@aaronshaf/ger 1.2.10 → 2.0.0

package/src/utils/shell-safety.ts

@@ -0,0 +1,117 @@
+import { Effect } from 'effect'
+
+/**
+ * Safely sanitizes URLs to prevent shell injection attacks
+ * Only allows HTTPS URLs with valid characters
+ */
+export const sanitizeUrl = (url: string): Effect.Effect<string, Error> =>
+  Effect.try({
+    try: () => {
+      const parsed = new URL(url)
+
+      // Only allow https protocol
+      if (parsed.protocol !== 'https:') {
+        throw new Error(`Invalid protocol: ${parsed.protocol}. Only HTTPS is allowed.`)
+      }
+
+      // Check for suspicious characters that could be shell injection
+      const dangerousChars = /[;&|`$(){}[\]\\'"<>]/
+      if (dangerousChars.test(url)) {
+        throw new Error('URL contains potentially dangerous characters')
+      }
+
+      // Validate hostname format
+      if (!parsed.hostname || parsed.hostname.length === 0) {
+        throw new Error('Invalid hostname')
+      }
+
+      // Return the sanitized URL
+      return parsed.toString()
+    },
+    catch: (error) =>
+      new Error(`Invalid URL format: ${error instanceof Error ? error.message : 'Unknown error'}`),
+  })
+
+/**
+ * Synchronous URL sanitization for non-Effect contexts
+ * Throws error if URL is invalid or unsafe
+ */
+export const sanitizeUrlSync = (url: string): string => {
+  try {
+    const parsed = new URL(url)
+
+    // Only allow https protocol
+    if (parsed.protocol !== 'https:') {
+      throw new Error(`Invalid protocol: ${parsed.protocol}. Only HTTPS is allowed.`)
+    }
+
+    // Check for suspicious characters that could be shell injection
+    const dangerousChars = /[;&|`$(){}[\]\\'"<>]/
+    if (dangerousChars.test(url)) {
+      throw new Error('URL contains potentially dangerous characters')
+    }
+
+    // Validate hostname format
+    if (!parsed.hostname || parsed.hostname.length === 0) {
+      throw new Error('Invalid hostname')
+    }
+
+    return parsed.toString()
+  } catch (error) {
+    throw new Error(
+      `Invalid URL format: ${error instanceof Error ? error.message : 'Unknown error'}`,
+    )
+  }
+}
+
+/**
+ * Gets the appropriate command to open URLs based on platform
+ */
+export const getOpenCommand = (): string => {
+  switch (process.platform) {
+    case 'darwin':
+      return 'open'
+    case 'win32':
+      return 'start'
+    default:
+      return 'xdg-open'
+  }
+}
+
+/**
+ * Safely sanitizes content for inclusion in XML CDATA sections
+ * Prevents XXE attacks and CDATA injection
+ */
+export const sanitizeCDATA = (content: string): string => {
+  if (typeof content !== 'string') {
+    throw new Error('Content must be a string')
+  }
+
+  // Replace CDATA end sequences to prevent CDATA injection
+  let sanitized = content.replace(/]]>/g, ']]&gt;')
+
+  // Replace null bytes which can cause issues in XML processing
+  sanitized = sanitized.replace(/\0/g, '')
+
+  // Replace control characters except for allowed ones (tab \x09, newline \x0A, carriage return \x0D)
+  sanitized = sanitized.replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g, '')
+
+  return sanitized
+}
+
+/**
+ * Safely escapes content for XML element values
+ * Escapes XML special characters
+ */
+export const escapeXML = (content: string): string => {
+  if (typeof content !== 'string') {
+    throw new Error('Content must be a string')
+  }
+
+  return content
+    .replace(/&/g, '&amp;')
+    .replace(/</g, '&lt;')
+    .replace(/>/g, '&gt;')
+    .replace(/"/g, '&quot;')
+    .replace(/'/g, '&apos;')
+}

package/src/utils/status-indicators.ts

@@ -0,0 +1,100 @@
+import type { ChangeInfo } from '@/schemas/gerrit'
+
+/**
+ * Status indicator configuration
+ */
+export interface StatusIndicatorConfig {
+  approved: string
+  rejected: string
+  recommended: string
+  disliked: string
+  verified: string
+  failed: string
+  empty: string
+}
+
+/**
+ * Default status indicators using emoji
+ */
+export const DEFAULT_STATUS_INDICATORS: StatusIndicatorConfig = {
