-
-
Notifications
You must be signed in to change notification settings - Fork 498
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update dolt blame to use sql backend and accept specific revision #6065
Conversation
@@ -108,3 +108,29 @@ teardown() { | |||
[[ "$output" =~ "defaultDB does not exist" ]] || false | |||
} | |||
|
|||
@test "sql-local-remote: verify dolt blame behavior is identical in switch between server/no server" { | |||
cd defaultDB |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is a bug here where we are out of sync with other command behavior. You shouldn't need to cd defaultDB
- and in fact I tested this and you get an error stating that you need to dolt init first. This is incorrect behavior.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure I understand why I don't need to do cd defaultDB
first. I would need to be in a dolt repo to do dolt add
and dolt commit
right?
[ "$status" -eq 0 ] | ||
[[ "$output" =~ "1".*"insert initial value into test" ]] || false | ||
[[ "$output" =~ "2".*"insert more values into test" ]] || false | ||
[[ "$output" =~ "3".*"insert more values into test" ]] || false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think a simpler check would be to compare the total output of both blame calls. The line by line information will be the same if that checks out, and the tests as it stands now would allow for one implementation to drop the commit date and we'd never know it.
if apr.NArg() == 1 { | ||
schema, ri, err = queryist.Query(sqlCtx, fmt.Sprintf(blameQueryTemplate, apr.Arg(0), "HEAD")) | ||
} else { | ||
schema, ri, err = queryist.Query(sqlCtx, fmt.Sprintf(blameQueryTemplate, apr.Arg(1), apr.Arg(0))) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to validate the input or we'll have a SQL injection bug here. There is hopefully code we can find around here which validates a revision value. Example of exploit:
$ dolt blame 'HEAD;insert into tbl values (....);' tbl
At the moment, this doesn't have any real impact because blame doesn't have a write transaction
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think when we parse the value given after AS OF
it will catch invalid revision values right? I'm not too clear on what your given example shows.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ship with whatever you come up to get around the use of dEnv.
go/cmd/dolt/commands/blame.go
Outdated
schema, ri, err = queryist.Query(sqlCtx, fmt.Sprintf(blameQueryTemplate, apr.Arg(0), "HEAD")) | ||
} else { | ||
// validate input | ||
_, err = ResolveCommitWithVErr(dEnv, apr.Arg(0)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See chat discussion. This is a very reliable way to validate the input - but it used dEnv which is off limits.
|
||
run dolt blame test | ||
[ "$status" -eq 0 ] | ||
[[ "$output" = $out ]] || false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Noice. I like this test a lot more now :-)
@coffeegoddd DOLT
|
@coffeegoddd DOLT
|
This change updates
dolt blame
to use the appropriate sql engine to generate results. This change also allows users to specify a specific revision to annotate from.Related: #3922