-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add prefix to namespace #297
Conversation
Warning Rate limit exceeded@neekolas has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 20 minutes and 42 seconds before requesting another review. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. WalkthroughThe pull request introduces two main changes across two files. In Changes
Possibly related PRs
Suggested reviewers
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
🧹 Outside diff range and nitpick comments (2)
pkg/db/pgx.go (2)
74-75
: Consider sanitizing namespace value in error messageWhile including the invalid namespace in the error message improves debugging, consider sanitizing or truncating the value to prevent potential information disclosure.
Consider this approach:
- "namespace must start with a letter or underscore and contain only letters, numbers, and underscores. Instead is %s", - namespace, + "namespace must start with a letter or underscore and contain only letters, numbers, and underscores. Instead got: %.32s", + namespace,This ensures the error message won't expose more than 32 characters of potentially sensitive data.
Line range hint
16-16
: Critical: Namespace prefix incompatible with PostgreSQL identifier rulesThe new "xmtpd-" prefix in
BuildNamespace
contains a dash (-) character, which violates the PostgreSQL identifier rules enforced byisValidNamespace
. This will cause validation failures as the regex pattern^[a-zA-Z_][a-zA-Z0-9_]*$
only allows letters, numbers, and underscores.Consider these options:
- Use underscore instead of dash: "xmtpd_"
- Modify the validation regex to allow dashes
- Use a different namespace format that complies with PostgreSQL rules
Example fix for option 1:
- return fmt.Sprintf("xmtpd-%s", HexEncode(hash)[:12]) + return fmt.Sprintf("xmtpd_%s", HexEncode(hash)[:12])Also applies to: 74-75
c9e9bcf
to
d62d33f
Compare
tl;dr
Summary by CodeRabbit
New Features
Bug Fixes