+  approved: '✓',
+  rejected: '✗',
+  recommended: '↑',
+  disliked: '↓',
+  verified: '✓',
+  failed: '✗',
+  empty: '  ',
+}
+
+/**
+ * Gets status indicators for a change based on its labels
+ */
+export const getStatusIndicators = (
+  change: ChangeInfo,
+  config: StatusIndicatorConfig = DEFAULT_STATUS_INDICATORS,
+): string[] => {
+  const indicators: string[] = []
+
+  // Check Code-Review label
+  if (change.labels?.['Code-Review']) {
+    const cr = change.labels['Code-Review']
+    if (cr.approved || cr.value === 2) {
+      indicators.push(config.approved)
+    } else if (cr.rejected || cr.value === -2) {
+      indicators.push(config.rejected)
+    } else if (cr.recommended || cr.value === 1) {
+      indicators.push(config.recommended)
+    } else if (cr.disliked || cr.value === -1) {
+      indicators.push(config.disliked)
+    }
+  }
+
+  // Check Verified label
+  if (change.labels?.['Verified']) {
+    const v = change.labels.Verified
+    if (v.approved || v.value === 1) {
+      // Only add verified indicator if not already approved
+      if (!indicators.includes(config.approved)) {
+        indicators.push(config.verified)
+      }
+    } else if (v.rejected || v.value === -1) {
+      indicators.push(config.failed)
+    }
+  }
+
+  return indicators
+}
+
+/**
+ * Gets a formatted status string with consistent padding
+ */
+export const getStatusString = (
+  change: ChangeInfo,
+  config: StatusIndicatorConfig = DEFAULT_STATUS_INDICATORS,
+  padding = 8,
+): string => {
+  const indicators = getStatusIndicators(change, config)
+  const statusStr = indicators.length > 0 ? indicators.join(' ') : config.empty
+  return statusStr.padEnd(padding, ' ')
+}
+
+/**
+ * Gets label value with proper type safety
+ */
+export const getLabelValue = (labelInfo: unknown): number => {
+  return typeof labelInfo === 'object' &&
+    labelInfo !== null &&
+    'value' in labelInfo &&
+    typeof labelInfo.value === 'number'
+    ? labelInfo.value
+    : 0
+}
+
+/**
+ * Gets label color based on value
+ */
+export const getLabelColor = (value: number): 'green' | 'red' | 'yellow' => {
+  if (value > 0) return 'green'
+  if (value < 0) return 'red'
+  return 'yellow'
+}

package/src/utils/url-parser.test.ts

@@ -0,0 +1,271 @@
+import { describe, expect, test } from 'bun:test'
+import { extractChangeNumber, isValidChangeId, normalizeGerritHost } from './url-parser'
+
+describe('extractChangeNumber', () => {
+  test('extracts change number from standard Gerrit URL', () => {
+    const url = 'https://gerrit.example.com/c/my-project/+/384571'
+    expect(extractChangeNumber(url)).toBe('384571')
+  })
+
+  test('extracts change number from URL with trailing slash', () => {
+    const url = 'https://gerrit.example.com/c/my-project/+/384571/'
+    expect(extractChangeNumber(url)).toBe('384571')
+  })
+
+  test('extracts change number from URL with patchset', () => {
+    const url = 'https://gerrit.example.com/c/my-project/+/384571/2'
+    expect(extractChangeNumber(url)).toBe('384571')
+  })
+
+  test('extracts change number from hash-based URL', () => {
+    const url = 'https://gerrit.example.com/#/c/my-project/+/384571/'
+    expect(extractChangeNumber(url)).toBe('384571')
+  })
+
+  test('extracts change number from simplified URL format', () => {
+    const url = 'https://gerrit.example.com/c/+/384571'
+    expect(extractChangeNumber(url)).toBe('384571')
+  })
+
+  test('extracts change number from hash-based simplified URL', () => {
+    const url = 'https://gerrit.example.com/#/c/+/384571'
+    expect(extractChangeNumber(url)).toBe('384571')
+  })
+
+  test('returns plain change number as-is', () => {
+    expect(extractChangeNumber('384571')).toBe('384571')
+  })
+
+  test('returns Change-Id format as-is', () => {
+    const changeId = 'Iabcdef1234567890abcdef1234567890abcdef12'
+    expect(extractChangeNumber(changeId)).toBe(changeId)
+  })
+
+  test('returns original input for invalid URLs', () => {
+    const invalidUrl = 'https://gerrit.example.com/invalid/path'
