refactor(serve): add custom parser function for --port option#44
Conversation
Signed-off-by: ysknsid25 <kengo071225@gmail.com>
Signed-off-by: ysknsid25 <kengo071225@gmail.com>
|
Hi @ysknsid25, thank you for creating the pull request. (For instance, when using it as a simple server within Docker) Provided the user possesses the necessary permissions, I see no particular reason why they should not be able to specify ports below 1024. |
Signed-off-by: ysknsid25 <kengo071225@gmail.com>
|
Thank you for reviewing, @usualoma
Yes, that's right. I fixed port range 👍 |
|
@ysknsid25 when the port specification is incorrectI'd also like to hear @yusukebe's opinion, but I think that if the port specification is incorrect, it's better to terminate abnormally rather than fall back to the default (7070) port. or zeroIt's difficult to say whether there's a specific use case, but since ‘specifying 0 for the port number causes the OS to automatically assign an available ephemeral port’ is a common behaviour supported by many operating systems, it seems acceptable for hono cli to accept this (as it does currently). values other than numerical onesThis is also the case on the current main branch, and it's not an issue specific to this pull request, but if we decide to implement validation, I believe we'll need to determine how to handle values such as the following. |
|
Hi @ysknsid25 thank you for the PR!
I totally agree with the two things @usualoma said.
I think treating |
Signed-off-by: ysknsid25 <kengo071225@gmail.com>
|
|
||
| await program.parseAsync(['node', 'test', 'serve', '-p', '0']) | ||
|
|
||
| expect(mockServe).toHaveBeenCalledWith( |
There was a problem hiding this comment.
Should I implement mockserve to be more like serve??🤔
For example,
- When mock receives 0, mock returns 12345.
- When mock receives others port number, mock returns itself.
|
Hi @ysknsid25, thank you for update! In the comments below, there is an opinion that if an invalid value is passed to |
Sorry, I was misunderstanding!!😭 I'll fix it🙇🙇🙇 |
src/utils/validator.ts
Outdated
| if (!/^\d+$/.test(value)) { | ||
| throw new Error(`Includes non-digit characters in ${value}\n`) | ||
| } | ||
| } |
There was a problem hiding this comment.
We also believe that the limit option of search should also be treated 2048GM as an invalid value, so we have provided consistent validation.
However, I have new worries... please give me opinion.
About also -1, hoge, We would like to treate as invalid value?
There was a problem hiding this comment.
I see.
I think "limit for search" and "port for serve" are slightly different in nature.
--limit for search
- Falling back to a value different from the specified one still returns meaningful results (at least more meaningful than an abnormal termination)
- Falling back to a value different from the specified one does not cause security issues
--port for serve
- Falling back to a different value may cause the server to listen on an unintended port, potentially unnoticed by the user (though sometimes meaningful, it causes confusion)
- Falling back to a different value may cause a development server to be exposed externally on an unintended port. While extremely rare, this could potentially lead to security issues
That's how I see it, so I don't think we need to force them together. But if -1 or hoge is specified for limit, I think it should still be an abnormal termination.
There was a problem hiding this comment.
Well, if it doesn't confuse users or pose any security issues, I don't think it's necessary to spend that much time addressing it.
There was a problem hiding this comment.
Regarding --port 99999, I believe it should return an error rather than fall back to 7070, as it causes user confusion for the reasons stated above.
There was a problem hiding this comment.
Thank you for your advice. Please re-review 🙏
Signed-off-by: ysknsid25 <kengo071225@gmail.com>
ysknsid25
force-pushed
the
refactor/add-custom-parser-function-for-port-option
branch
from
2bd60b1 to
613e3a0
Compare
|
@ysknsid25 Thank you for putting in so much effort. It looks great to me! |
|
Sorry to be late! Looks good. This seems to be a "refactor", but the behavior is slightly changed. So I'll release a new version with this change. Thanks! |
|
The test fails: https://github.com/honojs/cli/actions/runs/19797511278/job/56720018892 Can you work on fixing it? I think you should fix the mocking. |
3 participants
Continued from #41