Skip to content

Commit cf76025

Browse files
authored
fix: relax validation for non-HTTP URLs (#2147)
Signed-off-by: tdruez <tdruez@aboutcode.org>
1 parent 4735b9b commit cf76025

4 files changed

Lines changed: 12 additions & 6 deletions

File tree

scanpipe/models.py

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2012,9 +2012,10 @@ def fetch(self):
20122012
if not self.download_url:
20132013
raise ValueError("No `download_url` value to be fetched.")
20142014

2015-
is_safe_and_available = fetch.check_url(self.download_url)
2016-
if not is_safe_and_available:
2017-
raise ValidationError(f"Could not fetch: {self.download_url}")
2015+
if self.download_url.startswith("http"):
2016+
is_safe_and_available = fetch.check_url(self.download_url)
2017+
if not is_safe_and_available:
2018+
raise ValidationError(f"Could not fetch: {self.download_url}")
20182019

20192020
downloaded = fetch.fetch_url(url=self.download_url)
20202021
destination = self.project.move_input_from(downloaded.path)

scanpipe/pipes/fetch.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -457,5 +457,5 @@ def check_url(url):
457457

458458
def check_urls_availability(urls):
459459
"""Check the safety and accessibility of a list of URLs."""
460-
errors = [url for url in urls if not check_url(url)]
460+
errors = [url for url in urls if not check_url(url) if url.startswith("http")]
461461
return errors

scanpipe/tests/pipes/test_fetch.py

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -334,10 +334,14 @@ def test_scanpipe_pipes_fetch_check_url(self, mock_head, mock_gethostbyname):
334334
def test_scanpipe_pipes_fetch_check_urls_availability(
335335
self, mock_head, mock_gethostbyname
336336
):
337-
urls = [
337+
http_urls = [
338338
"https://example.com/file.zip",
339339
"https://example.com/archive.tar.gz",
340340
]
341+
urls = http_urls + [
342+
"docker://image",
343+
"pkg:npm/name@version",
344+
]
341345

342346
# All URLs safe and accessible
343347
mock_gethostbyname.return_value = "93.184.216.34"
@@ -346,4 +350,4 @@ def test_scanpipe_pipes_fetch_check_urls_availability(
346350

347351
# All URLs fail
348352
mock_head.side_effect = requests.exceptions.RequestException
349-
self.assertEqual(urls, fetch.check_urls_availability(urls))
353+
self.assertEqual(http_urls, fetch.check_urls_availability(urls))

scanpipe/tests/test_models.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2888,6 +2888,7 @@ def test_scanpipe_create_from_scorecard_data(self):
28882888
self.assertEqual(check.reason, expected["reason"])
28892889
self.assertEqual(check.details, expected["details"] or [])
28902890

2891+
@override_settings(TIME_ZONE="UTC")
28912892
def test_scanpipe_parse_score_date(self):
28922893
"""Test parse_score_date with valid, invalid, and custom date formats."""
28932894
# Valid date formats

0 commit comments

Comments
 (0)