New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: validate path for getHomeDirectory #4901
base: master
Are you sure you want to change the base?
Conversation
aa1d7ec
to
c318a6e
Compare
/runIntegrationTests |
f7c78bb
to
86674dc
Compare
/runIntegrationtests |
faaf52a
to
7a6b048
Compare
/runIntegrationtests |
/retryBuilds |
It's not really a Windows specific issue. Any system with a misconfigured $HOME env var could have this issue. |
7a6b048
to
7e7b1a1
Compare
/runIntegrationTests |
7e7b1a1
to
7103ade
Compare
* @param {string} [path] - The path to be checked. If not provided, defaults to an empty string. | ||
* @returns {boolean} Returns true if the path is valid and exists, otherwise returns false. | ||
*/ | ||
export function isValidPath(path?: string): boolean { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this would never be hit in web-mode because getHomeDirectory
returns early for web-mode
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
vscode
only provide Thenable
aka Promise
based api. To allow this in web, it will require updating all touch points with a Promise
based API.
https://github.com/microsoft/vscode/blob/main/src/vscode-dts/vscode.d.ts#L9045
|
||
const fs = require('fs') | ||
|
||
if (path && path.length !== 0 && fs.existsSync(_path.resolve(path))) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why are we using resolve()
here but not in the result returned by getHomeDirectory()
. that means this is checking something different than would be returned. it probably is a signal that getHomeDirectory()
should return a `resolve() result.
more generally, please think about how code can make decisions once, which are then used for the rest of the codepath, instead of making many decisions in multiple different places.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would you recommend something like this?
packages/core/src/auth/credentials/sharedCredentialsFile.ts
- if (env.AWS_SHARED_CREDENTIALS_FILE && isValidPath(env.AWS_SHARED_CREDENTIALS_FILE)) {
- return env.AWS_SHARED_CREDENTIALS_FILE
+ if (env.AWS_SHARED_CREDENTIALS_FILE && isValidPath(resolve(env.AWS_SHARED_CREDENTIALS_FILE))) {
+ return resolve(env.AWS_SHARED_CREDENTIALS_FILE)
}
- if (env.AWS_CONFIG_FILE && isValidPath(env.AWS_CONFIG_FILE)) {
- return env.AWS_CONFIG_FILE
+ if (env.AWS_CONFIG_FILE && isValidPath(resolve(env.AWS_CONFIG_FILE))) {
+ return resolve(env.AWS_CONFIG_FILE)
}
packages/core/src/shared/systemUtilities.ts
- if (env.HOME && isValidPath(env.HOME)) {
- return env.HOME
+ if (env.HOME && isValidPath(path.resolve(env.HOME))) {
+ return path.resolve(env.HOME)
}
- if (env.USERPROFILE && isValidPath(env.USERPROFILE)) {
- return env.USERPROFILE
+ if (env.USERPROFILE && isValidPath(path.resolve(env.USERPROFILE))) {
+ return path.resolve(env.USERPROFILE)
}
- if (env.HOMEPATH && isValidPath(env.HOMEPATH)) {
+ if (env.HOMEPATH && isValidPath(path.resolve(env.HOMEPATH))) {
const homeDrive: string = env.HOMEDRIVE || 'C:'
- return path.join(homeDrive, env.HOMEPATH)
+ return path.join(homeDrive, path.resolve(env.HOMEPATH))
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or skipping the resolve
like
- if (path && path.length !== 0 && fs.existsSync(_path.resolve(path))) {
+ if (path && path.length !== 0 && fs.existsSync(path)) {
I'd prefer the former where we check isValidPath(path.resolve(env.HOME))
and return path.resolve(env.HOME)
@@ -17,6 +19,7 @@ describe('sharedCredentials', function () { | |||
// Make a temp folder for all these tests | |||
// Stick some temp credentials files in there to load from | |||
tempFolder = await makeTemporaryToolkitFolder() | |||
sinon.stub(pathUtils, 'isValidPath').returns(true) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
stubbing isValidPath in various tests that happen to current hit the getHomeDirectory()
codepath, means that future tests might run into the same issue.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Given that in unit tests we are validating an actual path, indeed it will require stubbing in future as well. What would be your recommendation?
8240930
to
92b8259
Compare
92b8259
to
6820f30
Compare
Problem
HOME
orUSERPROFILE
orHOMEPATH
AWS_SHARED_CREDENTIALS_FILE
orAWS_CONFIG_FILE
are unable to login into Amazon Q and AWS Toolkits extensions.Solution
isValidPath
function to ensure a valid path is used for authenticationTODO
fs
tofsCommon
because the web tests are failing. This entails updating all functions to usePromise
screateVueEntries
function to allow developers to build on *NIX and Windows.License
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.