Add length validations for bytes columns to conan packages related tables

Sylvia Shenrequested to merge
585485-conan-packages into master

🏗️ What does this MR do and why?

Add length validations for conan package format columns to prevent storing arbitrarily large data.

  • Add 40 character length limit validations to reference, revision columns
  • Supplement existing test cases

Changelog: changed

📝 Database migrations

This MR adds database-level check constraints to three tables:

packages_conan_recipe_revisions

⬆️ Up 

> gdk rails db:migrate:up:main VERSION=20260210111821
main: == [advisory_lock_connection] object_id: 134100, pg_backend_pid: 56518
main: == 20260210111821 AddCheckConstraintConanRecipeRevisionsRevisionLength: migrating 
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- execute("ALTER TABLE packages_conan_recipe_revisions\nADD CONSTRAINT check_revision_length\nCHECK ( octet_length(revision) <= 20 )\nNOT VALID;\n")
main:    -> 0.0032s
main: == 20260210111821 AddCheckConstraintConanRecipeRevisionsRevisionLength: migrated (0.0910s) 
main: == [advisory_lock_connection] object_id: 134100, pg_backend_pid: 56518

⬇️ Down 

> gdk rails db:migrate:down:main VERSION=20260210111821
main: == [advisory_lock_connection] object_id: 134100, pg_backend_pid: 52416
main: == 20260210111821 AddCheckConstraintConanRecipeRevisionsRevisionLength: reverting 
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- execute("            ALTER TABLE packages_conan_recipe_revisions\n            DROP CONSTRAINT IF EXISTS check_revision_length\n")
main:    -> 0.0020s
main: == 20260210111821 AddCheckConstraintConanRecipeRevisionsRevisionLength: reverted (0.0449s) 
main: == [advisory_lock_connection] object_id: 134100, pg_backend_pid: 52416

packages_conan_package_references

⬆️ Up 

> gdk rails db:migrate:up:main VERSION=20260210111925
main: == [advisory_lock_connection] object_id: 134100, pg_backend_pid: 60543
main: == 20260210111925 AddCheckConstraintConanPackageReferencesReferenceLength: migrating 
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- execute("ALTER TABLE packages_conan_package_references\nADD CONSTRAINT check_reference_length\nCHECK ( octet_length(reference) <= 20 )\nNOT VALID;\n")
main:    -> 0.0020s
main: == 20260210111925 AddCheckConstraintConanPackageReferencesReferenceLength: migrated (0.0660s) 
main: == [advisory_lock_connection] object_id: 134100, pg_backend_pid: 60543

⬇️ Down 

> gdk rails db:migrate:down:main VERSION=20260210111925
main: == [advisory_lock_connection] object_id: 134100, pg_backend_pid: 48357
main: == 20260210111925 AddCheckConstraintConanPackageReferencesReferenceLength: reverting 
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- execute("            ALTER TABLE packages_conan_package_references\n            DROP CONSTRAINT IF EXISTS check_reference_length\n")
main:    -> 0.0012s
main: == 20260210111925 AddCheckConstraintConanPackageReferencesReferenceLength: reverted (0.0231s) 
main: == [advisory_lock_connection] object_id: 134100, pg_backend_pid: 48357

packages_conan_package_revisions

⬆️ Up 

> gdk rails db:migrate:up:main VERSION=20260210111943
main: == [advisory_lock_connection] object_id: 134100, pg_backend_pid: 64578
main: == 20260210111943 AddCheckConstraintConanPackageRevisionsRevisionLength: migrating 
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- execute("ALTER TABLE packages_conan_package_revisions\nADD CONSTRAINT check_revision_length\nCHECK ( octet_length(revision) <= 20 )\nNOT VALID;\n")
main:    -> 0.0019s
main: == 20260210111943 AddCheckConstraintConanPackageRevisionsRevisionLength: migrated (0.0586s) 
main: == [advisory_lock_connection] object_id: 134100, pg_backend_pid: 64578

⬇️ Down 

> gdk rails db:migrate:down:main VERSION=20260210111943
main: == [advisory_lock_connection] object_id: 134080, pg_backend_pid: 44300
main: == 20260210111943 AddCheckConstraintConanPackageRevisionsRevisionLength: reverting 
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- execute("            ALTER TABLE packages_conan_package_revisions\n            DROP CONSTRAINT IF EXISTS check_revision_length\n")
main:    -> 0.0085s
main: == 20260210111943 AddCheckConstraintConanPackageRevisionsRevisionLength: reverted (0.0349s) 
main: == [advisory_lock_connection] object_id: 134080, pg_backend_pid: 44300

📚 References

📸 Screenshots or screen recordings

N/A

🧪 How to set up and validate locally

  1. Open Rails console:

    gdk rails c

  2. Test Packages::Conan::PackageReference validation:

    package_reference = FactoryBot.build(:conan_package_reference)
package_reference.valid?  # Should be true
package_reference.reference = 'A' * 21
package_reference.valid?  # Should be false

  3. Test Packages::Conan::PackageRevision validation:

    package_revision = FactoryBot.build(:conan_package_revision)
package_revision.valid?  # Should be true
package_revision.revision = 'B' * 21
package_revision.valid?  # Should be false

  4. Test Packages::Conan::RecipeRevision validation:

    recipe_revision = FactoryBot.build(:conan_recipe_revision)
recipe_revision.valid?  # Should be true
recipe_revision.revision = 'C' * 21
recipe_revision.valid?  # Should be false

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Sylvia Shen

Merge request reports