-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
V2 to v3 merge #2864
V2 to v3 merge #2864
Conversation
Grammar correction.
* chore(encryptcookie)!: update default config docs(encryptcookie): enhance documentation and examples BREAKING CHANGE: removed the hardcoded "csrf_" from the Except. * docs(encryptcookie): reads or modifies cookies * chore(encryptcookie): csrf config example * docs(encryptcookie): md table spacing
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* middleware/logger: Log client IP address by default. * Update doc.
* Revert "Revert ":bug: requestid.Config.ContextKey is interface{} (#2369)" (#2742)" This reverts commit 28be17f. * fix: request ContextKey default value condition Should check for `nil` since it is `any`. * fix: don't constrain middlewares' context-keys to strings `context` recommends using "unexported type" as context keys to avoid collisions https://pkg.go.dev/github.com/gofiber/fiber/v2#Ctx.Locals. The official go blog also recommends this https://go.dev/blog/context. `fiber.Ctx.Locals(key any, value any)` correctly allows consumers to use unexported types or e.g. strings. But some fiber middlewares constrain their context-keys to `string` in their "default config structs", making it impossible to use unexported types. This PR removes the `string` _constraint_ from all middlewares, allowing to now use unexported types as per the official guidelines. However the default value is still a string, so it's not a breaking change, and anyone still using strings as context keys is not affected.
Update app.md for indentation
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](google/uuid@v1.4.0...v1.5.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
changing default log output Closes #2729
fix wrong hooks signature
…ig when AllowedOrigins is empty (#2771)
* redirect with query params did not work, fix it and add test for it * redirect middleware - fix test typo
* ✨ feat: add liveness and readiness checkers * 📝 docs: add docs for liveness and readiness * ✨ feat: add options method for probe checkers * ✅ tests: add tests for liveness and readiness * ♻️ refactor: change default endpoint values * ♻️ refactor: change default value for liveness endpoint * 📝 docs: add return status for liveness and readiness probes * ♻️ refactor: change probechecker to middleware * 📝 docs: move docs to middleware session * ♻️ refactor: apply gofumpt formatting * ♻️ refactor: remove unused parameter * split config and apply a review * apply reviews and add testcases * add benchmark * cleanup * rename middleware * fix linter * Update docs and config values * Revert change to IsReady * Updates based on code review * Update docs to match other middlewares --------- Co-authored-by: Muhammed Efe Cetin <[email protected]> Co-authored-by: Juan Calderon-Perez <[email protected]> Co-authored-by: Juan Calderon-Perez <[email protected]>
- add more Parser tests
fix default value to false in docs of QueryBool
# Conflicts: # .github/pull_request_template.md # .github/release-drafter.yml # app.go # ctx.go # docs/api/middleware/basicauth.md # docs/api/middleware/csrf.md # docs/api/middleware/encryptcookie.md # docs/api/middleware/keyauth.md # docs/api/middleware/logger.md # docs/api/middleware/requestid.md # go.mod # go.sum # middleware/adaptor/adaptor_test.go # middleware/basicauth/config.go # middleware/cors/cors_test.go # middleware/csrf/config.go # middleware/csrf/csrf.go # middleware/idempotency/idempotency.go # middleware/keyauth/config.go # middleware/logger/config.go # middleware/logger/logger.go # middleware/redirect/redirect.go # middleware/requestid/config.go # middleware/requestid/requestid_test.go
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great job done by @gofiber/contributors and @gofiber/maintainers! Congratulations to all involved. I have a few comments to add. See you later!
Co-authored-by: Renan Bastos <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Besides this, I dont see anything that sticks out that hasnt been mentioned before
@coderabbitai review |
Warning Rate Limit Exceeded@ReneWerner87 has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 16 minutes and 23 seconds before requesting another review. How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. WalkthroughThese updates focus on enhancing code clarity, consistency, and error handling across various components of a project. Key improvements include grammar corrections in contribution guidelines, clearer pull request templates, syntax fixes in scripts, and refined context management in Go files. Middleware tests and documentation have also been updated to reflect these changes, ensuring a more robust and maintainable codebase. Changes
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 24
Configuration used: CodeRabbit UI
Files selected for processing (40)
- .github/CONTRIBUTING.md (1 hunks)
- .github/pull_request_template.md (3 hunks)
- .github/scripts/sync_docs.sh (1 hunks)
- app.go (2 hunks)
- app_test.go (4 hunks)
- bind_test.go (37 hunks)
- ctx_interface.go (3 hunks)
- ctx_test.go (197 hunks)
- docs/api/app.md (2 hunks)
- docs/api/ctx.md (2 hunks)
- docs/api/middleware/cors.md (2 hunks)
- docs/api/middleware/encryptcookie.md (4 hunks)
- docs/api/middleware/healthcheck.md (1 hunks)
- docs/api/middleware/logger.md (1 hunks)
- docs/api/middleware/timeout.md (5 hunks)
- docs/guide/hooks.md (5 hunks)
- log/default.go (3 hunks)
- log/default_test.go (5 hunks)
- middleware/adaptor/adaptor.go (3 hunks)
- middleware/adaptor/adaptor_test.go (8 hunks)
- middleware/cors/cors.go (5 hunks)
- middleware/cors/cors_test.go (7 hunks)
- middleware/cors/utils.go (1 hunks)
- middleware/cors/utils_test.go (1 hunks)
- middleware/csrf/csrf_test.go (6 hunks)
- middleware/encryptcookie/config.go (1 hunks)
- middleware/healthcheck/config.go (1 hunks)
- middleware/healthcheck/healthcheck.go (1 hunks)
- middleware/healthcheck/healthcheck_test.go (1 hunks)
- middleware/logger/config.go (2 hunks)
- middleware/logger/tags.go (1 hunks)
- middleware/redirect/redirect.go (1 hunks)
- middleware/redirect/redirect_test.go (2 hunks)
- middleware/session/session_test.go (16 hunks)
- middleware/session/store_test.go (5 hunks)
- middleware/timeout/timeout.go (1 hunks)
- middleware/timeout/timeout_test.go (2 hunks)
- redirect_test.go (19 hunks)
- router.go (1 hunks)
- router_test.go (2 hunks)
Files not summarized due to errors (1)
- ctx_test.go: Error: Message exceeds token limit
Files skipped from review due to trivial changes (3)
- .github/CONTRIBUTING.md
- .github/pull_request_template.md
- docs/api/middleware/encryptcookie.md
Additional comments: 115
middleware/timeout/timeout.go (3)
- 11-12: The introduction of custom errors in the
New
function enhances the middleware's flexibility, allowing developers to specify which errors should trigger afiber.ErrRequestTimeout
response. This is a positive change that improves the middleware's usability in diverse scenarios.- 12-12: The removal of the
once
synchronization and deprecation notice, as mentioned in the summary, simplifies the middleware's logic. This change likely improves the readability and maintainability of the code. However, it's important to ensure that the removal ofonce
synchronization does not introduce any concurrency issues or regressions in functionality.- 12-12: Simplifying the logic for handling timeouts by directly integrating timeout context creation within the
New
function streamlines the middleware's operation. This approach reduces complexity and enhances the middleware's performance by minimizing overhead.middleware/redirect/redirect.go (1)
- 33-37: Appending the query string to the redirect URL if it exists is a valuable enhancement. It ensures that important query parameters are not lost during the redirection process. This change improves the middleware's usability and aligns with common expectations for redirect behavior.
middleware/encryptcookie/config.go (1)
- 39-39: Changing the
Except
field in theConfig
struct to an empty array by default is a sensible change that enhances security. By encrypting all cookies by default, it ensures that sensitive information is protected unless explicitly exempted. This change aligns with secure by default principles.middleware/healthcheck/healthcheck.go (1)
- 9-62: The implementation of the health check middleware introduces a structured approach to managing liveness and readiness probes. The configuration options and the separation of concerns between liveness and readiness checks are well-designed. This addition enhances the framework's capabilities in production environments, especially in container orchestration systems where such probes are essential.
