Sync from internal repository #190
Conversation
* Update README.md to reflect new branding and enhance documentation structure * Enhance EarthDaily Python Client examples documentation and quick start guide - Updated GALLERY_HEADER.md to provide a structured overview of available examples and getting started instructions. - Improved quick_start.py to demonstrate client initialization, STAC item searching, and error handling with clearer messaging and detailed item exploration. - Added requirements and usage patterns to facilitate user onboarding and understanding of the EarthDaily Python client capabilities. * Add python-dotenv dependency and update examples to support .env file loading - Added python-dotenv as a dependency in pyproject.toml for environment variable management. - Updated example scripts to load environment variables from a .env file, enhancing usability and flexibility for users. - Improved documentation in examples to clarify the requirement for .env file usage. * Bump version to 1.0.0b15 in pyproject.toml GitOrigin-RevId: ed495f607940596cb51709b8aa31624dc0068406
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| "MockResolver1", | ||
| (AssetResolver,), | ||
| { | ||
| "can_handle": lambda self, url: "domain1.com" in url, |
Check failure
Code scanning / CodeQL
Incomplete URL substring sanitization High test
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, the can_handle method in the mocked resolver should use a proper URL parsing mechanism to validate the host of the URL. Specifically, the urlparse function from Python's urllib.parse module can be used to extract the hostname from the URL, and the check can then ensure that the hostname matches the expected domain.
The changes will involve replacing the substring check "domain1.com" in url with a check that uses urlparse(url).hostname == "domain1.com". This ensures that the domain is correctly validated based on the structure of the URL.
| @@ -3,2 +3,3 @@ | ||
| from unittest.mock import patch | ||
| from urllib.parse import urlparse | ||
|
|
||
| @@ -79,3 +80,3 @@ | ||
| { | ||
| "can_handle": lambda self, url: "domain1.com" in url, | ||
| "can_handle": lambda self, url: urlparse(url).hostname == "domain1.com", | ||
| "get_download_url": lambda self, url: f"modified-{url}", |
| "MockResolver2", | ||
| (AssetResolver,), | ||
| { | ||
| "can_handle": lambda self, url: "domain2.com" in url, |
Check failure
Code scanning / CodeQL
Incomplete URL substring sanitization High test
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, we need to replace the substring check "domain2.com" in url with a more robust check that ensures the hostname of the URL matches the intended domain. This can be achieved by parsing the URL using Python's urllib.parse module and verifying the hostname explicitly. This approach aligns with best practices for URL validation and avoids the pitfalls of substring checks.
The changes will involve:
- Importing
urlparsefromurllib.parseif not already imported. - Modifying the
can_handlelambda function formock_resolver2to parse the URL and check the hostname.
| @@ -3,2 +3,3 @@ | ||
| from unittest.mock import patch | ||
| from urllib.parse import urlparse | ||
|
|
||
| @@ -89,3 +90,3 @@ | ||
| { | ||
| "can_handle": lambda self, url: "domain2.com" in url, | ||
| "can_handle": lambda self, url: urlparse(url).hostname == "domain2.com", | ||
| "get_download_url": lambda self, url: f"modified-{url}", |
imanshafiei540
deleted the
earthdaily-python-sync-ed495f607940596cb51709b8aa31624dc0068406
branch
1 participant
Automated Sync from Internal Repository
Changes in this sync:
Breaking Changes:
Automated sync from internal repository. Please review and update the changelog above before merging.