🛡️ Shield: Robust Integer Parsing for Float Strings

[fderuiter]

🛑 Vulnerability: The parse_int_or_default validator would silently return the default value (0) when encountering float-formatted strings like "5.0", or raise a ValueError in strict mode. This is common in CSV/JSON exports and leads to data loss/corruption.

🛡️ **Defense:** Enhanced `parse_int_or_default` to attempt `int(float(v))` as a fallback. This correctly parses `"5.0"` as `5`, handles truncation for non-integers (e.g., `"5.9"` -> `5`), and properly manages overflow/strictness.

🔬 **Verification:** Run `poetry run pytest tests/unit/test_models_validators.py`. New test cases cover `"5.0"`, `"5.9"`, `"inf"`, and strict mode behavior.

📊 **Impact:** Prevents silent failures for valid numeric inputs, increasing data ingestion reliability.

Ref: .jules/shield.md (2024-05-22)

---

PR created automatically by Jules for task 8890386912751906217 started by @fderuiter

[Copilot]

Pull request overview

Improve parse_int_or_default to handle float-formatted numeric inputs more robustly (e.g., CSV/JSON "5.0"), and add tests to validate the new behavior.

Changes:

• Added a float-conversion fallback (int(float(v))) when direct int(v) parsing fails.
• Added unit tests covering float strings, float values, and "inf" strict/non-strict behavior.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File	Description
imednet/utils/validators.py	Adds float parsing fallback to reduce defaulting/parse failures for float-like inputs
tests/unit/test_models_validators.py	Adds coverage for float-like strings/values and infinity handling

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

int(v) can raise OverflowError for values like float('inf') (and potentially other non-finite floats). Because OverflowError isn’t caught here, parse_int_or_default(v, strict=False) can unexpectedly raise instead of returning default. Consider including OverflowError in this first except tuple (or otherwise ensuring non-finite float inputs are handled consistently with the defaulting behavior).

Suggested change

	except (ValueError, TypeError):
	except (ValueError, TypeError, OverflowError):

[Copilot]

The function docstring states that strict=True raises ValueError on parse failure, but this fallback can raise OverflowError (as your new test asserts for \"inf\"). Also, strict=True now accepts non-integer float strings like \"5.9\" and truncates to 5, which is a semantic change from strict integer parsing. Recommendation: either (a) keep strict semantics by only accepting float inputs when the float is integral (e.g., f.is_integer()), and raise ValueError otherwise, and normalize strict failures to a consistent exception type; or (b) update the docstring/contract to explicitly document truncation and the possible exception types in strict mode.

Suggested change

	except (ValueError, TypeError, OverflowError):
	if strict:
	raise
	except (ValueError, TypeError, OverflowError) as exc:
	if strict:
	# Normalize all strict parse failures to ValueError, as documented.
	raise ValueError(f"Invalid integer value: {v!r}") from exc

[Copilot]

Given the new fallback behavior, it would be useful to add tests that lock down strict-mode semantics for non-integer floats (e.g., expected behavior for parse_int_or_default(\"5.9\", strict=True)), and also add coverage for float('inf') (not just the string \"inf\") to catch the OverflowError path coming from int(v) directly.