168+
`[
169+
{
170+
"url": "https://api.github.com/repos/dapr/dapr/releases/186741665",
171+
"html_url": "https://github.com/dapr/dapr/releases/tag/vedge",
172+
"id": 186741665,
173+
"tag_name": "vedge",
174+
"target_commitish": "master",
175+
"name": "Dapr Runtime vedge",
176+
"draft": false,
177+
"prerelease": false
178+
}
179+
] `,
180+
"no releases",
181+
"",
182+
},
183+
{
184+
"Malformed version with latest",
185+
"/malformed_version_with_latest",
186+
`[
187+
{
188+
"url": "https://api.github.com/repos/dapr/dapr/releases/186741665",
189+
"html_url": "https://github.com/dapr/dapr/releases/tag/vedge",
190+
"id": 186741665,
191+
"tag_name": "vedge",
192+
"target_commitish": "master",
193+
"name": "Dapr Runtime vedge",
194+
"draft": false,
195+
"prerelease": false
196+
},
197+
{
198+
"url": "https://api.github.com/repos/dapr/dapr/releases/44766923",
199+
"html_url": "https://github.com/dapr/dapr/releases/tag/v1.5.1",
200+
"id": 44766923,
201+
"tag_name": "v1.5.1",
202+
"target_commitish": "master",
203+
"name": "Dapr Runtime v1.5.1",
204+
"draft": false,
205+
"prerelease": false
206+
}
207+
] `,
208+
"",
209+
"1.5.1",
210+
},
165211
}
166212
m := http.NewServeMux()
167213
s := http.Server{Addr: ":12345", Handler: m, ReadHeaderTimeout: time.Duration(5) * time.Second}

0 commit comments

Comments
 (0)