.github/scripts/sync_docs.sh (1)
- 29-30: Correcting the syntax error in the if statement related to handling a release event is a necessary fix that ensures the script functions as intended during release events. This change improves the reliability of the documentation synchronization process.
middleware/timeout/timeout_test.go (1)
- 20-20: Updating the test cases to use the
New
function instead ofNewWithContext
reflects the changes made to thetimeout
middleware. This ensures that the tests accurately assess the middleware's behavior with the updated implementation. It's important to verify that these changes cover all relevant timeout scenarios.middleware/session/store_test.go (1)
- 25-25: Replacing
app.NewCtx
withapp.AcquireCtx
in the test cases aligns with the Fiber framework's context management best practices. This change likely improves the performance of the test suite by reusing context objects and reduces the overhead of context creation.middleware/healthcheck/config.go (1)
- 7-84: The
Config
struct for thehealthcheck
middleware provides a comprehensive set of configuration options, including custom liveness and readiness probes and endpoints. The default settings ensure that the middleware can operate effectively with minimal configuration, which is beneficial for ease of use and quick setup. This design promotes flexibility and extensibility.docs/api/middleware/timeout.md (1)
- 94-94: The documentation update provides a clear example of using the
timeout
middleware with custom errors, demonstrating the new capabilities introduced by the changes to theNew
function. This example enhances the documentation by showing a practical use case that leverages the middleware's updated functionality.middleware/cors/utils.go (2)
- 15-44: Renaming
matchSubdomain
tovalidateDomain
and updating its logic to handle wildcard subdomain patterns and normalize domains improves the middleware's flexibility and accuracy in domain matching. This enhancement is crucial for correctly implementing CORS policies, especially in scenarios involving subdomains. The approach taken here aligns with best practices for domain validation in CORS configurations.- 61-84: The introduction of
normalizeOrigin
to validate and normalize origins is a valuable addition. It ensures that origins are correctly formatted and normalized before being used in CORS checks. This function enhances the middleware's robustness by preventing potential issues related to origin format inconsistencies.docs/api/middleware/healthcheck.md (1)
- 1-106: The documentation for the
healthcheck
middleware effectively explains the purpose, configuration, and usage of the middleware. It provides clear examples and detailed configuration options, enabling users to easily understand how to implement liveness and readiness probes in their Fiber applications. This documentation is well-structured and comprehensive, covering all necessary aspects of the middleware.middleware/logger/config.go (2)
- 31-31: The addition of
${ip}
and${error}
to the default logging format enhances the logging capabilities by including IP address and error information, which can be crucial for debugging and monitoring. Ensure that the rest of the logging system is prepared to handle and display these new fields appropriately.- 112-112: The update to
defaultFormat
to include${ip}
and${error}
aligns with the change in theConfig
struct'sFormat
field. This ensures consistency in the default logging behavior across the application. It's a good practice to include such information for better traceability and debugging.docs/guide/hooks.md (7)
- 38-38: Changing the receiver type from
App
toHooks
in theOnRoute
function documentation correctly reflects the code changes. This update should help users understand the new way to use hooks within the framework.- 50-50: The update in the
OnName
function documentation to useHooks
as the receiver type is accurate and aligns with the framework's evolution. It's important that the documentation keeps pace with such changes to avoid confusion.- 107-107: The documentation change for the
OnGroup
function, specifyingHooks
as the receiver, is clear and necessary for guiding users on the updated usage of hooks.- 119-119: Updating the
OnGroupName
function documentation to reflect the receiver change toHooks
ensures consistency and clarity in the framework's documentation, aiding developers in correctly implementing hooks.- 127-127: The
OnListen
function documentation update, indicating the change toHooks
as the receiver, is crucial for developers to understand the new hook implementation method. This change should be highlighted in migration guides for the version upgrade.- 161-161: The documentation update for the
OnFork
function, showingHooks
as the new receiver type, is accurate and helps maintain the documentation's relevance and usefulness for developers.- 169-169: Correctly updating the
OnShutdown
function documentation to useHooks
as the receiver type is essential for clear and accurate developer guidance on using hooks in the updated framework version.middleware/adaptor/adaptor.go (3)
- 90-90: Setting the host in the request header using
c.Request().Header.SetHost(r.Host)
ensures that the host information is correctly propagated through the middleware. This is important for maintaining the integrity of the request information as it passes through different layers of the application.- 143-143: Similarly, setting the host in the request header for the
req
instance withreq.Header.SetHost(r.Host)
is crucial for ensuring that the host information is accurately reflected in the converted request. This consistency is key for applications that rely on the host header for routing or other logic.- 163-163: Switching from
app.NewCtx(&fctx)
toapp.AcquireCtx(&fctx)
for acquiring a context is a significant change. This likely reflects an optimization or a change in how contexts are managed within the application. It's important to ensure that this change does not introduce any unintended side effects, especially in terms of memory management or context reuse.log/default.go (3)
- 34-36: Adding a panic trigger when the log level is
LevelPanic
in theprivateLog
method is a significant behavior change. This allows for immediate attention to critical issues but should be documented clearly to ensure developers are aware of the potential for panics in their applications due to logging calls.- 60-62: Similarly, the addition of a panic trigger in the
privateLogf
method when the log level isLevelPanic
aligns with the change inprivateLog
. It's crucial that this behavior is well-documented and that developers are made aware of how to use the panic log level appropriately.- 101-103: The inclusion of a panic trigger in the
privateLogw
method forLevelPanic
log level is consistent with the changes in the other logging methods. This consistency is good, but the potential impact of introducing panics through logging should be carefully considered and communicated to developers.middleware/redirect/redirect_test.go (2)
- 47-52: Adding a new middleware configuration for redirecting
/params
to/with_params
with a status code ofMovedPermanently
in the test setup is a good addition for testing the redirect functionality, especially in scenarios involving query parameters.- 113-118: The new test case for redirecting with query parameters is a valuable addition, ensuring that the redirect middleware correctly handles and preserves query parameters during the redirect process. This test enhances the coverage and robustness of the middleware's test suite.
docs/api/middleware/cors.md (4)
- 61-67: The addition of a warning about insecure configurations when
AllowOrigins
is set to "*" andAllowCredentials
is true is a good practice. It helps developers understand potential security risks.- 75-75: The update to
AllowOriginsFunc
documentation clarifies the dynamic evaluation of allowed origins and the implications of using wildcard origins withAllowCredentials
set to true. This is an important security consideration.- 79-79: The clarification added to
AllowCredentials
regarding its use with wildcard origins (*
) is crucial for preventing security vulnerabilities. It's good to see this explicitly mentioned in the documentation.- 76-76: No changes were made to the
AllowOrigins
documentation itself, but the context around it has been enhanced for better understanding of its interaction with other properties.middleware/cors/cors.go (2)
- 19-21: The update to the
AllowOriginsFunc
documentation within theConfig
struct provides clarity on the dynamic evaluation of allowed origins and the handling of wildcard origins whenAllowCredentials
is true. This is a valuable clarification for developers.- 46-47: The clarification added to
AllowCredentials
in theConfig
struct regarding its interaction with wildcard origins is important for security. It prevents misconfiguration that could lead to vulnerabilities.middleware/healthcheck/healthcheck_test.go (4)
- 30-45: The tests for strict routing with the default health check endpoints are well-structured and cover the expected behavior for both available and unavailable endpoints. It's good to see parallel execution and helper functions used for readability.
- 106-118: The default health check test is concise and covers the basic functionality. It's good to see the use of parallel execution and helper functions for asserting the status codes.
- 204-217: The test for the
Next
function in the health check middleware correctly verifies that the middleware can be skipped based on custom logic. This is an important feature for conditional middleware execution.- 219-236: The benchmark test for the health check middleware provides valuable insights into its performance characteristics. It's good practice to include such benchmarks for middleware components to understand their impact on application performance.
log/default_test.go (5)
- 31-44: The new test function
Test_WithContextCaller
correctly tests logging with context and caller information. The use of a custom writer to capture log output and the assertion for expected log format are well-implemented.- 58-71: The addition of panic handling in the
Test_DefaultLogger
function is a good practice to ensure that the logger behaves as expected in panic scenarios. The use of a deferred function to catch the panic and assert its occurrence is correctly implemented.- 92-105: Similar to the previous comment, the addition of panic handling in the
Test_DefaultFormatLogger
function ensures that formatted logging behaves correctly during panics. The approach to testing and asserting panic behavior is consistent and appropriate.- 128-141: The panic handling added to the
Test_CtxLogger
function is important for verifying that context-aware logging handles panics as expected. The methodology for testing and asserting is consistent with other tests and is correctly applied here.- 28-49: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [1-237]
Overall, the modifications and additions to the logger tests improve the coverage and robustness of the logging functionality. It's important to ensure that logging behaves correctly in various scenarios, including panics. The tests are well-structured and provide clear assertions for expected behavior.