+    expect(extractChangeNumber(invalidUrl)).toBe(invalidUrl)
+  })
+
+  test('handles malformed URLs gracefully', () => {
+    const malformed = 'not-a-url-at-all'
+    expect(extractChangeNumber(malformed)).toBe(malformed)
+  })
+
+  test('handles http:// URLs', () => {
+    const httpUrl = 'http://gerrit.example.com/c/project/+/123456'
+    expect(extractChangeNumber(httpUrl)).toBe('123456')
+  })
+
+  test('handles malformed https URLs that throw in URL constructor', () => {
+    const malformed = 'https://[invalid-url'
+    expect(extractChangeNumber(malformed)).toBe(malformed)
+  })
+
+  test('handles empty string', () => {
+    expect(extractChangeNumber('')).toBe('')
+  })
+
+  test('handles whitespace', () => {
+    expect(extractChangeNumber('  384571  ')).toBe('384571')
+  })
+})
+
+describe('isValidChangeId', () => {
+  test('validates numeric change IDs', () => {
+    expect(isValidChangeId('384571')).toBe(true)
+    expect(isValidChangeId('1')).toBe(true)
+    expect(isValidChangeId('999999')).toBe(true)
+  })
+
+  test('rejects zero and negative numbers', () => {
+    expect(isValidChangeId('0')).toBe(false)
+    expect(isValidChangeId('-1')).toBe(false)
+  })
+
+  test('validates Change-Id format', () => {
+    const validChangeId = 'Iabcdef1234567890abcdef1234567890abcdef12'
+    expect(isValidChangeId(validChangeId)).toBe(true)
+  })
+
+  test('rejects invalid Change-Id format', () => {
+    // Only reject if it doesn't follow the strict Change-Id format when it starts with 'I' and is long
+    expect(isValidChangeId('abcdef1234567890abcdef1234567890abcdef12')).toBe(true) // valid topic name
+    expect(isValidChangeId('Iabc')).toBe(true) // could be a valid topic or branch name
+  })
+
+  test('validates other identifier formats', () => {
+    expect(isValidChangeId('topic-branch')).toBe(true)
+    expect(isValidChangeId('feature/new-thing')).toBe(true)
+  })
+
+  test('rejects empty and whitespace-only strings', () => {
+    expect(isValidChangeId('')).toBe(false)
+    expect(isValidChangeId('   ')).toBe(false)
+    expect(isValidChangeId('has spaces')).toBe(false)
+  })
+
+  test('handles exact Change-Id format validation', () => {
+    // Valid Change-Id: starts with 'I' and exactly 40 hex chars
+    expect(isValidChangeId('I1234567890abcdef1234567890abcdef12345678')).toBe(true)
+
+    // Invalid: wrong length
+    expect(isValidChangeId('I123')).toBe(true) // this is treated as a valid topic name
+    expect(isValidChangeId('I1234567890abcdef1234567890abcdef123456789')).toBe(true) // too long, treated as topic
+
+    // Invalid: non-hex characters
+    expect(isValidChangeId('I1234567890abcdef1234567890abcdef1234567g')).toBe(true) // treated as topic name
+  })
+
+  test('rejects strings starting with dash', () => {
+    expect(isValidChangeId('-123')).toBe(false)
+    expect(isValidChangeId('-abc')).toBe(false)
+  })
+})
+
+describe('normalizeGerritHost', () => {
+  describe('adding protocol', () => {
+    test('adds https:// when no protocol is provided', () => {
+      expect(normalizeGerritHost('gerrit.example.com')).toBe('https://gerrit.example.com')
+    })
+
+    test('adds https:// to hostname with port', () => {
+      expect(normalizeGerritHost('gerrit.example.com:8080')).toBe('https://gerrit.example.com:8080')
+    })
+
+    test('adds https:// to localhost', () => {
+      expect(normalizeGerritHost('localhost:8080')).toBe('https://localhost:8080')
+    })
+
+    test('adds https:// to IP address', () => {
+      expect(normalizeGerritHost('192.168.1.100')).toBe('https://192.168.1.100')
+    })
+
+    test('adds https:// to IP address with port', () => {
+      expect(normalizeGerritHost('192.168.1.100:8080')).toBe('https://192.168.1.100:8080')
+    })
+  })
+
+  describe('preserving existing protocol', () => {
+    test('preserves https:// when already present', () => {
+      expect(normalizeGerritHost('https://gerrit.example.com')).toBe('https://gerrit.example.com')
+    })
+
