Closed svonworl closed 2 months ago
Attention: Patch coverage is 38.09524%
with 13 lines
in your changes are missing coverage. Please review.
Project coverage is 74.52%. Comparing base (
f03a1b4
) to head (8f55ad4
).
Files | Patch % | Lines |
---|---|---|
.../java/io/openapi/api/impl/ToolsApiServiceImpl.java | 0.00% | 11 Missing :warning: |
...in/java/io/dockstore/webservice/jdbi/EntryDAO.java | 60.00% | 0 Missing and 2 partials :warning: |
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Ooops. forgot to note that the /api/categories?name=%00
request is not fixed. It happens because postgres doesn't like storing the NUL character (value 0) or accepting it in queries. The problem can be triggered on any endpoint that accepts a QueryParam
and passes it on to the database, and there is no simple, straightforward fix (that I know of). So, we'll leave it as is for now.
Failed conditions
44.4% Coverage on New Code (required ≥ 80%)
Description This PR fixes the bugs that were uncovered during fuzz testing by the requests listed in https://ucsc-cgl.atlassian.net/browse/SEAB-6173, with the exception of the
api/containers/schema/514/published
request, which resulted in more extensive changes and is fixed in PR https://github.com/dockstore/dockstore/pull/5860.I added some inline PR comments that describe what was fixed, and how.
Note that the "NUL character" bug is not fixed: https://github.com/dockstore/dockstore/pull/5862#issuecomment-2037911466
Review Instructions Try the requests that are described in the issue, and confirm that the responses make sense and are not 500 status/error codes.
Issue https://ucsc-cgl.atlassian.net/browse/SEAB-6173
Security and Privacy
No concerns.
e.g. Does this change...
Please make sure that you've checked the following before submitting your pull request. Thanks!
mvn clean install
@RolesAllowed
annotation