docs/api/middleware/logger.md (1)
- 104-104: The addition of
${ip}
and${error}
tags to theFormat
property in theConfig
struct enhances the logging capabilities by including IP and error information in the logs. This change aligns with the objective of expanding the default logging format for requests. Ensure that the documentation clearly explains how to use these new tags and their expected output in the logs.middleware/logger/tags.go (1)
- 147-152: The update to the
TagError
function to conditionally apply colors to the error message based on theenableColors
flag enhances the readability of error logs when colors are enabled. This change is a good practice for improving log clarity and debugging experience. However, ensure that theenableColors
flag is properly managed and documented, as it directly affects the output of this function.middleware/cors/utils_test.go (4)
- 8-48: The test cases for
normalizeOrigin
cover a comprehensive range of scenarios, including handling of ports, paths, queries, fragments, and IPv6 addresses. This thorough testing ensures that thenormalizeOrigin
function behaves as expected across various valid and invalid origin formats. It's important to maintain this level of coverage as the function evolves.- 51-76: The test cases for
matchScheme
effectively assess whether the function correctly handles scheme matching, including cases with scheme mismatches, port differences, and localhost/IP address handling. These tests are crucial for ensuring that the CORS middleware accurately matches schemes as part of its security checks.- 79-114: The
validateOrigin
test cases provide a good coverage of domain and pattern matching scenarios, including exact matches, scheme mismatches, port differences, and wildcard subdomain handling. This ensures that the CORS middleware correctly validates origins against specified patterns, which is fundamental for CORS security.- 117-145: The test cases for
normalizeDomain
cover various scenarios, including handling of schemes, ports, paths, queries, fragments, and different types of domains (e.g., localhost, IPv4, IPv6). These tests ensure that the domain normalization logic is robust and handles a wide range of inputs correctly.middleware/adaptor/adaptor_test.go (5)
- 38-39: The introduction of a new type
contextKeyType
forexpectedContextKey
is a good practice for type safety and readability when working with context values. This change helps prevent potential type mismatches and makes the code more self-documenting.- 90-90: Switching from
NewCtx
toAcquireCtx
andReleaseCtx
inTest_HTTPHandler
is a significant improvement in terms of resource management. This change ensures that the context is properly acquired and released, which is crucial for avoiding memory leaks and ensuring efficient resource utilization.- 118-118: Adding
const expectedHost = "foobar.com"
inTest_HTTPMiddleware
and settingreq.Host = expectedHost
in various test cases is a good practice for consistency and maintainability. It centralizes the host value, making it easier to update if needed and ensuring that all related tests use the same host value.- 245-246: Asserting both
expectedHost
and the base URL intestFiberToHandlerFunc
is a thorough approach to testing, ensuring that the host is correctly set and that the base URL is constructed as expected. This level of detail in testing is commendable and contributes to the reliability of the code.- 302-302: Modifying the signature of
setFiberContextValueMiddleware
to acceptkey
andvalue
asany
type is a flexible approach that allows for a wider range of context values to be set. However, it's important to ensure that the type ofkey
used here is compatible with the way context values are retrieved elsewhere in the application to avoid runtime errors.Verification successful
The usage of the
Locals
method across various files in the application, as shown in the script output, confirms that the application consistently handles thekey
asany
type. This aligns with the modified signature ofsetFiberContextValueMiddleware
and suggests that the application is designed to effectively manage context values with flexiblekey
types. Therefore, the concern raised in the review comment about ensuring the compatibility of thekey
type used withsetFiberContextValueMiddleware
across the application is addressed by the consistent handling ofkey
asany
type in the usage ofLocals
.Scripts Executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash # Verify that the key type used with setFiberContextValueMiddleware is consistently handled across the application. rg --type go 'Locals\('Length of output: 2817
docs/api/app.md (2)
- 96-96: Changing the function signature in the
Static
struct fromfunc(c *Ctx) bool
tofunc(c Ctx) bool
in the documentation aligns with the Fiber framework's convention of passing context by value rather than by pointer. This change improves consistency and follows Go's best practices for receiver types that are small, immutable, or intended to be copied.- 208-208: Correcting the indentation in the
main
function example whereapi.Get("/bar", handler).Name("bar")
was indented properly enhances the readability of the documentation. Consistent indentation is crucial for maintaining the clarity and professionalism of the documentation, making it easier for users to understand and follow the examples.middleware/session/session_test.go (1)
- 625-625: In the benchmark test,
app.AcquireCtx(&fasthttp.RequestCtx{})
is used for context acquisition, andapp.ReleaseCtx(c)
is correctly used to release the context. This is a good practice and aligns with the recommendations made for other test functions.The correct use of
defer app.ReleaseCtx(c)
in this context demonstrates proper resource management.redirect_test.go (19)
- 24-24: The change from
NewCtx
toAcquireCtx
inTest_Redirect_To
is consistent with the PR's objective to update context management strategy. This should ensure more efficient resource handling.- 44-44: In
Test_Redirect_Route_WithParams
, the use ofAcquireCtx
aligns with the updated context acquisition strategy. It's important to ensure that all tests are updated to reflect this change for consistency.- 63-63: The update to
AcquireCtx
inTest_Redirect_Route_WithParams_WithQueries
is correctly applied. The detailed check on query parameters ordering is a good practice for ensuring test reliability.- 87-87:
Test_Redirect_Route_WithOptionalParams
correctly usesAcquireCtx
, which is in line with the new context management approach. Consistency across tests is crucial for maintainability.- 106-106: The application of
AcquireCtx
inTest_Redirect_Route_WithOptionalParamsWithoutValue
demonstrates attention to detail in updating context acquisition methods across all relevant tests.- 121-121: In
Test_Redirect_Route_WithGreedyParameters
, the switch toAcquireCtx
is correctly implemented. This change is part of the broader update to context handling in the framework.- 140-140:
Test_Redirect_Back
's adoption ofAcquireCtx
is in line with the updated context management strategy. The test's structure and assertions remain clear and understandable.- 162-162: The use of
AcquireCtx
inTest_Redirect_Back_WithReferer
correctly reflects the new approach to context acquisition. The test's focus on theReferer
header is a good detail.- 181-181: In
Test_Redirect_Route_WithFlashMessages
, the explicit type assertion to*DefaultCtx
after usingAcquireCtx
is noteworthy. Ensure that this type assertion is safe and necessary for the test's context.- 204-204:
Test_Redirect_Route_WithOldInput
also uses the type assertion to*DefaultCtx
. It's important to verify that these assertions are consistently applied across tests where needed.- 232-232: The function
Test_Redirect_setFlash
correctly usesAcquireCtx
and includes a type assertion. This test specifically checks the flash message functionality, which is critical for user feedback mechanisms.- 339-339: In the benchmark
Benchmark_Redirect_Route
, the use ofAcquireCtx
and the type assertion to*DefaultCtx
are applied correctly. Benchmarks are essential for assessing performance impacts of changes.- 366-366:
Benchmark_Redirect_Route_WithQueries
correctly implements the updated context acquisition method. The detailed analysis of query parameters is a good practice for ensuring accuracy in benchmarks.- 398-398: The benchmark
Benchmark_Redirect_Route_WithFlashMessages
usesAcquireCtx
appropriately. The test for cookie values is crucial for verifying flash message functionality.- 427-427: In
Benchmark_Redirect_setFlash
, the use ofAcquireCtx
and subsequent operations are correctly implemented. This benchmark is important for evaluating the performance of flash message handling.- 456-456:
Benchmark_Redirect_Messages
correctly usesAcquireCtx
and tests the retrieval of flash messages. Consistency in using the updated context acquisition method across benchmarks is good practice.- 481-481: The benchmark
Benchmark_Redirect_OldInputs
usesAcquireCtx
correctly and tests the functionality of retrieving old input values. This is important for user experience in form submissions.- 506-506: In
Benchmark_Redirect_Message
, the use ofAcquireCtx
and the focus on a single flash message retrieval are correctly implemented. This benchmark helps assess the efficiency of message handling.- 531-531:
Benchmark_Redirect_OldInput
correctly implements the updated context acquisition strategy and tests the retrieval of a specific old input value. This is crucial for form handling and user feedback.middleware/cors/cors_test.go (9)
- 37-37: The test
Test_CORS_Negative_MaxAge
correctly sets theMaxAge
to-1
and validates that theAccess-Control-Max-Age
header is returned as"0"
. This aligns with the intent to test negative values forMaxAge
and ensures compliance with CORS specifications.- 74-104: The test
Test_CORS_Wildcard
effectively validates various CORS configurations, including wildcard origins, credentials, and custom headers. It's well-structured and covers important scenarios for CORS handling. However, it's important to ensure that the test environment is isolated to prevent side effects from parallel test execution.- 71-116: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [106-132]
The test
Test_CORS_Origin_AllowCredentials
is designed to validate the handling of credentials with specific origins. It correctly sets up the CORS configuration and asserts the expected headers. This test is crucial for ensuring that credentials are handled securely in CORS scenarios.
