Skip to content

fix: enforce removal before copying library files#2765

Merged
JoeWang1127 merged 8 commits intomainfrom
fix/enforce-src
Nov 3, 2025
Merged

fix: enforce removal before copying library files#2765
JoeWang1127 merged 8 commits intomainfrom
fix/enforce-src

Conversation

@JoeWang1127
Copy link
Copy Markdown
Contributor

@JoeWang1127 JoeWang1127 commented Nov 3, 2025

Fixes #2593

@codecov
Copy link
Copy Markdown

codecov bot commented Nov 3, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 66.66667% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 86.93%. Comparing base (2984d7a) to head (ca2d376).
⚠️ Report is 2 commits behind head on main.

Files with missing lines Patch % Lines
internal/librarian/generate_command.go 0.00% 0 Missing and 1 partial ⚠️
internal/librarian/release_stage.go 0.00% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2765   +/-   ##
=======================================
  Coverage   86.93%   86.93%           
=======================================
  Files         118      118           
  Lines        9901     9903    +2     
=======================================
+ Hits         8607     8609    +2     
  Misses        915      915           
  Partials      379      379

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@JoeWang1127
Copy link
Copy Markdown
Contributor Author

JoeWang1127 commented Nov 3, 2025

/gemini review

gemini-code-assist[bot]
gemini-code-assist bot reviewed Nov 3, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a failOnExistingFile flag to the copyLibraryFiles function to prevent accidental file overwrites. This is now enforced during the cleanAndCopyLibrary process, ensuring that files are properly removed before being copied. The other call sites have been correctly updated to bypass this new check. The changes are logical and include a relevant test case for the new functionality. I have one suggestion to improve the error message for better diagnostics.

@JoeWang1127
Copy link
Copy Markdown
Contributor Author

JoeWang1127 commented Nov 3, 2025

/gemini review

gemini-code-assist[bot]
gemini-code-assist bot reviewed Nov 3, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a failOnExistingFile flag to the copyLibraryFiles function to prevent accidental file overwrites, which is a good improvement for ensuring correctness. The changes are logically sound and include a relevant test case for the new error condition. However, the implementation of the file existence check introduces a race condition (TOCTOU), which I've detailed in a specific comment. Addressing this would make the fix more robust.

@JoeWang1127 JoeWang1127 marked this pull request as ready for review November 3, 2025 20:55
@JoeWang1127 JoeWang1127 requested a review from a team as a code owner November 3, 2025 20:55
miguelvelezsa
miguelvelezsa reviewed Nov 3, 2025
View reviewed changes
miguelvelezsa
miguelvelezsa reviewed Nov 3, 2025
View reviewed changes
miguelvelezsa
miguelvelezsa reviewed Nov 3, 2025
View reviewed changes
@JoeWang1127 JoeWang1127 merged commit d5ac6c8 into main Nov 3, 2025
10 of 11 checks passed
@JoeWang1127 JoeWang1127 deleted the fix/enforce-src branch November 3, 2025 21:55
@cloud-sdk-librarian-robot cloud-sdk-librarian-robot mentioned this pull request Nov 6, 2025
Closed
@ldetmer ldetmer mentioned this pull request Nov 6, 2025
Merged
ldetmer added a commit that referenced this pull request Nov 6, 2025
@ldetmer
chore: librarian release pull request: 20251106T145301Z (#2808)
f360e18 
PR created by the Librarian CLI to initialize a release. Merging this PR
will auto trigger a release.

Librarian Version: not available
Language Image:
us-central1-docker.pkg.dev/cloud-sdk-librarian-prod/images-prod/librarian-release-container:latest
<details><summary>librarian: 1.0.0</summary>

##
[1.0.0](v0.5.0...v1.0.0)
(2025-11-06)

### Features

* Remove `..._gax` dependency (#2713)
([01675b7](01675b72))

* add context to Librarian PRs (#2698)
([0523329](0523329a))

* add a package comment linter (#2712)
([1bd3e32](1bd3e32e))

* generate pom.xml files (#2682)
([50b95f2](50b95f20))

* add test-container test logic (#2656)
([514cf7e](514cf7e5))

* improve rust-publish logging (#2671)
([585ed50](585ed50b))

* write a timing log at the end of update-image (#2771)
([5fc9e3b](5fc9e3b6))

* migrate Java container from sdk-platform-java (#2670)
([69ac47f](69ac47fd))

* switch to original head after running update-image (#2696)
([7a3e404](7a3e404a))

* format bulk commit from other sources in release notes (#2665)
([7c52da2](7c52da2b))

* enable multi-version API generation (#2699)
([86c5250](86c52507))

* release stage to update pom.xml files (#2772)
([be56755](be567550))

* use proto presence info to generate null-safe code (#2726)
([e36fb81](e36fb81a))

* Base messages in google_cloud_protobuf (#2660)
([e607ea6](e607ea63))

### Bug Fixes

* retry Github 503 requests up to 3 times (#2650)
([09468fa](09468faf))

* Changed docs to ConfigurationException (#2697)
([0950c1e](0950c1e3))

* fix the reference to the old &#34;librariangen&#34; folder (#2677)
([09dc53f](09dc53fe))

* run godoclint via golangci-lint (#2751)
([264a6a0](264a6a0e))

* pass context as the first argument (#2769)
([298a3bd](298a3bd8))

* Move HTTP client creation to `_gax` (#2672)
([4968d63](4968d63d))

* deduplicate bulk commits (#2758)
([4dfae9a](4dfae9ae))

* Support additional api paths for an existing library (#2666)
([50046f5](50046f55))

* remove stray TODO (#2748)
([5072f0e](5072f0e0))

* omit status field when empty (#2654)
([572ae4f](572ae4f3))

* use T.Context in tests (#2768)
([7e7cd2d](7e7cd2dd))

* wrap error to provide more context for commitAndPush (#2767)
([a2a41a4](a2a41a4a))

* use t.Fatal in tests for proper failure handling (#2759)
([cdabb28](cdabb287))

* enforce removal before copying library files (#2765)
([d5ac6c8](d5ac6c87))

* change log level to debug (#2798)
([f042d0b](f042d0bd))

* change path to `doc.go` in docgen test (#2700)
([fd6bae4](fd6bae40))

### Documentation

* use consistent library id in flags and examples (#2770)
([87a1005](87a10056))

</details>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zhumin8 zhumin8 zhumin8 approved these changes

+2 more reviewers

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

@miguelvelezsa miguelvelezsa miguelvelezsa approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

librarian: file copying doesn't enforce previous file removal

3 participants

@JoeWang1127 @zhumin8 @miguelvelezsa