Fix handling of non-string values from repository properties API by mbg · Pull Request #3557 · github/codeql-action (original) (raw)

@@ -86,14 +126,6 @@ export async function loadPropertiesFromApi(

}

if (isKnownPropertyName(property.property_name)) {

// Only validate the type of `value` if this is a property we care about, to avoid throwing

// on unrelated properties that may use representations we do not support.

if (typeof property.value !== "string") {

throw new Error(

`Expected repository property '${property.property_name}' to have a string value, but got: ${JSON.stringify(property)}`,

);

}

setProperty(properties, property.property_name, property.value, logger);

}

}

@@ -119,14 +151,30 @@ export async function loadPropertiesFromApi(

}

}

/** Update the partial set of repository properties with the parsed value of the specified property. */

/**

* Validate that `value` has the correct type for `K` and, if so, update the partial set of repository

* properties with the parsed value of the specified property.

*/

function setProperty(

properties: RepositoryProperties,

name: K,

value: string,

value: RepositoryPropertyValue,

logger: Logger,

): void {

properties[name] = repositoryPropertyParsers[name](name, value, logger);

const propertyOptions = repositoryPropertyParsers[name];

// We perform the validation here for two reasons:

// 1. This function is only called if `name` is a property we care about, to avoid throwing

// on unrelated properties that may use representations we do not support.

// 2. The `propertyOptions.validate` function checks that the type of `value` we received from

// the API is what expect and narrows the type accordingly, allowing us to call `parse`.

if (propertyOptions.validate(value)) {

properties[name] = propertyOptions.parse(name, value, logger);

} else {

throw new Error(

`Unexpected value for repository property '${name}', got: ${JSON.stringify(value)}`,

);

}

}

/** Parse a boolean repository property. */