- 146-169: The test
Test_CORS_Wildcard_AllowCredentials_Panic
checks for a panic whenAllowOrigins
is set to*
andAllowCredentials
istrue
, which is a security risk. This test is important for ensuring the middleware prevents insecure configurations. It's well-implemented and serves as a good safety check.- 172-193: The test
Test_CORS_Invalid_Origin_Panic
aims to verify that the middleware panics when an invalid origin (missing scheme) is provided. This test ensures that the middleware enforces correct origin formats, contributing to overall security.- 285-287: The test case within
Test_CORS_AllowOriginScheme
that checks for a very long subdomain pattern is an interesting edge case. It's good to see such thorough testing, but ensure that this scenario is realistic and relevant to the application's expected use cases to avoid unnecessary complexity in tests.- 420-422: In
Test_CORS_AllowOriginsFunc
, the test validates that theAllow-Origin
header is correctly set based on a custom function. This is a key feature for dynamic origin validation. The test is clear and effectively demonstrates the functionality.- 438-557: The test
Test_CORS_AllowOriginsAndAllowOriginsFunc_AllUseCases
thoroughly covers various configurations ofAllowOrigins
andAllowOriginsFunc
. It's well-organized and uses table-driven tests, which are excellent for readability and maintainability. This approach is highly recommended for testing multiple scenarios efficiently.- 559-647: The test
Test_CORS_AllowCredentials
covers various scenarios related to theAllowCredentials
configuration. It's crucial for ensuring the correct behavior of credentials handling in CORS policies. The use of table-driven tests here is again a good practice, enhancing the test suite's clarity and maintainability.ctx_interface.go (2)
- 443-450: The
AcquireCtx
method now takes a*fasthttp.RequestCtx
parameter, which is a significant change as it directly affects how contexts are acquired and initialized. This change ensures that the context is always initialized with a request context, which is a good practice for consistency and avoiding nil pointer dereferences. However, ensure that all calls toAcquireCtx
throughout the codebase have been updated to pass the required*fasthttp.RequestCtx
parameter.- 473-473: The explicit call to
setReq
within theReset
method ofDefaultCtx
ensures that the request context is properly set every time a context is reset. This is a good practice for maintaining the integrity of the context state across requests. However, it's important to review the implementation ofsetReq
to ensure it correctly handles all aspects of the request context, including any potential edge cases or error conditions.router_test.go (2)
- 654-654: The usage of
AcquireCtx
has been updated to explicitly pass therequest
parameter. This change aligns with the PR's objective to update context management strategies. However, it's important to ensure that this change does not affect the benchmark's intention or accuracy. The comment//nolint:errcheck, forcetypeassert // not needed
indicates that error checking and type assertion are intentionally skipped, which is common in benchmarks for performance reasons. However, in a production environment, it's crucial to handle potential errors fromAcquireCtx
to prevent runtime panics.- 835-835: Similar to the previous comment, the update to
AcquireCtx
here is part of the PR's broader effort to refine context management. The explicit passing of thec
context parameter is a good practice, ensuring clarity and consistency in how contexts are acquired in benchmark tests. The same considerations regarding error handling and type assertion apply here as well. It's also worth noting the loop structure used for benchmarking, which is standard practice for Go benchmarks. The use ofapp.ReleaseCtx(ctx)
at the end of each iteration is crucial for releasing resources and preventing memory leaks during the benchmark.middleware/csrf/csrf_test.go (6)
- 82-82: The use of
defer app.ReleaseCtx(app.AcquireCtx(ctx))
immediately after acquiring a context is a good practice for ensuring that resources are properly released. However, it's important to ensure that the context is not used after it has been released, as this could lead to undefined behavior.- 85-85: Acquiring a new context for the session store with
store.Get(app.AcquireCtx(ctx))
is correct. This ensures that each test case operates with a fresh context, aligning with best practices for test isolation and resource management.- 91-91: Setting a cookie on the acquired context with
app.AcquireCtx(ctx).Request().Header.SetCookie("_session", newSessionIDString)
is appropriate. This simulates a real-world scenario where a session cookie would be present in the request. It's crucial for the test to mimic actual usage patterns accurately.- 215-215: Similar to the previous comment, using
defer app.ReleaseCtx(app.AcquireCtx(ctx))
ensures that the context is released after the test execution. This is crucial for avoiding memory leaks and ensuring that resources are managed efficiently.- 717-719: The pattern of acquiring a context, performing an operation, and then handling errors within the same block is correctly implemented here. However, it's essential to ensure that
HandlerFromContext
andDeleteToken
functions are designed to handle the context correctly, especially since the context is acquired specifically for these operations.- 784-786: This segment follows the same pattern as the previous comment, with the context being acquired for the purpose of deleting a CSRF token. It's important to ensure that the
DeleteToken
function is idempotent and handles the context correctly, as misuse could lead to unexpected behavior or resource leaks.app.go (2)
- 499-499: The change from
app.NewCtx(&fasthttp.RequestCtx{})
toapp.newCtx()
in theNew
function simplifies context creation by directly utilizing the pool mechanism without the need for an explicitfasthttp.RequestCtx
parameter. This adjustment is positive as it streamlines the context acquisition process and potentially reduces the chance for errors or misuse of the context creation function. However, ensure that thenewCtx
function is properly implemented to handle context creation with all necessary initializations as before.- 1074-1074: The modification in the
serverErrorHandler
function to useapp.AcquireCtx(fctx)
for acquiringCtx
directly from the pool is a significant improvement. This change ensures that the context is efficiently reused and managed, which can lead to better performance and resource utilization. It's crucial to verify that theAcquireCtx
andReleaseCtx
methods are correctly managing the lifecycle of the context objects to prevent any memory leaks or incorrect context data due to improper reuse.bind_test.go (6)
- 26-26: The change from
NewCtx
toAcquireCtx
is consistent with the PR's objective to update context acquisition methods. This is a positive change for resource management.- 292-292: The use of
AcquireCtx
inTest_Bind_Header
follows the systematic update in context acquisition methods. This ensures consistency across the test suite.- 1512-1512: Registering a custom binder using
app.RegisterCustomBinder(customBinder)
demonstrates flexibility in handling different content types. This is a good practice for extending the framework's capabilities.- 1536-1536: Using
Must()
inTest_Bind_Must
for enforcing required fields is a good practice for input validation. It simplifies error handling by directly setting the response status code and message.- 1576-1576: The integration of a custom struct validator in
Test_Bind_StructValidator
showcases the framework's support for custom validation logic. This is beneficial for implementing domain-specific validation rules.- 1591-1591: Reusing the same struct
Request
for parsing query parameters, headers, and body content inTest_Bind_RepeatParserWithSameStruct
demonstrates the binder's versatility. This approach reduces the need for multiple structs when handling different parts of a request.app_test.go (3)
- 317-317: The change from
NewCtx
toAcquireCtx
is noted. This aligns with the PR's objective to update context management strategies. Ensure that all instances where a context is acquired or released are updated accordingly to maintain consistency across the codebase.- 327-327: Similar to the previous comment, the use of
AcquireCtx
here is consistent with the updated context management strategy. It's important to verify that the context is properly released after its use to avoid memory leaks.- 1403-1403: The addition of an argument in the
Reset
method call within theBenchmark_AcquireCtx
function is not visible in the provided code. However, it's crucial to ensure that theReset
method's signature across the codebase is updated to match this change. This might involve updating the method definition and all its calls to include the new argument.docs/api/ctx.md (2)
- 1438-1443: The documentation for
ParamsParser
method has been updated to include examples of handling query parameters with and without enabling splitting on parsers. This is a valuable addition for developers to understand how to use theParamsParser
method effectively. However, it's important to ensure that the examples provided are clear and accurately reflect the behavior of the method under different configurations.- 1453-1456: The note about parser settings in the
fiber.Config
is a helpful addition, guiding developers to further configuration options. It's crucial that this link is correct and leads to the relevant section of the documentation. Ensuring that developers have easy access to related configuration options enhances the usability of the documentation.ctx_test.go (4)
- 4968-4974: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [4971-4978]
The test
Test_Ctx_GetRespHeaders
correctly asserts the functionality ofGetRespHeaders
method. It verifies that all response headers, including those set viaSet
method and directly on theResponse().Header
, are correctly retrieved as a map. The use of emojis in header values is a good test for ensuring character encoding is handled properly.
