Skip to content

Consolidate more XML parsing, FileLike usages #7054

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
XingY merged 3 commits into from
Sep 20, 2025
Merged

Consolidate more XML parsing, FileLike usages #7054

XingY merged 3 commits into from
Sep 20, 2025

Conversation

@XingY
Copy link
Contributor

@XingY XingY commented Sep 18, 2025
edited
Loading

Rationale

Addressing a few warnings.

Related Pull Requests

Changes

  • set more feature flag for DOCUMENT_BUILDER_FACTORY
  • update more usages to use DOCUMENT_BUILDER_FACTORY
  • add return value for FileUtil.deleteDir

@XingY XingY mentioned this pull request Sep 18, 2025
Merged
@XingY XingY requested a review from Copilot September 19, 2025 22:00
Copilot AI reviewed Sep 19, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR consolidates XML parsing configuration and enhances file utility functionality by standardizing security features and improving return value handling.

  • Replaces direct DocumentBuilderFactory usage with XmlBeansUtil.DOCUMENT_BUILDER_FACTORY for consistent security configuration
  • Adds additional security features to DOCUMENT_BUILDER_FACTORY initialization
  • Updates FileUtil.deleteDir to return boolean success status instead of void

Reviewed Changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
search/src/org/labkey/search/model/LuceneSearchServiceImpl.java Replace direct DocumentBuilderFactory usage with XmlBeansUtil.DOCUMENT_BUILDER_FACTORY
query/src/org/labkey/query/olap/rolap/RolapReader.java Consolidate XML parsing to use XmlBeansUtil.DOCUMENT_BUILDER_FACTORY in two methods
query/src/org/labkey/query/ModuleQueryMetadataDef.java Replace manual DocumentBuilderFactory configuration with XmlBeansUtil.DOCUMENT_BUILDER_FACTORY
pipeline/src/org/labkey/pipeline/api/ParamParserImpl.java Standardize XML parsing to use XmlBeansUtil.DOCUMENT_BUILDER_FACTORY
api/src/org/labkey/api/util/XmlBeansUtil.java Add two additional security features to DOCUMENT_BUILDER_FACTORY configuration
api/src/org/labkey/api/util/JunitUtil.java Remove unused tidyAsDocument method and related imports
api/src/org/labkey/api/util/FileUtil.java Change deleteDir method to return boolean success status and track deletion results

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

api/src/org/labkey/api/util/FileUtil.java Outdated
}
}

return false;
Copy link

Copilot AI Sep 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This return statement is unreachable because the method will either return from within the if block or throw an IOException. The return false at the end suggests the method should return false when the directory doesn't exist, but this contradicts the logic since a non-existent directory should be considered successfully 'deleted'.

Suggested change
return false;
return true;

Copilot uses AI. Check for mistakes.
labkey-jeckels
labkey-jeckels approved these changes Sep 19, 2025
View reviewed changes
pipeline/src/org/labkey/pipeline/api/ParamParserImpl.java
try
{
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setValidating(false);
Copy link
Contributor

@labkey-jeckels labkey-jeckels Sep 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we're setting this on the centralized factory. Probably OK to not have this scenario disable it, but calling it out in case you hadn't already considered it too.

Copy link
Contributor Author

@XingY XingY Sep 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've checked and false seems the default setting.

@XingY XingY merged commit 6b55ef3 into develop Sep 20, 2025
11 checks passed
@XingY XingY deleted the fb_fileLikeAndXML branch September 20, 2025 00:17
XingY added a commit that referenced this pull request Sep 22, 2025
@XingY
Consolidate more XML parsing, FileLike usages (#7054)
5ec139b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@labkey-jeckels labkey-jeckels labkey-jeckels approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@XingY @labkey-jeckels