action #64412
closedcoordination #154768: [saga][epic][ux] State-of-art user experience for openQA
coordination #154771: [epic] Improved test developer user experience
Get rid of eval in OpenQA::WebAPI::Plugin::HashedParams
Description
Problem¶
This plugin is a helper to receive nested data structures, as it can turn query parameters like
"settings[FOO][BAR]=baz"
into a data structure.
It is used only in the OpenQA::WebAPI::Controller::API::V1::Table.
The code removes unsafe characters and creates perl code which is then loaded with eval.
Suggestion¶
- The code could probably be replaced without
eval, so we wouldn't need to clean the input. - The Table API endpoints could also be changed to accept JSON instead, and we could get rid of the whole module.
Updated by tinita 5 months ago
- Related to action #166310: Replace jquery ajax calls with fetch API size:M added
Updated by dheidler 5 months ago
- Status changed from Feedback to In Progress
Now let's fix some tests and have a look at the template tests.
As discussed in daily, let's see if we can update the loadtemplate script and make this change unnoticed by users of this feature as they are using that script and not the API directly.
Updated by dheidler 5 months ago
- Status changed from Resolved to Feedback
Partial revert to ensure that an updated load-templates script is rolled out when switching of the old api.
https://github.com/os-autoinst/openQA/pull/5993
Updated by dheidler 5 months ago
- Status changed from Feedback to Blocked
Let's wait two weeks for load-templates to flow downstream and then remove backwards compatibility from the API:
https://github.com/os-autoinst/openQA/pull/5994
Updated by livdywan 5 months ago
dheidler wrote in #note-12:
Let's wait two weeks for load-templates to flow downstream and then remove backwards compatibility from the API:
https://github.com/os-autoinst/openQA/pull/5994
Did you notify community on mailing list/matrix/GitHub? I don't see anything there 🤔