- 4986-4992: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [4989-5007]
The benchmark
Benchmark_Ctx_GetRespHeaders
is well-structured and tests the performance of theGetRespHeaders
method under repeated calls. It properly resets the timer after setup to ensure only the execution time of the method is measured. The use ofb.ReportAllocs()
is good practice for memory allocation tracking.
- 5011-5017: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [5014-5024]
The test
Test_Ctx_GetReqHeaders
effectively validates theGetReqHeaders
method, ensuring it accurately retrieves all request headers as a map. This includes headers set directly on theRequest().Header
. The test also checks for the correct handling of multiple values for the same header name, which is crucial for headers likeAccept-Encoding
.
- 5029-5035: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [5032-5050]
The benchmark
Benchmark_Ctx_GetReqHeaders
is correctly implemented to measure the performance of theGetReqHeaders
method. It ensures the setup phase is not included in the time measurement by resetting the timer. Including memory allocation tracking withb.ReportAllocs()
is a good practice for performance testing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 0
Configuration used: CodeRabbit UI
Files selected for processing (4)
- middleware/cors/cors.go (5 hunks)
- middleware/healthcheck/healthcheck_test.go (1 hunks)
- middleware/session/session_test.go (16 hunks)
- router.go (1 hunks)
Files skipped from review as they are similar to previous changes (4)
- middleware/cors/cors.go
- middleware/healthcheck/healthcheck_test.go
- middleware/session/session_test.go
- router.go
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 0
Configuration used: CodeRabbit UI
Files selected for processing (1)
- middleware/proxy/proxy_test.go (1 hunks)
Additional comments: 3
middleware/proxy/proxy_test.go (3)
- 302-302: The sleep duration in the
Test_Proxy_Timeout_Slow_Server
function has been reduced to 300 milliseconds. This change seems to be in line with the objective to adjust timeout values for the test. However, ensure that this reduced sleep time still effectively tests the timeout behavior as intended.- 309-309: The timeout for the proxy in the
Test_Proxy_Timeout_Slow_Server
function has been adjusted to 600 milliseconds. This change is appropriate for testing the proxy's timeout handling capabilities. It's important to verify that this timeout setting aligns with the expected behavior and that the test accurately reflects scenarios that users might encounter.- 312-312: The test request timeout has been modified to 2000 milliseconds. This adjustment seems reasonable and should provide ample time for the request to complete, considering the proxy's configured timeout. It's crucial to ensure that this test timeout does not inadvertently mask issues with the proxy's timeout handling.
use http.NoBody instead of nil
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 1
Configuration used: CodeRabbit UI
Files selected for processing (33)
- .golangci.yml (1 hunks)
- app_test.go (59 hunks)
- bind_test.go (41 hunks)
- ctx_test.go (218 hunks)
- middleware/adaptor/adaptor_test.go (9 hunks)
- middleware/basicauth/basicauth_test.go (3 hunks)
- middleware/cache/cache_test.go (32 hunks)
- middleware/compress/compress_test.go (8 hunks)
- middleware/cors/cors_test.go (9 hunks)
- middleware/csrf/csrf_test.go (10 hunks)
- middleware/earlydata/earlydata_test.go (1 hunks)
- middleware/encryptcookie/encryptcookie_test.go (2 hunks)
- middleware/envvar/envvar_test.go (1 hunks)
- middleware/etag/etag_test.go (9 hunks)
- middleware/expvar/expvar_test.go (6 hunks)
- middleware/favicon/favicon_test.go (8 hunks)
- middleware/filesystem/filesystem_test.go (7 hunks)
- middleware/healthcheck/healthcheck_test.go (1 hunks)
- middleware/helmet/helmet_test.go (8 hunks)
- middleware/idempotency/idempotency_test.go (1 hunks)
- middleware/keyauth/keyauth_test.go (9 hunks)
- middleware/limiter/limiter_test.go (19 hunks)
- middleware/logger/logger_test.go (21 hunks)
- middleware/pprof/pprof_test.go (11 hunks)
- middleware/proxy/proxy_test.go (23 hunks)
- middleware/recover/recover_test.go (4 hunks)
- middleware/redirect/redirect_test.go (3 hunks)
- middleware/requestid/requestid_test.go (4 hunks)
- middleware/rewrite/rewrite_test.go (1 hunks)
- middleware/skip/skip_test.go (4 hunks)
- middleware/timeout/timeout_test.go (5 hunks)
- mount_test.go (2 hunks)
- router_test.go (24 hunks)
Files not summarized due to errors (1)
- ctx_test.go: Error: Message exceeds token limit
Files skipped from review due to trivial changes (4)
- middleware/earlydata/earlydata_test.go
- middleware/envvar/envvar_test.go
- middleware/idempotency/idempotency_test.go
- middleware/rewrite/rewrite_test.go
Files skipped from review as they are similar to previous changes (10)
- app_test.go
- bind_test.go
- middleware/adaptor/adaptor_test.go
- middleware/cors/cors_test.go
- middleware/csrf/csrf_test.go
- middleware/healthcheck/healthcheck_test.go
- middleware/proxy/proxy_test.go
- middleware/redirect/redirect_test.go
- middleware/timeout/timeout_test.go
- router_test.go
Additional comments: 116
middleware/skip/skip_test.go (2)
- 4-4: The addition of the
net/http
import is necessary for the subsequent use ofhttp.NoBody
in test requests. This is a good practice for clarity and safety in HTTP request handling.- 21-21: Replacing
nil
withhttp.NoBody
inhttptest.NewRequest
calls across the test functions (Test_Skip
,Test_SkipFalse
,Test_SkipNilFunc
) improves the explicitness of the request's intention not to send a body. This is a positive change for code readability and safety.Also applies to: 34-34, 47-47
middleware/recover/recover_test.go (2)
- 4-4: Importing
net/http
for the use ofhttp.NoBody
is a good practice, enhancing the clarity of HTTP request creation in tests.- 28-28: The replacement of
nil
withhttp.NoBody
inhttptest.NewRequest
calls within the test functions (Test_Recover
,Test_Recover_Next
,Test_Recover_EnableStackTrace
) is a commendable change, making the test requests' intentions clearer and safer.Also applies to: 43-43, 59-59
middleware/requestid/requestid_test.go (2)
- 4-4: The addition of the
net/http
import for usinghttp.NoBody
in test requests is consistent with best practices, enhancing test code clarity and safety.- 23-23: Replacing
nil
withhttp.NoBody
inhttptest.NewRequest
calls within the test functions improves the clarity and intention of the test requests, aligning with best practices for HTTP request handling.Also applies to: 30-30, 49-49, 74-74
middleware/expvar/expvar_test.go (2)
- 6-6: Importing
net/http
to usehttp.NoBody
in test requests is a positive change, enhancing the clarity and safety of HTTP request handling in tests.- 24-24: The replacement of
nil
withhttp.NoBody
inhttptest.NewRequest
calls across various test functions related to expvar functionality is a commendable improvement, making the test requests' intentions clearer and safer.Also applies to: 43-43, 64-64, 85-85, 101-101
.golangci.yml (1)
- 165-170: The addition of an exclusion for the
bodyclose
linter for test files (_test\.go
) is a thoughtful change. It acknowledges the different contexts in which HTTP bodies are handled in tests versus production code. Just ensure that in test scenarios where it's important, explicit checks for body closure are still performed to avoid resource leaks.middleware/favicon/favicon_test.go (1)
- 27-39: Replacing
nil
withhttp.NoBody
in test requests is a good practice, as it explicitly indicates the absence of a request body. This change enhances clarity and ensures correct handling of theContent-Length
header. Good job on making these test cases more precise and understandable.Also applies to: 72-72, 92-92, 114-114, 131-131, 148-148, 184-184
middleware/filesystem/filesystem_test.go (1)
- 125-125: The update to use
http.NoBody
in place ofnil
for the request body in test cases is consistently applied and improves the clarity of these tests. This practice ensures that the intent of having no request body is explicitly communicated, which is beneficial for readability and correctness.Also applies to: 148-148, 161-161, 177-177, 205-205, 248-248
middleware/etag/etag_test.go (1)
- 25-25: The consistent replacement of
nil
withhttp.NoBody
across various test cases in this file is commendable. It clearly communicates the intention of having no request body and aligns with best practices for writing clear and correct test cases. This consistency across the project's test files is a positive step towards maintaining high code quality.Also applies to: 41-41, 57-57, 73-73, 106-106, 160-160, 218-218, 259-259
middleware/helmet/helmet_test.go (8)
- 21-21: Replacing
nil
withhttp.NoBody
in theapp.Test
call is a good practice for explicitly indicating that no request body is intended. This change improves code readability and aligns with the HTTP package's recommendations.- 65-65: The use of
http.NoBody
instead ofnil
for the request body in test cases is consistent and appropriate. It clarifies the intent of the test and ensures that the request body is explicitly defined as empty.- 110-110: Applying
http.NoBody
for the request body in this test case is correct and enhances the clarity of the test's intention. This change is consistent with best practices for handling HTTP requests in tests.- 145-145: The replacement of
nil
withhttp.NoBody
in the test request is a minor but meaningful improvement. It explicitly specifies that the request does not contain a body, which is a good practice for test clarity.- 149-149: Using
http.NoBody
for the request body in tests is a good practice. It makes the test cases more explicit and understandable, indicating that no request body is being sent.- 165-165: The change to use
http.NoBody
in the test request is appropriate and aligns with best practices for writing clear and explicit test cases. This ensures that the request body is intentionally empty.- 182-182: Replacing
