-
Notifications
You must be signed in to change notification settings - Fork 966
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Trusted publishing: surface pending publisher name collisions #16260
base: main
Are you sure you want to change the base?
Conversation
Hey @twm, FYI our general policy is to not review draft PRs unless explicitly asked -- let us know if you have any questions here, otherwise we will wait for this to become ready to review. |
595eed9
to
66a2c83
Compare
Hi @di, thanks for approving the build! Some connectivity issues are making it difficult to get things working locally so it's very helpful. I'll remove the draft status when I'm ready for review! |
db324f3
to
2ab2a55
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @di, this is ready for review now!
ed79c6b
to
7033c15
Compare
4065562
to
9cdb4ab
Compare
a8ede89
to
2182f86
Compare
CREATE INDEX pending_project_name_ultranormalized | ||
ON pending_oidc_publishers (ultranormalize_name(project_name)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I opted against CREATE INDEX CONCURRENTLY
here because the original migration didn't use it and I expect that there are orders of magnitude fewer pending_oidc_publishers
rows than projects
rows.
2182f86
to
79daaed
Compare
Hi @di, this is ready again. I'd appreciate a review within a few days if you can, as I keep having to rebase through conflicts. |
79daaed
to
0787590
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just one last comment, otherwise LGTM!
warehouse/packaging/services.py
Outdated
or_( | ||
func.normalize_pep426_name(PendingOIDCPublisher.project_name) | ||
== func.normalize_pep426_name(project.name), | ||
func.ultranormalize_name(PendingOIDCPublisher.project_name) | ||
== func.ultranormalize_name(project.name), | ||
), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the 'ultranormalized' set will include all of the 'normalized' matches as well? This or_
condition might not be necessary.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought it safer to match on both since there is no formal relationship between the functions that guarantees that to be the case, but I will drop it per your preference.
0787590
to
c59f318
Compare
0c19353
to
13bd1d3
Compare
Hi @di, sorry for losing track of this. I've addressed your comment and merged forward. |
ac2cafd
to
18bfa3f
Compare
Extract the distribution name validation logic into a separate function for reuse elsewhere.
Co-authored-by: Dustin Ingram <di@users.noreply.github.com>
18bfa3f
to
2902664
Compare
Provide up-front validation of the project name within a pending publisher by:
ProjectService.create_project
to a newProjectService.check_project_name
routineProjectService.create_project
to callcheck_project_name
ProjectService
into the forms in place ofProjectFactory
.Fixes #16226.