+    test('preserves http:// when explicitly provided', () => {
+      expect(normalizeGerritHost('http://gerrit.example.com')).toBe('http://gerrit.example.com')
+    })
+
+    test('preserves https:// with port', () => {
+      expect(normalizeGerritHost('https://gerrit.example.com:8080')).toBe(
+        'https://gerrit.example.com:8080',
+      )
+    })
+
+    test('preserves http:// with port', () => {
+      expect(normalizeGerritHost('http://gerrit.example.com:8080')).toBe(
+        'http://gerrit.example.com:8080',
+      )
+    })
+  })
+
+  describe('removing trailing slashes', () => {
+    test('removes single trailing slash', () => {
+      expect(normalizeGerritHost('https://gerrit.example.com/')).toBe('https://gerrit.example.com')
+    })
+
+    test('removes trailing slash from URL without protocol', () => {
+      expect(normalizeGerritHost('gerrit.example.com/')).toBe('https://gerrit.example.com')
+    })
+
+    test('removes trailing slash from URL with port', () => {
+      expect(normalizeGerritHost('https://gerrit.example.com:8080/')).toBe(
+        'https://gerrit.example.com:8080',
+      )
+    })
+
+    test('handles URL without trailing slash', () => {
+      expect(normalizeGerritHost('https://gerrit.example.com')).toBe('https://gerrit.example.com')
+    })
+
+    test('does not remove slash from path', () => {
+      expect(normalizeGerritHost('https://gerrit.example.com/gerrit')).toBe(
+        'https://gerrit.example.com/gerrit',
+      )
+    })
+
+    test('removes trailing slash from path', () => {
+      expect(normalizeGerritHost('https://gerrit.example.com/gerrit/')).toBe(
+        'https://gerrit.example.com/gerrit',
+      )
+    })
+  })
+
+  describe('whitespace handling', () => {
+    test('trims leading whitespace', () => {
+      expect(normalizeGerritHost('  gerrit.example.com')).toBe('https://gerrit.example.com')
+    })
+
+    test('trims trailing whitespace', () => {
+      expect(normalizeGerritHost('gerrit.example.com  ')).toBe('https://gerrit.example.com')
+    })
+
+    test('trims whitespace from URL with protocol', () => {
+      expect(normalizeGerritHost('  https://gerrit.example.com  ')).toBe(
+        'https://gerrit.example.com',
+      )
+    })
+
+    test('trims whitespace and removes trailing slash', () => {
+      expect(normalizeGerritHost('  gerrit.example.com/  ')).toBe('https://gerrit.example.com')
+    })
+  })
+
+  describe('combined scenarios', () => {
+    test('adds protocol and removes trailing slash', () => {
+      expect(normalizeGerritHost('gerrit.example.com/')).toBe('https://gerrit.example.com')
+    })
+
+    test('trims, adds protocol, and removes trailing slash', () => {
+      expect(normalizeGerritHost('  gerrit.example.com/  ')).toBe('https://gerrit.example.com')
+    })
+
+    test('handles subdomain with port', () => {
+      expect(normalizeGerritHost('review.git.example.com:8443')).toBe(
+        'https://review.git.example.com:8443',
+      )
+    })
+
+    test('handles complex URL with path', () => {
+      expect(normalizeGerritHost('gerrit.example.com/gerrit')).toBe(
+        'https://gerrit.example.com/gerrit',
+      )
+    })
+
+    test('normalizes complete real-world example', () => {
+      expect(normalizeGerritHost('gerrit-review.example.org')).toBe(
+        'https://gerrit-review.example.org',
+      )
+    })
+  })
+
+  describe('edge cases', () => {
+    test('handles empty string', () => {
+      // Empty string becomes 'https:/' after normalization (protocol added, then trailing slash removed)
+      expect(normalizeGerritHost('')).toBe('https:/')
+    })
+
+    test('handles whitespace-only string', () => {
+      // Whitespace-only string becomes 'https:/' after normalization
+      expect(normalizeGerritHost('   ')).toBe('https:/')
+    })
+
+    test('handles just a slash', () => {
+      // Just a slash becomes 'https://' (protocol added to '/', then trailing slash removed leaving '//')
+      expect(normalizeGerritHost('/')).toBe('https://')