nil
withhttp.NoBody
for the request body in this test case is a good practice. It explicitly indicates the absence of a request body and improves the readability and intention of the test.- 199-199: The consistent use of
http.NoBody
instead ofnil
for the request body across all test cases, including this one, is a good practice. It clarifies the test's intention and aligns with best practices for handling HTTP requests in tests.middleware/keyauth/keyauth_test.go (8)
- 288-288: The replacement of
nil
withhttp.NoBody
for the request body in this test case is a good practice. It explicitly indicates that the request does not contain a body, improving the clarity and intention of the test.- 300-300: Using
http.NoBody
instead ofnil
for the request body in this test case is appropriate and aligns with best practices for writing clear and explicit test cases. This ensures that the request body is intentionally empty.- 337-337: The change to use
http.NoBody
in the test request is appropriate and enhances the clarity of the test's intention. This is consistent with best practices for handling HTTP requests in tests.- 350-350: Replacing
nil
withhttp.NoBody
for the request body in this test case is a minor but meaningful improvement. It explicitly specifies that the request does not contain a body, which is a good practice for test clarity.- 363-363: The consistent use of
http.NoBody
instead ofnil
for the request body across all test cases, including this one, is a good practice. It clarifies the test's intention and aligns with best practices for handling HTTP requests in tests.- 397-397: Using
http.NoBody
for the request body in tests is a good practice. It makes the test cases more explicit and understandable, indicating that no request body is being sent.- 433-433: The replacement of
nil
withhttp.NoBody
in the test request is appropriate and aligns with best practices for writing clear and explicit test cases. This ensures that the request body is intentionally empty.- 445-445: The change to use
http.NoBody
in the test request is a good practice for explicitly indicating that no request body is intended. This change improves code readability and aligns with the HTTP package's recommendations.middleware/logger/logger_test.go (17)
- 41-41: Using
http.NoBody
instead ofnil
for the request body is a good practice as it explicitly indicates that the request does not have a body. This change improves the clarity and correctness of the test cases.- 74-74: The updates to use
http.NoBody
in these test cases are consistent and improve the readability and intention of the tests. It's a good practice to explicitly specify when a request does not include a body.Also applies to: 81-81, 88-88
- 104-104: Replacing
nil
withhttp.NoBody
for the request body in this test case is appropriate and aligns with best practices for HTTP request testing.- 125-125: The use of
http.NoBody
here is consistent with the improvements made across other test cases, ensuring clarity in the test's intention.- 140-140: The change to use
http.NoBody
is correctly applied here, enhancing the test case's explicitness regarding the absence of a request body.- 162-162: In both of these test cases, the switch to
http.NoBody
is a positive change, making the tests more explicit and readable.Also applies to: 177-177
- 198-198: The application of
http.NoBody
in this test case is consistent with the overall improvements in test clarity and correctness seen throughout the file.- 261-261: Using
http.NoBody
in these latency-related tests is a good practice, ensuring that the tests are focused on measuring latency without the ambiguity of request body handling.Also applies to: 303-303
- 331-331: The use of
http.NoBody
for the request body in this test case is appropriate and aligns with the improvements made in other test cases for clarity and correctness.- 359-359: In these response body tests, the use of
http.NoBody
is correctly applied, ensuring that the tests are clear in their intention and focus on the response body content.Also applies to: 367-367
- 391-391: The change to use
http.NoBody
in this test case is consistent with the overall improvements in test case clarity and correctness throughout the file.- 421-424: The use of
http.NoBody
in this data race test case is appropriate and aligns with the improvements made in other test cases for clarity and correctness. Additionally, the parallel execution of requests in this test case is a good practice for identifying potential data races.- 512-512: The application of
http.NoBody
in this test case is consistent with the overall improvements in test clarity and correctness seen throughout the file.- 533-533: In both of these test cases, the switch to
http.NoBody
is a positive change, making the tests more explicit and readable. It's good to see consistent improvements across the test cases.Also applies to: 556-556
- 586-586: The use of
http.NoBody
for the request body in this custom tag test case is appropriate and aligns with the improvements made in other test cases for clarity and correctness.- 629-629: The change to use
http.NoBody
in this streaming bytes sent test case is consistent with the overall improvements in test case clarity and correctness throughout the file.- 651-651: The application of
http.NoBody
in this test case is consistent with the overall improvements in test clarity and correctness seen throughout the file.mount_test.go (2)
- 460-460: The change from
nil
tohttp.NoBody
in thehttptest.NewRequest
call for aMethodGet
request is a good practice. It explicitly indicates that no request body is expected, which can help avoidnil
pointer dereferences in some HTTP handling scenarios.- 467-467: Similarly, using
http.NoBody
instead ofnil
for theMethodPost
request inhttptest.NewRequest
is a positive change. It ensures consistency across test cases and clarifies the intent that no body is being sent with the request.middleware/limiter/limiter_test.go (10)
- 37-37: The replacement of
nil
withhttp.NoBody
for the request body inapp.Test
calls is a good practice. It explicitly indicates that the request does not have a body, improving code readability and potentially avoidingnil
pointer dereferences within theapp.Test
function.- 53-53: Using
http.NoBody
inapp.Test
calls is consistent with best practices for HTTP requests without a body. This change ensures that the tests are more representative of real-world scenarios where an empty body is explicitly indicated.- 59-59: The consistent use of
http.NoBody
across tests, as seen here, helps maintain code quality and readability. It's a minor but meaningful improvement to the test codebase.- 83-83: Replacing
nil
withhttp.NoBody
in this context is appropriate and aligns with the changes made throughout the file. It ensures clarity in the request's intention of having no body.- 99-99: The application of
http.NoBody
for empty request bodies is consistent and beneficial for code clarity and potentially avoiding issues related to handlingnil
bodies.- 105-105: Continuing the pattern of using
http.NoBody
for requests without a body across different test scenarios is a good practice, enhancing the maintainability and readability of the test suite.- 130-130: The use of
http.NoBody
instead ofnil
for the request body in tests is a positive change, ensuring that the tests accurately represent requests intended to have no body.- 134-134: Adopting
http.NoBody
for indicating an empty request body across various test cases, as seen here, is a good practice that improves code readability and clarity.- 138-138: The consistent use of
http.NoBody
in test requests without a body is a minor but impactful improvement to the test code, enhancing its clarity and maintainability.- 144-144: Using
http.NoBody
for empty request bodies across all tests, including this one, is a good practice that aligns with modern HTTP request handling standards.middleware/cache/cache_test.go (52)
- 39-39: Replacing
nil
withhttp.NoBody
for the request body inhttptest.NewRequest
calls is a good practice. It explicitly indicates that the request does not intend to send any body, improving code readability and avoiding potentialnil
pointer dereferences.- 57-57: The use of
http.NoBody
in place ofnil
for the request body is consistent with best practices and enhances the clarity of the test's intent.- 65-65: Consistent application of
http.NoBody
instead ofnil
for request bodies across tests is noted and appreciated for its clarity and adherence to best practices.- 75-75: The replacement of
nil
withhttp.NoBody
in the request body is correctly applied, ensuring consistency and clarity in the test code.- 96-96: Using
http.NoBody
instead ofnil
for the request body in this test function is a good practice, enhancing code readability and safety.- 100-100: The consistent use of
http.NoBody
for indicating an empty request body across tests is noted and aligns well with best practices.- 124-124: Replacing
nil
withhttp.NoBody
for the request body inhttptest.NewRequest
calls is correctly applied here, enhancing the clarity and safety of the test code.- 134-134: The use of
http.NoBody
instead ofnil
for the request body in this test function is consistent with the improvements across the file, ensuring clarity and adherence to best practices.- 144-144: Consistent application of
http.NoBody
instead ofnil
for request bodies across tests is appreciated for its clarity and adherence to best practices.- 156-156: The replacement of
nil
withhttp.NoBody
in the request body is correctly applied, ensuring consistency and clarity in the test code.- 167-167: Using
http.NoBody
instead ofnil
for the request body in this test function is a good practice, enhancing code readability and safety.- 192-192: The consistent use of
http.NoBody
