feat: 使用 source-map-parser-node 包进行处理代码解析#20
Merged
Conversation
- Fixed operating_guide tool to read from README.md instead of external directory - Added URL validation to prevent SSRF attacks in fetchSourceMapContent - Improved error message sanitization to avoid exposing internal details - Fixed method name typo (praseStack -> parseStack) - Added JSON validation for external package responses - Updated build configuration for WebAssembly support - Added TypeScript declarations for source_map_parser_node package
MasonChow
changed the title
|
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #20 +/- ##
==========================================
- Coverage 20.06% 17.64% -2.43%
==========================================
Files 4 5 +1
Lines 294 340 +46
Branches 19 20 +1
==========================================
+ Hits 59 60 +1
- Misses 233 278 +45
Partials 2 2 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR refactors the source map parsing implementation to use the source_map_parser_node npm package instead of a local WASM-based parser. The changes include removing external WASM files, updating build configuration for WASM support, and adding security improvements like URL validation and error message sanitization.
- Replace local WASM parser with
source_map_parser_nodenpm package - Add security enhancements including URL validation and error message sanitization
- Update build configuration to support WASM plugins and manage dependencies
Reviewed Changes
Copilot reviewed 9 out of 15 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| vite.config.mjs | Added WASM plugins and updated external dependencies configuration |
| src/server.ts | Changed documentation file path and added error message sanitization |
| src/parser.ts | Replaced local WASM parser with npm package and added security validations |
| src/main.ts | Renamed main function to stdio |
| src/external/ | Removed local WASM parser files and external directory |
| package.json | Added source_map_parser_node dependency and WASM build plugins |
| build.sh | Removed external directory copying logic |
Comments suppressed due to low confidence (1)
src/parser.ts:1
- The regex pattern for sanitizing error messages is too restrictive and may remove important debugging information like parentheses, brackets, or quotes that could be helpful for developers. Consider a more balanced approach that removes only potentially sensitive patterns while preserving useful debugging context.
import * as sourceMapParser from 'source_map_parser_node';
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.