From 7964d42d4a2b5e3a79c0a69c25061e46f1e366d5 Mon Sep 17 00:00:00 2001
From: Ian Bowden <ian.bowden@slalom>
Date: Fri, 21 Jun 2024 12:17:42 -0400
Subject: [PATCH] added check to make sure repo is a valid uri before getting
 updates

---
 .../modules/shared/abstractions/pre_commit.py | 13 +++++++
 .../shared/abstractions/test_pre_commit.py    | 39 +++++++++++++++++--
 2 files changed, 48 insertions(+), 4 deletions(-)

diff --git a/secureli/modules/shared/abstractions/pre_commit.py b/secureli/modules/shared/abstractions/pre_commit.py
index 6f103bd0..02c4d936 100644
--- a/secureli/modules/shared/abstractions/pre_commit.py
+++ b/secureli/modules/shared/abstractions/pre_commit.py
@@ -1,6 +1,7 @@
 import datetime
 from pathlib import Path
 import shutil
+from urllib.parse import urlparse
 
 # Note that this import is pulling from the pre-commit tool's internals.
 # A cleaner approach would be to update pre-commit
@@ -189,8 +190,13 @@ def check_for_hook_updates(
                 "repo": repo_config.url
             }  # PreCommitSettings uses "url" instead of "repo", so we need to copy that value over
             old_rev_info = HookRepoRevInfo.from_config(repo_config_dict)
+
+            # if the repo isn't a valid uri, don't try to download updates for it
+            if not self.is_valid_uri(old_rev_info.repo):
+                continue
             # if the revision currently specified in .pre-commit-config.yaml looks like a full git SHA
             # (40-character hex string), then set freeze to True
+
             freeze = (
                 bool(git_commit_sha_pattern.fullmatch(repo_config.rev))
                 if freeze is None
@@ -425,3 +431,10 @@ def _get_outdated_repos(
             repos = [key for key in outdated_repos.keys()]
 
         return repos
+
+    def is_valid_uri(self, uri_string):
+        try:
+            result = urlparse(uri_string)
+            return all([result.scheme, result.netloc])
+        except Exception:
+            return False
diff --git a/tests/modules/shared/abstractions/test_pre_commit.py b/tests/modules/shared/abstractions/test_pre_commit.py
index fdad4899..ef947336 100644
--- a/tests/modules/shared/abstractions/test_pre_commit.py
+++ b/tests/modules/shared/abstractions/test_pre_commit.py
@@ -550,10 +550,14 @@ def test_check_for_hook_updates_infers_freeze_param_when_not_provided(
         pre_commit_config = RepositoryModels.PreCommitSettings(
             repos=[pre_commit_config_repo]
         )
-        rev_info_mock = MagicMock(rev=pre_commit_config_repo.rev)
+        rev_info_mock = MagicMock(
+            rev=pre_commit_config_repo.rev, repo="http://example-repo.com/"
+        )
         mock_hook_repo_rev_info.return_value = rev_info_mock
         rev_info_mock.update.return_value = rev_info_mock  # Returning the same revision info on update means the hook will be considered up to date
-        pre_commit.check_for_hook_updates(pre_commit_config)
+        pre_commit.check_for_hook_updates(
+            pre_commit_config,
+        )
         rev_info_mock.update.assert_called_with(tags_only=True, freeze=rev_is_sha)
 
 
@@ -575,7 +579,9 @@ def test_check_for_hook_updates_respects_freeze_param_when_false(
         pre_commit_config = RepositoryModels.PreCommitSettings(
             repos=[pre_commit_config_repo]
         )
-        rev_info_mock = MagicMock(rev=pre_commit_config_repo.rev)
+        rev_info_mock = MagicMock(
+            rev=pre_commit_config_repo.rev, repo="http://example-repo.com/"
+        )
         mock_hook_repo_rev_info.return_value = rev_info_mock
         rev_info_mock.update.return_value = rev_info_mock  # Returning the same revision info on update means the hook will be considered up to date
         pre_commit.check_for_hook_updates(pre_commit_config, freeze=False)
@@ -596,7 +602,9 @@ def test_check_for_hook_updates_respects_freeze_param_when_true(
         pre_commit_config = RepositoryModels.PreCommitSettings(
             repos=[pre_commit_config_repo]
         )
-        rev_info_mock = MagicMock(rev=pre_commit_config_repo.rev)
+        rev_info_mock = MagicMock(
+            rev=pre_commit_config_repo.rev, repo="http://example-repo.com/"
+        )
         mock_hook_repo_rev_info.return_value = rev_info_mock
         rev_info_mock.update.return_value = rev_info_mock  # Returning the same revision info on update means the hook will be considered up to date
         pre_commit.check_for_hook_updates(pre_commit_config, freeze=True)
@@ -638,6 +646,29 @@ def test_check_for_hook_updates_returns_repos_with_new_revs(
         assert updated_repos[repo_urls[0]].newRev == "tag2"
 
 
+def test_check_for_hook_updates_does_not_updated_repos_with_urls(
+    pre_commit: PreCommitAbstractionModels.PreCommitAbstraction,
+):
+    with um.patch(
+        "secureli.modules.shared.abstractions.pre_commit.HookRepoRevInfo.from_config"
+    ) as mock_hook_repo_rev_info:
+        pre_commit_config_repo = RepositoryModels.PreCommitRepo(
+            repo="local",
+            rev="tag1",
+            hooks=[RepositoryModels.PreCommitHook(id="hook-id")],
+        )
+        pre_commit_config = RepositoryModels.PreCommitSettings(
+            repos=[pre_commit_config_repo]
+        )
+        rev_info_mock = MagicMock(
+            rev=pre_commit_config_repo.rev, repo="http://example-repo.com/"
+        )
+        mock_hook_repo_rev_info.return_value = rev_info_mock
+        rev_info_mock.update.return_value = rev_info_mock  # Returning the same revision info on update means the hook will be considered up to date
+        pre_commit.check_for_hook_updates(pre_commit_config, freeze=True)
+        rev_info_mock.update.assert_called_with(tags_only=True, freeze=True)
+
+
 def test_pre_commit_config_exists(
     pre_commit: PreCommitAbstractionModels.PreCommitAbstraction,
 ):