for indicating an empty request body across tests is noted and aligns well with best practices.- 203-203: Replacing
nil
withhttp.NoBody
for the request body inhttptest.NewRequest
calls is correctly applied here, enhancing the clarity and safety of the test code.- 212-212: The use of
http.NoBody
instead ofnil
for the request body in this test function is consistent with the improvements across the file, ensuring clarity and adherence to best practices.- 225-225: Consistent application of
http.NoBody
instead ofnil
for request bodies across tests is appreciated for its clarity and adherence to best practices.- 235-235: The replacement of
nil
withhttp.NoBody
in the request body is correctly applied, ensuring consistency and clarity in the test code.- 255-255: Using
http.NoBody
instead ofnil
for the request body in this test function is a good practice, enhancing code readability and safety.- 282-282: The consistent use of
http.NoBody
for indicating an empty request body across tests is noted and aligns well with best practices.- 315-315: Replacing
nil
withhttp.NoBody
for the request body inhttptest.NewRequest
calls is correctly applied here, enhancing the clarity and safety of the test code.- 319-319: The use of
http.NoBody
instead ofnil
for the request body in this test function is consistent with the improvements across the file, ensuring clarity and adherence to best practices.- 346-346: Consistent application of
http.NoBody
instead ofnil
for request bodies across tests is appreciated for its clarity and adherence to best practices.- 352-352: The replacement of
nil
withhttp.NoBody
in the request body is correctly applied, ensuring consistency and clarity in the test code.- 358-358: Using
http.NoBody
instead ofnil
for the request body in this test function is a good practice, enhancing code readability and safety.- 364-364: The consistent use of
http.NoBody
for indicating an empty request body across tests is noted and aligns well with best practices.- 388-388: Replacing
nil
withhttp.NoBody
for the request body inhttptest.NewRequest
calls is correctly applied here, enhancing the clarity and safety of the test code.- 394-394: The use of
http.NoBody
instead ofnil
for the request body in this test function is consistent with the improvements across the file, ensuring clarity and adherence to best practices.- 400-400: Consistent application of
http.NoBody
instead ofnil
for request bodies across tests is appreciated for its clarity and adherence to best practices.- 406-406: The replacement of
nil
withhttp.NoBody
in the request body is correctly applied, ensuring consistency and clarity in the test code.- 424-424: Using
http.NoBody
instead ofnil
for the request body in this test function is a good practice, enhancing code readability and safety.- 461-461: The consistent use of
http.NoBody
for indicating an empty request body across tests is noted and aligns well with best practices.- 466-466: Replacing
nil
withhttp.NoBody
for the request body inhttptest.NewRequest
calls is correctly applied here, enhancing the clarity and safety of the test code.- 473-473: The use of
http.NoBody
instead ofnil
for the request body in this test function is consistent with the improvements across the file, ensuring clarity and adherence to best practices.- 476-476: Consistent application of
http.NoBody
instead ofnil
for request bodies across tests is appreciated for its clarity and adherence to best practices.- 495-495: The replacement of
nil
withhttp.NoBody
in the request body is correctly applied, ensuring consistency and clarity in the test code.- 520-520: Using
http.NoBody
instead ofnil
for the request body in this test function is a good practice, enhancing code readability and safety.- 528-528: The consistent use of
http.NoBody
for indicating an empty request body across tests is noted and aligns well with best practices.- 541-541: Replacing
nil
withhttp.NoBody
for the request body inhttptest.NewRequest
calls is correctly applied here, enhancing the clarity and safety of the test code.- 564-564: The use of
http.NoBody
instead ofnil
for the request body in this test function is consistent with the improvements across the file, ensuring clarity and adherence to best practices.- 569-569: Consistent application of
http.NoBody
instead ofnil
for request bodies across tests is appreciated for its clarity and adherence to best practices.- 599-599: The replacement of
nil
withhttp.NoBody
in the request body is correctly applied, ensuring consistency and clarity in the test code.- 603-603: Using
http.NoBody
instead ofnil
for the request body in this test function is a good practice, enhancing code readability and safety.- 607-607: The consistent use of
http.NoBody
for indicating an empty request body across tests is noted and aligns well with best practices.- 611-611: Replacing
nil
withhttp.NoBody
for the request body inhttptest.NewRequest
calls is correctly applied here, enhancing the clarity and safety of the test code.- 628-628: The use of
http.NoBody
instead ofnil
for the request body in this test function is consistent with the improvements across the file, ensuring clarity and adherence to best practices.- 633-633: Consistent application of
http.NoBody
instead ofnil
for request bodies across tests is appreciated for its clarity and adherence to best practices.- 657-657: The replacement of
nil
withhttp.NoBody
in the request body is correctly applied, ensuring consistency and clarity in the test code.- 664-664: Using
http.NoBody
instead ofnil
for the request body in this test function is a good practice, enhancing code readability and safety.- 671-671: The consistent use of
http.NoBody
for indicating an empty request body across tests is noted and aligns well with best practices.- 678-678: Replacing
nil
withhttp.NoBody
for the request body inhttptest.NewRequest
calls is correctly applied here, enhancing the clarity and safety of the test code.- 699-699: The use of
http.NoBody
instead ofnil
for the request body in this test function is consistent with the improvements across the file, ensuring clarity and adherence to best practices.- 746-746: Consistent application of
http.NoBody
instead ofnil
for request bodies across tests is appreciated for its clarity and adherence to best practices.- 781-781: The replacement of
nil
withhttp.NoBody
in the request body is correctly applied, ensuring consistency and clarity in the test code.ctx_test.go (7)
- 4835-4835: The test for
ParamsInt
with a non-integer parameter correctly checks for an error condition. This is a good practice to ensure robust error handling in the application.- 4851-4851: The test for
ParamsInt
ignoring the default value when an integer parameter is provided is well-implemented. It ensures that the function prioritizes actual parameter values over defaults.- 4867-4867: The test for
ParamsInt
using the default value when a non-integer parameter is provided correctly checks that the default value is used in absence of a valid integer. This ensures the function's flexibility in handling different input scenarios.- 4949-4949: The test for
extractIPsFromHeader
correctly identifies the last valid IP address from a list of values in theX-Forwarded-For
header. This is crucial for accurately determining the client's IP address in applications behind proxies.- 4960-4960: The test for
extractIPsFromHeader
withEnableIPValidation
enabled ensures that only valid IP addresses are considered from theX-Forwarded-For
header. This adds an extra layer of security by filtering out potentially malicious values.- 4971-4971: The test for
GetRespHeaders
correctly retrieves all response headers set in the context. This is important for ensuring that headers are correctly managed and can be inspected or modified as needed.- 5014-5014: The test for
GetReqHeaders
correctly retrieves all request headers. This functionality is essential for applications that need to inspect headers for routing, authentication, or other purposes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 1
Configuration used: CodeRabbit UI
Files selected for processing (17)
- app_test.go (7 hunks)
- bind_test.go (38 hunks)
- ctx_test.go (198 hunks)
- middleware/adaptor/adaptor_test.go (12 hunks)
- middleware/cors/cors_test.go (7 hunks)
- middleware/csrf/csrf_test.go (6 hunks)
- middleware/earlydata/earlydata_test.go (5 hunks)
- middleware/favicon/favicon_test.go (1 hunks)
- middleware/filesystem/filesystem_test.go (1 hunks)
- middleware/healthcheck/healthcheck_test.go (1 hunks)
- middleware/idempotency/idempotency_test.go (2 hunks)
- middleware/keyauth/keyauth_test.go (1 hunks)
- middleware/logger/logger_test.go (1 hunks)
- middleware/proxy/proxy_test.go (3 hunks)
- middleware/timeout/timeout_test.go (2 hunks)
- mount_test.go (16 hunks)
- router_test.go (3 hunks)
Files not summarized due to errors (1)
- ctx_test.go: Error: Message exceeds token limit
Files skipped from review as they are similar to previous changes (16)
- app_test.go
- bind_test.go
- middleware/adaptor/adaptor_test.go
- middleware/cors/cors_test.go
- middleware/csrf/csrf_test.go
- middleware/earlydata/earlydata_test.go
- middleware/favicon/favicon_test.go
- middleware/filesystem/filesystem_test.go
- middleware/healthcheck/healthcheck_test.go
- middleware/idempotency/idempotency_test.go
- middleware/keyauth/keyauth_test.go
- middleware/logger/logger_test.go
- middleware/proxy/proxy_test.go
- middleware/timeout/timeout_test.go
- mount_test.go
- router_test.go
Additional comments: 2
ctx_test.go (2)
- 4967-4973: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [4970-4988]
The test
Test_Ctx_GetRespHeaders
correctly verifies the functionality of retrieving response headers as a map. It's well-structured and covers multiple scenarios including setting single and multiple values for headers. This test is approved as it follows best practices for testing, ensuring that the function behaves as expected across different use cases.
