fix: improve CLI number validation and add regression tests#20697
fix: improve CLI number validation and add regression tests#20697alexander-akait merged 3 commits intowebpack:mainfrom
Conversation
Ensure numeric inputs are strictly validated against DECIMAL_NUMBER_REGEXP before conversion. Added tests to reject Infinity and hex values in watch options to prevent ambiguous parsing.
|
|
|
||
| /** @typedef {null | string | number | boolean | RegExp | EnumValue | []} ParsedValue */ | ||
|
|
||
| const DECIMAL_NUMBER_REGEXP = /^[+-]?(?:\d+\.?\d*|\.\d+)(?:e[+-]?\d+)?$/i; |
There was a problem hiding this comment.
I see a lot of untested chages around e and around (?:\d+\.?\d*|\.\d+) group
There was a problem hiding this comment.
Added tests for decimal forms (leading dot, trailing dot, explicit +) and scientific notation (e / E, optional +/- on exponent). Added negative cases for incomplete/invalid exponent and malformed decimals so the regexp behavior is fully covered.
Merging this PR will degrade performance by 20.29%
|
| Mode | Benchmark | BASE |
HEAD |
Efficiency | |
|---|---|---|---|---|---|
| ❌ | Memory | benchmark "many-modules-esm", scenario '{"name":"mode-production","mode":"production"}' |
7.6 MB | 9.5 MB | -20.29% |
| ⚡ | Memory | benchmark "future-defaults", scenario '{"name":"mode-production","mode":"production"}' |
9.6 MB | 8 MB | +21.16% |
| ⚡ | Memory | benchmark "lodash", scenario '{"name":"mode-development","mode":"development"}' |
5.3 MB | 4.1 MB | +29.59% |
Comparing phoekerson:main (bb711ae) with main (72598ef)
|
This PR is packaged and the instant preview is available (7bde8ab). Install it locally:
npm i -D webpack@https://pkg.pr.new/webpack@7bde8ab
yarn add -D webpack@https://pkg.pr.new/webpack@7bde8ab
pnpm add -D webpack@https://pkg.pr.new/webpack@7bde8ab |
2 participants
Ensure numeric inputs are strictly validated against DECIMAL_NUMBER_REGEXP before conversion. Added tests to reject Infinity and hex values in watch options to prevent ambiguous parsing.
Summary
This PR fixes CLI number parsing by strictly validating numeric string inputs with DECIMAL_NUMBER_REGEXP before converting them with Number(...).
It also adds regression tests to ensure ambiguous numeric formats like Infinity and hex values (e.g. 0x10) are rejected for watch options.
What kind of change does this PR introduce?
Bug fix (CLI argument validation improvement) + test coverage improvements.
Did you add tests for your changes?
Yes.
Added/updated tests in test/Cli.basictest.js:
valid decimal/scientific numeric string cases
invalid numeric edge cases
explicit rejection of Infinity and hex-style values in watch options
Does this PR introduce a breaking change?
No.
This change only tightens validation for invalid/ambiguous numeric CLI inputs and does not change valid input behavior.
If relevant, what needs to be documented once your changes are merged or what have you already documented?
No additional documentation is required.
CLI behavior for valid numeric inputs remains the same; invalid ambiguous formats are now consistently rejected.
Use of AI