Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The validation of grafanaDependency uses a regex pattern that is too strict #279

Open
2 tasks
darrenjaneczek opened this issue Nov 13, 2024 · 1 comment
Open
2 tasks

The validation of grafanaDependency uses a regex pattern that is too strict #279

darrenjaneczek opened this issue Nov 13, 2024 · 1 comment
Assignees
@mckn
Labels
bug Something isn't working

Comments

@darrenjaneczek
Copy link

darrenjaneczek commented Nov 13, 2024
edited
Loading

See:

This pattern:
^(<=|>=|<|>|=|~|\\^)?([0-9]+)(\\.[0-9x\\*]+)(\\.[0-9x\\*]+)?(\\s(<=|>=|<|=>)?([0-9]+)(\\.[0-9x]+)(\\.[0-9x]+))?(\\-[0-9]+)?$
does not permit more complicated, but valid, semantic version ranges such as:

  • >= 10.4.10 < 11 || >= 11.1.0

Options:

  • Remove the pattern, and allow any string for this field
  • Attempt to build a new mechanism to evaluate the validity of the semver range
    • Perhaps a different kind of validation layer can be added to this that makes use of some javascript code and the semver library itself.

Background:

While building an urgent patch for the GEL Plugin (https://github.com/grafana/gex-plugins) for a customer POC, our build process spontaneously failed due to a change of plugin-validator where a strict pattern for grafanaDependency is required to pass. The gex-plugins currently use >= 10.4.10 < 11 || >= 11.1.0 to specify the officially supported range. This is a valid semver, but the pattern used in the schema for grafanaDependency does not allow for spaces, multiple operators, or multiple ranges separated by ||.

To work around this issue, I had to disable this check altogether. In order to proceed, I will need to know which path the plugin-validator is choosing to take so I can respond accordingly.

  • A. Keep this regex
  • B. Remove this regex
  • C. Remove this regex for now and later replace it with true semver test

If the choice is A, I will have to alter the officially supported version range in gex-plugins, or find a way to disable this strict check without also disabling overall plugin-validation.

See:
@darrenjaneczek darrenjaneczek mentioned this issue Nov 13, 2024
Closed
@tolzhabayev tolzhabayev moved this from 📬 Triage to 🔬 In review in Plugins Platform / Grafana Community Nov 14, 2024
@darrenjaneczek darrenjaneczek moved this from 🔬 In review to 📬 Triage in Plugins Platform / Grafana Community Nov 15, 2024
@mckn mckn moved this from 📬 Triage to 🧑‍💻 In development in Plugins Platform / Grafana Community Nov 26, 2024
@mckn mckn self-assigned this Nov 26, 2024
@mckn mckn added the bug Something isn't working label Nov 26, 2024
@darrenjaneczek
Copy link
Author

@mckn, I have taken @academo's advice and disabled the plugin schema analyzer so that our build would succeed. It seems our project has bigger problems than just the dependency expression -- our plugin id is also "in violation."

The solution I went with is here:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mckn mckn

Labels
bug Something isn't working
Projects
Plugins Platform / Grafana Community
Status: 🧑‍💻 In development
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mckn @darrenjaneczek