- 5010-5016: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [5013-5031]
The test
Test_Ctx_GetReqHeaders
is designed to verify the functionality of retrieving request headers as a map. This test is correctly implemented, covering the retrieval of single and multiple header values, including checking for case sensitivity and the presence of multiple values for the same header. The test is clear and concise, effectively validating the expected behavior.
shortly before the release in the pool
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 0
Configuration used: CodeRabbit UI
Files selected for processing (1)
- ctx_interface.go (4 hunks)
Files skipped from review as they are similar to previous changes (1)
- ctx_interface.go
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lgtm
* Update pull_request_template.md * Update v3-changes.md * Update CONTRIBUTING.md (gofiber#2752) Grammar correction. * chore(encryptcookie)!: update default config (gofiber#2753) * chore(encryptcookie)!: update default config docs(encryptcookie): enhance documentation and examples BREAKING CHANGE: removed the hardcoded "csrf_" from the Except. * docs(encryptcookie): reads or modifies cookies * chore(encryptcookie): csrf config example * docs(encryptcookie): md table spacing * build(deps): bump actions/setup-go from 4 to 5 (gofiber#2754) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * 🩹 middleware/logger/: log client IP address by default (gofiber#2755) * middleware/logger: Log client IP address by default. * Update doc. * fix: don't constrain middlewares' context-keys to strings 🐛 (gofiber#2751) * Revert "Revert ":bug: requestid.Config.ContextKey is interface{} (gofiber#2369)" (gofiber#2742)" This reverts commit 28be17f. * fix: request ContextKey default value condition Should check for `nil` since it is `any`. * fix: don't constrain middlewares' context-keys to strings `context` recommends using "unexported type" as context keys to avoid collisions https://pkg.go.dev/github.com/gofiber/fiber/v2#Ctx.Locals. The official go blog also recommends this https://go.dev/blog/context. `fiber.Ctx.Locals(key any, value any)` correctly allows consumers to use unexported types or e.g. strings. But some fiber middlewares constrain their context-keys to `string` in their "default config structs", making it impossible to use unexported types. This PR removes the `string` _constraint_ from all middlewares, allowing to now use unexported types as per the official guidelines. However the default value is still a string, so it's not a breaking change, and anyone still using strings as context keys is not affected. * 📚 Update app.md for indentation (gofiber#2761) Update app.md for indentation * build(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 (gofiber#2762) Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](google/uuid@v1.4.0...v1.5.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump github/codeql-action from 2 to 3 (gofiber#2763) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Changing default log output (gofiber#2730) changing default log output Closes gofiber#2729 * Update hooks.md fix wrong hooks signature * 🩹 Fix: CORS middleware should use the defined AllowedOriginsFunc config when AllowedOrigins is empty (gofiber#2771) * 🐛 [Bug]: Adaptator + otelfiber issue gofiber#2641 (gofiber#2772) * 🩹🚨 - fix for redirect with query params (gofiber#2748) * redirect with query params did not work, fix it and add test for it * redirect middleware - fix test typo * ♻️ logger/middleware colorize logger error message gofiber#2593 (gofiber#2773) * ✨ feat: add liveness and readiness checks (gofiber#2509) * ✨ feat: add liveness and readiness checkers * 📝 docs: add docs for liveness and readiness * ✨ feat: add options method for probe checkers * ✅ tests: add tests for liveness and readiness * ♻️ refactor: change default endpoint values * ♻️ refactor: change default value for liveness endpoint * 📝 docs: add return status for liveness and readiness probes * ♻️ refactor: change probechecker to middleware * 📝 docs: move docs to middleware session * ♻️ refactor: apply gofumpt formatting * ♻️ refactor: remove unused parameter * split config and apply a review * apply reviews and add testcases * add benchmark * cleanup * rename middleware * fix linter * Update docs and config values * Revert change to IsReady * Updates based on code review * Update docs to match other middlewares --------- Co-authored-by: Muhammed Efe Cetin <[email protected]> Co-authored-by: Juan Calderon-Perez <[email protected]> Co-authored-by: Juan Calderon-Perez <[email protected]> * prepare release v2.52.0 - add more Parser tests * fix healthcheck.md * configure workflows for V2 branch * configure workflows for V2 branch * Fix default value to false in docs of QueryBool (gofiber#2811) fix default value to false in docs of QueryBool * update queryParser config * Update ctx.md * Update routing.md * merge v2 in v3 * merge v2 in v3 * lint fixes * 📚 Doc: Fix code snippet indentation in /docs/api/middleware/keyauth.md Removes an an extra level of indentation in line 51 of `keyauth.md` [here](https://github.com/gofiber/fiber/blob/v2/docs/api/middleware/keyauth.md?plain=1#L51) * fix: healthcheck middleware not working with route group (gofiber#2863) * fix: healthcheck middleware not working with route group * perf: change verification method to improve perf * Update healthcheck_test.go * test: add not matching route test for strict routing * add more test cases * correct tests * correct test helpers * correct tests * correct tests --------- Co-authored-by: Juan Calderon-Perez <[email protected]> Co-authored-by: René Werner <[email protected]> * merge v2 in v3 * Merge pull request from GHSA-fmg4-x8pw-hjhg * Enforce Wildcard Origins with AllowCredentials check * Expand unit-tests, fix issues with subdomains logic, update docs * Update cors.md * Added test using localhost, ipv4, and ipv6 address * improve documentation markdown --------- Co-authored-by: René Werner <[email protected]> * Update app.go prepare release v2.52.1 * fix cors domain normalize * fix sync-docs workflow * test: fix failing tests * fix sync-docs workflow * test: cors middleware use testify require * chore: fix lint warnings * chore: revert test isolation. * fixed the fasthttp ctx race condition problem * Update middleware/cors/utils.go Co-authored-by: Renan Bastos <[email protected]> * fix sync_docs.sh * fix review comments/hints * fix review comments/hints * stabilize Test_Proxy_Timeout_Slow_Server test * stabilize Test_Proxy_.* tests * ignore bodyclose linter for tests use http.NoBody instead of nil * revert(tests): undo http.NoBody usage * fix(ctx pool): postpone the reset for some values shortly before the release in the pool * refactor(tests): use testify panic method instead of custom solution --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: tokelo-12 <[email protected]> Co-authored-by: Jason McNeil <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: iRedMail <[email protected]> Co-authored-by: Benjamin Grosse <[email protected]> Co-authored-by: Mehmet Firat KOMURCU <[email protected]> Co-authored-by: Bruno <[email protected]> Co-authored-by: Muhammad Kholid B <[email protected]> Co-authored-by: gilwo <[email protected]> Co-authored-by: Lucas Lemos <[email protected]> Co-authored-by: Muhammed Efe Cetin <[email protected]> Co-authored-by: Juan Calderon-Perez <[email protected]> Co-authored-by: Juan Calderon-Perez <[email protected]> Co-authored-by: Jongmin Kim <[email protected]> Co-authored-by: Giovanni Rivera <[email protected]> Co-authored-by: Renan Bastos <[email protected]>
Bring changes from v2 branch to main (v3) branch.
Summary by CodeRabbit
NewCtx
toAcquireCtx
.