fix: support allow large check from scopes level #927
Conversation
WalkthroughA single file is modified to introduce scope-level whitelisting for large packages in Unpkg. The implementation adds an Changes
Estimated code review effortπ― 2 (Simple) | β±οΈ ~10 minutes
Poem
Pre-merge checks and finishing touchesβ Passed checks (3 passed)
β¨ Finishing touches
π§ͺ Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Summary of ChangesHello @fengmk2, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request introduces a significant enhancement to how 'large packages' are managed within the system. Previously, allowances for large packages were handled on an individual package basis. With this change, the system now supports whitelisting entire package scopes, simplifying the configuration and management of large packages, especially for monorepos or organizations with many packages under specific namespaces. This improves flexibility and reduces maintenance overhead for package version file services. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with π and π on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
There was a problem hiding this comment.
Code Review
The pull request introduces a new feature to whitelist large packages by scope. This is implemented by adding a new private property, #unpkgWhiteListAllowLargeScopes, to the PackageVersionFileService class. This property is initialized from manifest.allowLargeScopes during the updateUnpkgWhiteList method. A check is then added to allow large packages if their scope is present in this new whitelist. There were no review comments provided.
There was a problem hiding this comment.
Actionable comments posted: 0
π§Ή Nitpick comments (3)
app/core/service/PackageVersionFileService.ts (3)
61-63: PreferSetoverstring[]for large-scope whitelist lookups.
includes()is O(n) and this check can be on a hot path;Set#has()is O(1) and avoids accidental duplicates.- // allow large package scopes, e.g. ['@foo', '@bar'] - #unpkgWhiteListAllowLargeScopes: string[] = []; + // allow large package scopes, e.g. ['@foo', '@bar'] + #unpkgWhiteListAllowLargeScopes = new Set<string>();
90-129: Log message doesnβt reflect the new βlarge scopesβ whitelist + consider narrowinganyhere.
You now trackallowLargeScopes, but the info log still only reports βlarge packagesβ, so operators canβt confirm scope rollout from logs. Also, the repeatedas anycasts make schema drift easy to miss.- this.#unpkgWhiteListAllowLargeScopes = manifest.allowLargeScopes ?? ([] as any); + this.#unpkgWhiteListAllowLargeScopes = new Set<string>((manifest.allowLargeScopes ?? []) as string[]); this.logger.info( - '[PackageVersionFileService.updateUnpkgWhiteList] version:%s, total %s packages, %s scopes, %s large packages', + '[PackageVersionFileService.updateUnpkgWhiteList] version:%s, total %s packages, %s scopes, %s large packages, %s large scopes', whiteListPackageVersion, Object.keys(this.#unpkgWhiteListAllowPackages).length, this.#unpkgWhiteListAllowScopes.length, Object.keys(this.#unpkgWhiteListAllowLargePackages).length, + this.#unpkgWhiteListAllowLargeScopes.size, );
131-144: Consider convertingallowLargeScopestoSet<string>for consistent type usage across the codebase, but the currentArray.includes()implementation is functionally correct.The whitelist membership checks would benefit from using
Setfor O(1) lookup performance, particularly if whitelist sizes grow. However, this requires updating both the type declaration and the method call:
- Type:
#unpkgWhiteListAllowLargeScopes: Set<string> = new Set();- Assignment:
this.#unpkgWhiteListAllowLargeScopes = new Set(manifest.allowLargeScopes ?? []);- Check:
if (this.#unpkgWhiteListAllowLargeScopes.has(pkgScope)) return true;The current
string[]with.includes()is not incorrect, but if converting toSet, ensure consistency with how#unpkgWhiteListAllowScopesand#unpkgWhiteListAllowLargePackagesare handled. Regarding scope normalization:pkgScopeis already in standard format from upstream callers andgetFullname()already handles empty scope cases, so explicit normalization in this method is unnecessary.
π Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
π Files selected for processing (1)
app/core/service/PackageVersionFileService.ts(3 hunks)
π§° Additional context used
π Path-based instructions (4)
**/*.{js,ts,tsx,jsx}
π CodeRabbit inference engine (.github/copilot-instructions.md)
**/*.{js,ts,tsx,jsx}: Use single quotes in JavaScript/TypeScript code (from Prettier configuration)
Use 2-space indentation (from Prettier configuration)
Maintain 120 character line width maximum (from Prettier configuration)
Use trailing commas in ES5 syntax (from Prettier configuration)
Avoid parentheses in arrow functions when possible (from Prettier configuration)
Maximum of 6 function parameters (from Oxlint configuration)
Warn on console usage (from Oxlint configuration)
Disallow anonymous default exports (from Oxlint configuration)
Use ES modules (import/export) syntax throughout
Files:
app/core/service/PackageVersionFileService.ts
**/*.{ts,tsx}
π CodeRabbit inference engine (.github/copilot-instructions.md)
**/*.{ts,tsx}: Use strict TypeScript with comprehensive type definitions - avoidanytypes, use proper typing orunknown
Export types and interfaces for reusability in TypeScript
Files:
app/core/service/PackageVersionFileService.ts
app/core/service/**/*.ts
π CodeRabbit inference engine (.github/copilot-instructions.md)
app/core/service/**/*.ts: Services must implement core business logic without HTTP concerns or direct database access
Services must use@SingletonProto()for service lifecycle management
Services must orchestrate multiple repositories and entities, managing transactions and events
Files:
app/core/service/PackageVersionFileService.ts
**/*.ts
π CodeRabbit inference engine (CLAUDE.md)
**/*.ts: Use strict TypeScript with proper typing - avoidanytypes, use proper typing orunknowninstead
Use ES modules withimport/exportsyntax throughout the codebase
Use single quotes (') for strings
Use 2-space indentation
Enforce 120 character line width
Use ES5 trailing commas
Limit functions to a maximum of 6 parameters
Do not use console statements - use logger instead
Files:
app/core/service/PackageVersionFileService.ts
β° Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (19)
- GitHub Check: Agent
- GitHub Check: CodeQL analysis (javascript-typescript)
- GitHub Check: test on mysql (node@24, shard@2/3, enableJSONBuilder@false)
- GitHub Check: test on mysql (node@20, shard@0/3, enableJSONBuilder@false)
- GitHub Check: test on mysql (node@24, shard@1/3, enableJSONBuilder@true)
- GitHub Check: test on mysql (node@20, shard@0/3, enableJSONBuilder@true)
- GitHub Check: test on mysql (node@24, shard@0/3, enableJSONBuilder@true)
- GitHub Check: test on mysql (node@22, shard@1/3, enableJSONBuilder@false)
- GitHub Check: test on mysql (node@24, shard@2/3, enableJSONBuilder@true)
- GitHub Check: test on postgresql (node@22, shard@1/3)
- GitHub Check: test on postgresql (node@22, shard@0/3)
- GitHub Check: test on postgresql (node@22, shard@2/3)
- GitHub Check: test on postgresql (node@20, shard@1/3)
- GitHub Check: test on postgresql (node@24, shard@2/3)
- GitHub Check: test on postgresql (node@20, shard@2/3)
- GitHub Check: test on postgresql (node@20, shard@0/3)
- GitHub Check: test on postgresql (node@24, shard@0/3)
- GitHub Check: test on postgresql (node@24, shard@1/3)
- GitHub Check: build-and-push-image
There was a problem hiding this comment.
Pull request overview
This PR adds support for allowing large packages at the scope level through the unpkg white list configuration. Previously, only individual packages could be whitelisted for large size allowances via allowLargePackages, but now entire scopes can be whitelisted using the new allowLargeScopes array.
Key changes:
- Added scope-level large package allowance checking to complement the existing package-level checking
- Modified the white list loading logic to include the new
allowLargeScopesfield from the manifest - Updated the
isAllowLargePackageVersionmethod to check scopes before checking individual packages
Comments suppressed due to low confidence (1)
app/core/service/PackageVersionFileService.ts:128
- The logger.info message on line 122-127 should be updated to include the count of allowLargeScopes. The message currently logs "total %s packages, %s scopes, %s large packages" but doesn't include information about the newly introduced allowLargeScopes field. This makes it inconsistent with the data being loaded and harder to debug/monitor the white list configuration.
Consider updating the log message to include the allowLargeScopes count, similar to how allowScopes is logged.
this.logger.info(
'[PackageVersionFileService.updateUnpkgWhiteList] version:%s, total %s packages, %s scopes, %s large packages',
whiteListPackageVersion,
Object.keys(this.#unpkgWhiteListAllowPackages).length,
this.#unpkgWhiteListAllowScopes.length,
Object.keys(this.#unpkgWhiteListAllowLargePackages).length,
);
| // check allow large scopes | ||
| if (this.#unpkgWhiteListAllowLargeScopes.includes(pkgScope)) return true; |
There was a problem hiding this comment.
The new allowLargeScopes feature lacks test coverage. While the isAllowLargePackageVersion method is mocked in some tests, there are no tests that verify the scope-level large package allowance functionality works correctly.
Tests should verify:
- Packages from scopes in allowLargeScopes are allowed regardless of size
- The scope check happens before the individual package check
- The allowLargeScopes field is correctly loaded from the manifest
Looking at the existing test patterns in test/port/controller/PackageVersionFileController/listFiles.test.ts, similar tests should be added for the allowLargeScopes functionality.
|
π This PR is included in version 4.16.1 π The release is available on: Your semantic-release bot π¦π |
Codecov Reportβ
All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #927 +/- ##
==========================================
- Coverage 95.37% 95.26% -0.12%
==========================================
Files 197 197
Lines 22205 22211 +6
Branches 2058 2454 +396
==========================================
- Hits 21179 21160 -19
- Misses 1026 1051 +25 β View full report in Codecov by Sentry. π New features to boost your workflow:
|
Summary by CodeRabbit
βοΈ Tip: You can customize this high-level summary in your review settings.