+    })
+
+    test('handles protocol only', () => {
+      // Protocol only becomes 'https:/' (trailing slash removed)
+      expect(normalizeGerritHost('https://')).toBe('https:/')
+    })
+  })
+})

package/src/utils/url-parser.ts

@@ -0,0 +1,118 @@
+/**
+ * Utility functions for parsing Gerrit URLs and extracting change numbers
+ */
+
+/**
+ * Extracts a change number from various Gerrit URL formats
+ *
+ * Supported formats:
+ * - https://gerrit.example.com/c/project-name/+/123456
+ * - https://gerrit.example.com/c/project-name/+/123456/
+ * - https://gerrit.example.com/c/project-name/+/123456/1
+ * - https://gerrit.example.com/#/c/project-name/+/123456/
+ * - 123456 (plain change number - returned as-is)
+ *
+ * @param input - The input string (URL or change number)
+ * @returns The extracted change number as a string, or the original input if not a URL
+ */
+export const extractChangeNumber = (input: string): string => {
+  const trimmed = input.trim()
+
+  // If it's already just a number or change ID (like "123456" or "Iabcd1234..."), return as-is
+  if (!trimmed.startsWith('http://') && !trimmed.startsWith('https://')) {
+    return trimmed
+  }
+
+  // Parse URL and extract change number
+  try {
+    const url = new URL(trimmed)
+
+    // Match different Gerrit URL patterns
+    // Pattern: /c/project-name/+/123456 or /#/c/project-name/+/123456
+    const patterns = [
+      /\/c\/[^/]+\/\+\/(\d+)/, // /c/project/+/123456
+      /#\/c\/[^/]+\/\+\/(\d+)/, // /#/c/project/+/123456
+      /\/c\/\+\/(\d+)/, // /c/+/123456 (simplified format)
+      /#\/c\/\+\/(\d+)/, // /#/c/+/123456 (simplified format)
+    ]
+
+    const fullPath = url.pathname + url.hash
+
+    for (const pattern of patterns) {
+      const match = fullPath.match(pattern)
+      if (match?.[1]) {
+        return match[1]
+      }
+    }
+
+    // If no pattern matches, return the original input
+    return trimmed
+  } catch {
+    // If URL parsing fails, return the original input
+    return trimmed
+  }
+}
+
+/**
+ * Normalizes a Gerrit host URL by adding https:// if no protocol is provided
+ * and removing trailing slashes
+ *
+ * @param host - The host URL to normalize (e.g., "gerrit.example.com" or "https://gerrit.example.com")
+ * @returns The normalized URL with protocol and without trailing slash
+ *
+ * @example
+ * normalizeGerritHost("gerrit.example.com") // returns "https://gerrit.example.com"
+ * normalizeGerritHost("gerrit.example.com:8080") // returns "https://gerrit.example.com:8080"
+ * normalizeGerritHost("http://gerrit.example.com") // returns "http://gerrit.example.com"
+ * normalizeGerritHost("https://gerrit.example.com/") // returns "https://gerrit.example.com"
+ */
+export const normalizeGerritHost = (host: string): string => {
+  let normalized = host.trim()
+
+  // Add https:// if no protocol provided
+  if (!normalized.startsWith('http://') && !normalized.startsWith('https://')) {
+    normalized = `https://${normalized}`
+  }
+
+  // Remove trailing slash
+  normalized = normalized.replace(/\/$/, '')
+
+  return normalized
+}
+
+/**
+ * Validates if a string is a valid Gerrit change identifier
+ *
+ * @param changeId - The change ID to validate
+ * @returns true if it looks like a valid change ID
+ */
+export const isValidChangeId = (changeId: string): boolean => {
+  const trimmed = changeId.trim()
+
+  if (trimmed.length === 0) {
+    return false
+  }
+
+  // Numeric change IDs (most common)
+  if (/^\d+$/.test(trimmed)) {
+    return parseInt(trimmed, 10) > 0
+  }
+
+  // Change-Id format (starts with 'I' followed by exactly 40 hex characters)
+  if (/^I[a-f0-9]{40}$/.test(trimmed)) {
+    return true
+  }
+
+  // Reject strings with whitespace
+  if (/\s/.test(trimmed)) {
+    return false
+  }
+
+  // Reject negative numbers or other invalid formats
+  if (trimmed.startsWith('-')) {
+    return false
+  }
+
+  // Topic branches or other identifiers (at least 1 character, no whitespace)
+  return trimmed.length > 0
+}