Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Bug: CLI Argument parsing typos invokes other validates

See original GitHub issue

Expected Behavior

Not to validate the integrity by default via CLI command e.g.)

npx lockfile-lint --validate-https -validate-package-names --validate-integrity --path yarn.lock

Current Behavior

npx lockfile-lint --validate-https -validate-package-names --validate-integrity false --path yarn.lock

Always seems to validate the integrity is sha512

Possible Solution

Steps to Reproduce (for bugs)

Run npx lockfile-lint --validate-https -validate-package-names --validate-integrity --path yarn.lock with a lockfile that is using sha1 integrity

Have also tried passing false as an aargument to --validate-integrity which also did not work

Context

Your Environment

Library Version used: 4.9.5
Node.js version (e.g. Node.js 5.4): 16
Operating System and version (desktop or mobile): MacOS 12.6

Issue Analytics

State:
Created a year ago
Comments:9 (6 by maintainers)

Top GitHub Comments

1reaction

wingy3181commented, Oct 8, 2022

@yoavain want to look into it if there’s something specifically to do to improve that?

@wingy3181 alright, well, sounds like if you don’t have a typo then this isn’ really an outstanding issue though, right?

yep correct…well kind of… obviously there was a typo with missing - and i needed to turn that off anyway because of the use of artifactory where i am at… but as @yoavain found there was still an issue with the fact it was validating the integrity with the typo which was a bit weird…

anyway thanks to you both for looking at it…

1reaction

yoavaincommented, Oct 6, 2022

I think this is a general issue. I believe the bug is in the following logic:

if (supportedValidators.has(commandArgument)) {
    const validatorItem = supportedValidators.get(commandArgument)
    validators.push({
      name: validatorItem,
      values: commandValue,
      options: {
        emptyHostname: config['empty-hostname'],
        allowedHosts: config['allowed-hosts'],
        allowedUrls: config['allowed-urls']
      }
    })
  }

The first line means that if a boolean parameter exists, the validator is added, regardless of the value true/false. (The commandValue is passed as values to the validator, but the validator will be executed)

If I have time, I’ll try to open a PR during the weekend

Top Results From Across the Web

Yet another command line argument parser: bpaf 0.5.2 : r/rust

Hi, I want to share my command line argument parser library: ... friendly error messages when parsing fails: suggested names with typos, ...

Getting Real with Command Line Arguments and go-flags

One is that the parser is implicitly the top-level command, and subcommands are directly attached to it (via the AddCommand calls). Another thing...

docopt creates beautiful command-line interfaces - GitHub

The option parser is generated based on the docstring above that is passed to docopt function. docopt parses the usage pattern ( "Usage:...

jsonargparse — jsonargparse documentation

This package is an extension to python's argparse which simplifies parsing of configuration options from command line arguments, json configuration files ...

argparse tutorial - manpages.ubuntu!

Parsing command line arguments :parse([args]) method of the Parser class ... failed") Usage: script.lua [-h] Error: manual argument validation failed Help ...