Skip to content

fix: sanitize URL path before database lookup#3193

Merged
Priyanshu-byte-coder merged 2 commits into
Priyanshu-byte-coder:mainfrom
aaniya22:fix/repo-analytics-utils-sanitize-url-path
Jul 19, 2026
Merged

fix: sanitize URL path before database lookup#3193
Priyanshu-byte-coder merged 2 commits into
Priyanshu-byte-coder:mainfrom
aaniya22:fix/repo-analytics-utils-sanitize-url-path

Conversation

@aaniya22

Copy link
Copy Markdown
Contributor

Summary

Fixes parseRepoParam in repo-analytics-utils.ts to normalise leading and consecutive slashes in "owner/repo" input before validating, instead of silently returning null for inputs like /owner/repo or owner//repo.

Closes #3032


Type of Change

  • 🐛 Bug fix (non-breaking change that fixes an issue)
  • ✨ New feature (non-breaking change that adds functionality)
  • 💥 Breaking change (fix or feature that changes existing behavior)
  • 📝 Documentation update
  • ♻️ Refactor / code cleanup (no functional change)
  • ⚡ Performance improvement
  • 🔒 Security fix
  • 🧪 Tests only

What Changed

  • src/lib/repo-analytics-utils.ts: parseRepoParam now strips a single leading slash and collapses consecutive slashes via regex before running the existing owner/repo validation regex
  • test/repo-analytics-utils-sanitize.test.ts (new): covers leading slash, double slashes, mixed slashes + surrounding spaces, and unchanged normal input

How to Test

  1. Checkout this branch
  2. Run npx vitest run test/repo-analytics-utils-sanitize.test.ts test/repo-analytics-utils.test.ts
  3. Confirm all 23 tests pass (19 pre-existing + 4 new)

Expected result: parseRepoParam("/owner/repo") and parseRepoParam("owner//repo") both return { owner: "owner", repo: "repo" } instead of null, while all pre-existing valid/invalid cases still behave the same.


Screenshots / Recordings

Not applicable — no UI impact, logic-only change.


Checklist

  • Linked the related issue above
  • Self-reviewed my own diff
  • No unnecessary console.log, debug code, or commented-out blocks
  • npm run lint passes locally
  • No TypeScript errors (npm run type-check)
  • Added or updated tests where applicable
  • Updated documentation / comments if behavior changed

Accessibility (UI changes only)

Not applicable — no UI impact.


Additional Context

None.

@github-actions github-actions Bot added gssoc26 GSSoC 2026 contribution type:bug GSSoC type bonus: bug fix type:testing GSSoC type bonus: tests (+10 pts) labels Jul 13, 2026
@github-actions github-actions Bot added type:feature GSSoC type bonus: new feature type:performance GSSoC type bonus: performance (+15 pts) labels Jul 13, 2026
@github-actions

Copy link
Copy Markdown

GSSoC Label Checklist 🏷️

@Priyanshu-byte-coder — please apply the appropriate labels before merging:

Difficulty (pick one):

  • level:beginner — 20 pts
  • level:intermediate — 35 pts
  • level:advanced — 55 pts
  • level:critical — 80 pts

Quality (optional):

  • quality:clean — ×1.2 multiplier
  • quality:exceptional — ×1.5 multiplier

Validation (required to score):

  • gssoc:approved — counts for points
  • gssoc:invalid / gssoc:spam / gssoc:ai-slop — does not score

Type labels (type:*) are auto-detected from files and title. Review and adjust if needed.
Points formula: (difficulty × quality_multiplier) + type_bonus

@Priyanshu-byte-coder Priyanshu-byte-coder added gssoc:approved GSSoC: PR approved for scoring level1 GSSoC Level 1 - Beginner (10 points) quality:clean GSSoC: Clean quality multiplier (×1.2) labels Jul 19, 2026
@Priyanshu-byte-coder
Priyanshu-byte-coder merged commit 0d9c7a3 into Priyanshu-byte-coder:main Jul 19, 2026
4 of 5 checks passed
@github-actions

Copy link
Copy Markdown

🎉 Merged! Thanks for contributing to DevTrack.

If the project has been useful to you, a ⭐ star on the repo is the easiest way to support it — it helps DevTrack get discovered by more developers.

Keep an eye on open issues for your next contribution!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

gssoc:approved GSSoC: PR approved for scoring gssoc26 GSSoC 2026 contribution level1 GSSoC Level 1 - Beginner (10 points) quality:clean GSSoC: Clean quality multiplier (×1.2) type:bug GSSoC type bonus: bug fix type:feature GSSoC type bonus: new feature type:performance GSSoC type bonus: performance (+15 pts) type:testing GSSoC type bonus: tests (+10 pts)

Projects

None yet

Development

Successfully merging this pull request may close these issues.

fix : sanitize URL path before database lookup in repo-analytics-utils.ts

2 participants