-
Notifications
You must be signed in to change notification settings - Fork 140
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Prevent mv3 permissions errors to be wrongly reported in mv2 addon validation #4397
Conversation
src/schema/validator.js
Outdated
const schemaObject = JSON.parse( | ||
JSON.stringify(this.schemaObject, replacer, 2) | ||
); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@willdurand this is currently traversing the JSONSchema data by using JSON.stringify, which is likely not the best way to traverse the json objects given that it is stringifying all data and then parsing it again, I used it mainly as a quick way to give the approach a try and confirm if that would be a possible way to avoid these unexpected errors.
Besides the JSON.stringify trick, as I also mentioned in the PR description comment a better (and less expesive at runtime) approach may be to this kind of JSONSchema data filtering at import time (by creating a different set of JSONSchema data per manifest_version).
We may also consider looking into that approach now and see if we can get an alternative patch without a too big of an effort.
Let me know wdyt.
(in the PR description I tried to explain in a bit more detail what is going on in practice, but I'm happy to have a chat if that description didn't yet help you to get a good picture of the underlying issue).
1cf744b
to
4ee032b
Compare
Codecov ReportBase: 98.72% // Head: 98.74% // Increases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## master #4397 +/- ##
==========================================
+ Coverage 98.72% 98.74% +0.01%
==========================================
Files 54 54
Lines 2832 2866 +34
Branches 849 865 +16
==========================================
+ Hits 2796 2830 +34
Misses 36 36
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
58676a5
to
79fb846
Compare
@willdurand I've updated this PR with some more exploratory changes for the other approach we discussed a few days ago (filtering the manifest specific anyOf entries at import time instead of doing it at runtime as in the initial version of this PR). While I was looking into that I did notice that it seems we lost a piece of the work done in #4363, related to rework the way we get the list of the schema updates to apply on the imported data, I have added it back as 78230b7 but we may likely want to move that in a separate PR and merge that part sooner. We should discuss about this new version of the PR, in particular I'm a bit on the fence about what to do with the fact that the schema data is currently imported statically:
Let's touch base about this points in the next few days, e.g. after you got a chance to take a look to this version. |
@willdurand I cherry-picked 78230b7 from this PR to the PR to refresh the JSONSchema data from Firefox 103.0b9 (#4407), I'll rebase this patch and remove that from this PR once #4407 lands on the main branch. |
Yeah, that's actually something I forgot to let you know earlier today.. I read this new patch and your comments/concerns. We should discuss some time next week! |
As per our last discussion, the idea was to:
|
I filed #4511 for that, let's file issues for:
and
|
79fb846
to
ed1cf84
Compare
ed1cf84
to
9575b85
Compare
@willdurand I have restored the initial version of this PR as we agreed on, then added the test case introduced along with the other approach to provide explicit test coverage around the issue this is meant to fix. |
9575b85
to
da1a7bf
Compare
…arned on in mv2 extensions
da1a7bf
to
edf8e6c
Compare
…on validation The unexpected validation warning reported for a valid host permission (filed as addons-linter issue #4367) seems to be due to the fact that both manifest_version 2 and manifest_version 3 definitions for the permissions manifest field are being processed. The current implementation is trying to make sure to filter out the errors not relevant for the current add-on based on the error.parentSchema property (See isRelevantError helper function defined in src/schema/validator.js). Unfortunately this approach is unable to filter out all irrelevant errors, in particular for JSONSchema types that are referenced in a min/max_manifest_version conditioned entry with more then 1 level deep nesting, the error.parentSchema will not be the one explicitly including the min/max_manifest_version property and this is what makes the error triggered by the min_manifest_version 3 version of the "permissions" to be wrongly reported as part of a manifest_version 2 add-on validation. This patch is currently filtering the schema data at "JSONSchema data compile"-time and omitting from the schema data all entries with min/max_manifest_version that do not match the minimum and maximum manifest_version set per schema validator config or if they don't apply to the actual add-on manifest_version. NOTE: Ideally a better (and less expesive at runtime) approach may be to this kind of JSONSchema data filtering at import time (by creating a different set of JSONSchema data per manifest_version).
edf8e6c
to
363727b
Compare
@willdurand this PR is now ready for another review pass from your perspective. As I mentioned in the updated description associated to this PR I've also added a fix for the pre-existing typo in |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking good, a few questions and typos.
…wedManifestVersionsRange
@willdurand I've just updated this PR based on your last round of review comments (a14d501), this should be ready for a final review pass. |
Does this fixed now? I still get errors with V3! |
Fixes #4367
(also fixes #4521, including the fix for the typo in
isRelevantError
helper function and additional test coverage added to test.schema.js to cover the fixed typo with an explicit test case).The unexpected validation warning reported for a valid host permission (filed as addons-linter issue #4367)
seems to be due to the fact that both manifest_version 2 and manifest_version 3 definitions for the
permissions manifest field are being processed.
The current implementation is trying to make sure to filter out the errors not relevant for the current
add-on based on the error.parentSchema property (See isRelevantError helper function defined in
src/schema/validator.js).
Unfortunately this approach is unable to filter out all irrelevant errors, in particular for JSONSchema
types that are referenced in a min/max_manifest_version conditioned entry with more then 1 level deep nesting,
the error.parentSchema will not be the one explicitly including the min/max_manifest_version property and
this is what makes the error triggered by the min_manifest_version 3 version of the "permissions" to be
wrongly reported as part of a manifest_version 2 add-on validation.
This patch is currently filtering the schema data at "JSONSchema data compile"-time and omitting from the
schema data all entries with min/max_manifest_version that do not match the minimum and maximum manifest_version
set per schema validator config or if they don't apply to the actual add-on manifest_version.
NOTE: Ideally a better (and less expesive at runtime) approach may be to this kind of JSONSchema data filtering
at import time (by creating a different set of JSONSchema data per manifest_version).