Skip to content

Validate git ref and repo values to reject dash-prefixed inputs#4598

Open
aravindtga wants to merge 2 commits into
kptdev:mainfrom
Nordix:validate-git-ref-prefix
Open

Validate git ref and repo values to reject dash-prefixed inputs#4598
aravindtga wants to merge 2 commits into
kptdev:mainfrom
Nordix:validate-git-ref-prefix

Conversation

@aravindtga

@aravindtga aravindtga commented Jun 23, 2026

Copy link
Copy Markdown
Contributor

Description

  • What changed: Added input validation to reject git ref and repo values that start with - across all command entry points (get, fetch, update, pkgupdate) and in the internal gitutil.cacheRepo function.
  • Why it's needed: A ref or repo value starting with - is not a valid git ref. Accepting such values leads to confusing git errors downstream. Rejecting them early provides a clear error message to the user.
  • How it works: Each command's existing validation function (DefaultValues, validate, Run) now checks for - prefixes and returns an early, clear error. Additionally, cacheRepo in internal/gitutil validates all refs and URIs before executing any git commands, acting as a catch-all for all callers regardless of entry point.

Type of Change

  • Bug fix
  • New feature
  • Enhancement
  • Refactor
  • Documentation
  • Tests
  • Other: ________

Checklist

  • Code follows project style guidelines
  • Self-reviewed changes
  • Tests added/updated
  • Documentation added/updated
  • All tests and gating checks pass

AI Disclosure

  • I have used AI in the creation of this PR.

If so, please describe how:

  • Kiro to trace the affected call paths, implement the fix, and generate the test.

@aravindtga
Validate git ref and repo values to reject dash-prefixed inputs
58e4f95 
Signed-off-by: Aravindhan Ayyanathan <aravindhan.a@est.tech>
@aravindtga aravindtga requested a review from Copilot June 23, 2026 08:38
@netlify

netlify Bot commented Jun 23, 2026
edited
Loading

Copy link
Copy Markdown

Deploy Preview for kptdocs ready!

Name Link
🔨 Latest commit 9be8c08
🔍 Latest deploy log https://app.netlify.com/projects/kptdocs/deploys/6a3a48c70821440008bf1726
😎 Deploy Preview https://deploy-preview-4598--kptdocs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
🤖 Make changes Run an agent on this branch

To edit notification comments on pull requests, go to your Netlify project configuration.

@aravindtga aravindtga self-assigned this Jun 23, 2026
Copilot AI reviewed Jun 23, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds early validation to reject git repo/ref inputs that start with -, preventing them from being misinterpreted as git command-line options and surfacing clearer, earlier errors to users.

Changes:

  • Added --prefix validation for repo/ref in get, fetch, update, and pkgupdate entry points.
  • Added a defensive validation layer in internal/gitutil.GitUpstreamRepo.cacheRepo to reject dash-prefixed URIs/refs before invoking git.
  • Added a unit test to ensure flag-like refs are rejected.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
pkg/lib/util/get/get.go Rejects dash-prefixed repo/ref during get defaulting/validation.
pkg/lib/util/fetch/fetch.go Rejects dash-prefixed repo/ref during fetch validation.
pkg/lib/update/update.go Rejects dash-prefixed upstream repo/ref during update execution.
pkg/lib/kptops/pkgupdate.go Rejects dash-prefixed upstream repo/ref in the pkgupdate wrapper.
internal/gitutil/gitutil.go Adds catch-all validation in cacheRepo for URI/refs before running git.
internal/gitutil/gitutil_test.go Adds test coverage for rejecting flag-like refs.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread internal/gitutil/gitutil.go
Comment thread internal/gitutil/gitutil.go
Comment thread internal/gitutil/gitutil.go
Comment thread pkg/lib/update/update.go
Comment thread pkg/lib/update/update.go
@aravindtga
Address review comments
9be8c08 
Signed-off-by: Aravindhan Ayyanathan <aravindhan.a@est.tech>
@aravindtga aravindtga requested a review from Copilot June 23, 2026 08:51
Copilot AI reviewed Jun 23, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated no new comments.

@aravindtga aravindtga marked this pull request as ready for review June 23, 2026 09:25
@dosubot dosubot Bot added size:M This PR changes 30-99 lines, ignoring generated files. bug Something isn't working go Pull requests that update Go code labels Jun 23, 2026
@aravindtga aravindtga requested a review from a team June 23, 2026 09:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@liamfallon liamfallon Awaiting requested review from liamfallon liamfallon is a code owner

@kispaljr kispaljr Awaiting requested review from kispaljr kispaljr is a code owner

@mozesl-nokia mozesl-nokia Awaiting requested review from mozesl-nokia mozesl-nokia is a code owner

@efiacor efiacor Awaiting requested review from efiacor efiacor is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

@aravindtga aravindtga

Labels

bug Something isn't working go Pull requests that update Go code size:M This PR changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aravindtga