fix: strip leading dots and hyphens from raw tags#646
Conversation
Signed-off-by: zry98 <[email protected]>
c13d8ec to
bd9134e
Compare
|
Hello @crazy-max , I see the CI failed with the yarn lockfile, is there something I need to update? |
crazy-max
left a comment
There was a problem hiding this comment.
This is the right direction. Docker tags can contain . and -, but not as the first character, so stripping leading invalid characters matches the existing sanitizer behavior better than rejecting the tag.
One edge case needs tightening before merge: this can now sanitize a non-empty value into an empty tag, for example ..., ---, or /. setVersion() currently checks for empty before calling sanitizeTag(), so an empty sanitized value could become version.main and prevent a later valid tag from becoming the main version.
Could you move the empty check after sanitization?
val = Meta.sanitizeTag(val);
if (val.length == 0) {
return version;
}Please also add a focused test for that case, for example a higher-priority raw value that sanitizes to empty followed by a valid raw value, expecting the valid one to become main.
is there something I need to update?
973c3dd to
e70b4d7
Compare
Signed-off-by: zry98 <[email protected]>
e70b4d7 to
060b56a
Compare
@crazy-max thank you for the nice catch! I've updated it and added some more related tests, please check. |
According to the Docker image tag reference, the format is
/[\w][\w.-]{0,127}/, a dot (.) or hyphen (-) is not allowed as a leading character.sanitizeTag()was already replacing illegal characters from the middle of tag names, but not for the leading characters. A given raw tag like.foo\barwould be sanitized to.foo-bar, instead offoo-bar.This PR added a second regex replacement pass
.replace(/^[^a-zA-Z0-9_]+/, '')to strip any leading dots or hyphens.Also added 3 related tests.