-
-
Notifications
You must be signed in to change notification settings - Fork 890
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
issue with uuidv5 and/or parse function - Invalid UUID #511
Comments
@afterthought can you provide more details on how you generated the "GUID" It does not appear to be an RFC4122 compliant UUID: The first character after the second We did include more thorough checks in |
FWIW, I think there's some misconceptions around the synonymity of Microsoft GUIDs and RFC4122. Lots of articles out there conflating these two terms, often claiming they're identical. However, Microsoft is pretty clear that GUIDs are allowed to contain any hex digit. As @ctavan notes, RFC UUIDs have specific requirements for the |
Ok. So I was wrong about it coming from dotnet. It actually originates from an old titanium based mobile app with a handwritten random number generator that just orders the chars/digits into a guid format. Pretty bad. (I did do some testing with the MS Guid.newGuid() method and it seems compliant). I definitely see that the ID is non-compliant and now we know why. I'm now in the pinch of figuring out how to move forward. Our design/architecture relies heavily on uuidv5 and now I've found that I have a mountain of legacy data that won't be compatible. For now I can pin the library at 8.2. Not a great long-term solution though. On my end I'm going to see if I can convince the product team to fix the uuid generation and ideally have a conversion strategy for older data. |
@broofa since this seems to be popping up a few times and since legacy data may be hard or impossible to change: How do you feel about introducing an optional |
@afterthought If you pass the namespace as a byte array, it circumvents the E.g.
|
Yes, elegant backdoor. Thanks for the help. |
@broofa is this workaround a behavior we want to have/encourage? Or rather make this an explicit option to allow skipping the namespace validation? |
@ctavan Good question. Short answer: No, but I'm not sure there's a great solution here. That byte-array-based namespaces aren't validated but string ones are is an inconsistency that should probably get addressed at some point so... yeah... @afterthought probably shouldn't count on this continuing to work in the future. But I don't see a compelling reason to close that particular loophole at the moment. The alternative - adding an option to allow non-standard namespaces - flies in the face of the "this module adheres to the RFC" philosophy, so I'm a bit reticent to go that route. 'Kind of feels like we have a passable solution for the moment so maybe we can get away with looking the other way on this one until there's a reason to do otherwise. 🤷 |
Hello, I'm not an expert but If I resume, variant microsoft is GUID and not RFC compliant with UUID, but appear in RFC 4.1.1 well maybe just an interpretation, but I understand. This lib is a very very good job, but my opinion is in this point think to what user/developper need and what you provide Thank :) |
@pbleuse-orange did you see this comment: #511 (comment) The GUID which caused this issue was not generated using any standards compliant UUID/GUID generator. If you manually generate things, that look like UUIDS/GUIDS but don’t follow the standard, then please don’t expect this library to accept these things as being valid UUIDS/GUIDS. And to emphasize again: the original issue described here was caused by faulty manual |
@ctavan sorry I would'nt relauch all discussion, but for my part I have problem with this ID for example: 6023a8a5-d9fe-5142-d062-5f38fe5142d0 It was decoded here https://www.uuidtools.com/api/decode/6023a8a5-d9fe-5142-d062-5f38fe5142d0 with this response: {
"encode": {
"STR": "6023a8a5-d9fe-5142-d062-5f38fe5142d0",
"SIV": "127791038570326569133610857067145413328"
},
"decode": {
"variant": "reserved (Microsoft GUID)",
"version": "5 (name based, SHA-1)",
"contents": "60:23:A8:A5:D9:FE:01:42:10:62:5F:38:FE:51:42:D0\n(not decipherable: truncated SHA-1 message digest only)"
}
} You can see variant microsoft. But uuid.validate() said this ID is invalid, that's it. |
First line of RFC4122 [emphasis mine]:
[Edit to add: While "GUID" and "UUID" are technically different things, they are closely linked in appearance, ancestry, and everyday usage. Hence, why "guid" is one of the keywords named in this module. That the RFC mentions GUID as synonymous with UUID doesn't help matters.] |
Describe the bug
A GUID generated in dotnet is failing to parse. We get an error: Invalid UUID. We encountered the issue with v5, but it's the same error if you pass to the new parse function. I ran git bisect using this test and it fails starting on commit: 0e6c10b.
How to reproduce
Run this test:
Expected behavior
Should produce a v5 uuid.
Runtime
Additional information
[Any other information or comments that you think will help]
The text was updated successfully, but these errors were encountered: