-
Notifications
You must be signed in to change notification settings - Fork 472
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
yaml tranformer fails on a certain case where the file ends with a blank line #374
Comments
oof. Nice find. Thanks for providing great test cases to check if implemented logic is accurate. Let me see what I can do. EDIT: Actually, I was unable to reproduce this.
I'm aware that the line number is off (known issue, on my backlog), but at least it doesn't throw a parsing error. I have also verified I don't have any staged changes that may be affecting this reproducibility. |
Can reproduce it with this: $ python -i
Python 3.8.0 (default, May 7 2020, 02:49:39)
[GCC 8.3.1 20191121 (Red Hat 8.3.1-5)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from detect_secrets.transformers.yaml import YAMLFileParser
>>> with open('blah.yaml') as f:
... items = sorted(YAMLFileParser(f), key=lambda x: x.line_number)
...
Traceback (most recent call last):
File "<stdin>", line 2, in <module>
File "/data/ws/detect-secrets/detect_secrets/transformers/yaml.py", line 193, in __iter__
line=lines[item['__line__'] - 1],
IndexError: list index out of range |
Oh, of course 🤦 . The |
I took a quick peek at this -- I think this is going to be a lot harder to address than initially expected. Why it Fails on MasterI was initially very surprised to see it failing on master, given that the core YAML parsing logic is mostly unchanged. I tested this side by side with a json dump, and confirmed my hypothesis -- they are near identical (at least, for the points that matter).
{
"foo": [
{
"bar": {
"__value__": "baz",
"__line__": 3,
"__is_binary__": false,
"__original_key__": "bar"
}
}
]
}
{
"foo": [
{
"bar": {
"__value__": "baz",
"__line__": 3,
"__original_key__": "bar"
}
}
]
}
foo:
- { bar: 'baz' }
# this is a new line It turns out that the v1 branch attempts to output the line itself, so that it can be handled in the But the problem lies even deeper than this. Incorrect Line NumbersAs I alluded to before, my local testing seem to suggest that YAML file parsing does not provide accurate line numbers, as previously designed. This bug is an artifact of this. We can see this by extending the number of new lines within the file content itself, and checking the JSON output of Bizarre. But we must go deeper. YAML Versioning Issue?This I'm currently able to reproduce this on Proposed SolutionI'm going to wait for my pending v1 branches to be merged in, before taking another look at this. My current thoughts are:
|
@domanchi we've also hit several
|
Yes, please do. I've hit some of these myself, but have been unable to reproduce them on the |
Sorry for the late reply. I'm using PyYAML 5.4.1. The following test cases are made using 1.1.0. We used a slightly modified version of a default Verdaccio configuration file here, but the default one as presented there also fails on my machine with:
Another one that fails similarly is (note I replaced values to hide some details, but it still fails): postgresql_restarted_state: state
postgresql_databases:
- name: some_database
postgresql_global_config_options:
- option: listen_addresses
value: "addresses"
postgresql_hba_entries:
- { type: type, database: database, user: user, address: "127.0.0.1", auth_method: method } I had another test case but that seems to be fixed as of 1.1.0. |
@domanchi , i also face the same issue. Is there any ETA when this fix will be released? |
I am having the same problem.. any fix on the way? |
* Clarify setting PYTHONPATH in dev environment Updates CONTRIBUTING.md with details about why PYTHONPATH needs to be set in one's dev environment. Explains the consequences of not doing so. * Remove random bullet point from top of README
Same problem here, guys. |
Hi all, Realized I left this thread in an unfinished state. As of mid-April, I lost write-access to this repository which inadvertently halted all development for this project. We're currently trying to figure out what's the future of this project to migrate it into a platform where development can continue again, but until then, I'd suggest that if you are having the same issue, you can patch your library yourself with the PR I referenced above. |
This happens with the pre-v1-launch branch, not reproducible with the master branch.
When a YAML file ends with a block style list of flow style maps followed by a blank line, scanning fails with "list index out of range" at
line=lines[item['__line__'] - 1]
because__line__
is n but thelines
list has only n-1 items, no element for the final blank line.Example:
When it fails,
__line__
is 3, butlines
has only two items:['foo:', ' - { bar: "baz" }']
:Parsing is successful when the file doesn't end with a blank line:
Here are several cases that don't fail when the file ends with a blank line.
Block style map of block style list:
Flow style map that isn't in a list:
Block style list of flow style lists:
Flow style list of flow style maps:
The text was updated successfully, but these errors were encountered: