Skip to content

Support query limit and offset in list repos API#10880

Merged
Meldiron merged 8 commits into1.8.xfrom
ser-504
Nov 28, 2025
Merged

Support query limit and offset in list repos API#10880
Meldiron merged 8 commits into1.8.xfrom
ser-504

Conversation

@hmacr
Copy link
Copy Markdown
Contributor

@hmacr hmacr commented Nov 28, 2025

Closes SER-504

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Nov 28, 2025
edited
Loading

📝 Walkthrough

Walkthrough

Adds query-based pagination to two GitHub installation VCS endpoints by importing Utopia query validators (Queries, Limit, Offset) and adding an array $queries parameter to both routes. Endpoints now parse limit (default 4) and offset (default 0), validate that offset is a multiple of limit, compute page = offset / limit, call a repository search that returns items and a total count, and return the derived total in responses. Updates endpoint signatures and response payloads. Bumps utopia-php/vcs dependency from 0.12.* to 0.13.*. Adds end-to-end tests covering pagination and invalid-offset handling.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

  • app/controllers/api/vcs.php — review new $queries parameter, imports (Queries, Limit, Offset), limit/offset parsing and defaults, offset-multiple validation, page calculation, replacement of fixed per-page fetch with searchRepositories usage, and propagation of returned total.
  • tests/e2e/Services/VCS/VCSConsoleClientTest.php — verify added pagination tests (limit/offset combinations, ordering, and invalid-offset assertions) align with API behavior and test data setup.
  • composer.json — validate the dependency constraint change for utopia-php/vcs to 0.13.* and ensure no unintended side effects.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title 'Support query limit and offset in list repos API' directly and clearly summarizes the main change: adding query-based pagination (limit and offset) support to repository listing endpoints.
Description check ✅ Passed The description 'Closes SER-504' references a related issue ticket and indicates the PR addresses a specific requirement, which is related to the changeset involving pagination support.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch ser-504
📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e204419 and 0b5d67a.

⛔ Files ignored due to path filters (1)
  • composer.lock is excluded by !**/*.lock
📒 Files selected for processing (1)
  • composer.json (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • composer.json
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
  • GitHub Check: Setup & Build Appwrite Image
  • GitHub Check: Setup & Build Appwrite Image
  • GitHub Check: scan

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Nov 28, 2025
edited
Loading

Security Scan Results for PR

Docker Image Scan Results

Package Version Vulnerability Severity
imagemagick 7.1.2.3-r0 CVE-2025-62171 HIGH
imagemagick-c++ 7.1.2.3-r0 CVE-2025-62171 HIGH
imagemagick-dev 7.1.2.3-r0 CVE-2025-62171 HIGH
imagemagick-heic 7.1.2.3-r0 CVE-2025-62171 HIGH
imagemagick-jpeg 7.1.2.3-r0 CVE-2025-62171 HIGH
imagemagick-jxl 7.1.2.3-r0 CVE-2025-62171 HIGH
imagemagick-libs 7.1.2.3-r0 CVE-2025-62171 HIGH
imagemagick-openexr 7.1.2.3-r0 CVE-2025-62171 HIGH
imagemagick-webp 7.1.2.3-r0 CVE-2025-62171 HIGH
libecpg 17.6-r0 CVE-2025-12818 HIGH
libecpg-dev 17.6-r0 CVE-2025-12818 HIGH
libpng 1.6.47-r0 CVE-2025-64720 HIGH
libpng 1.6.47-r0 CVE-2025-65018 HIGH
libpng-dev 1.6.47-r0 CVE-2025-64720 HIGH
libpng-dev 1.6.47-r0 CVE-2025-65018 HIGH
libpq 17.6-r0 CVE-2025-12818 HIGH
libpq-dev 17.6-r0 CVE-2025-12818 HIGH
libxml2 2.13.8-r0 CVE-2025-49794 CRITICAL
libxml2 2.13.8-r0 CVE-2025-49796 CRITICAL
libxml2 2.13.8-r0 CVE-2025-49795 HIGH
libxml2 2.13.8-r0 CVE-2025-6021 HIGH
postgresql17-dev 17.6-r0 CVE-2025-12818 HIGH
github.com/containerd/containerd/v2 v2.0.2 CVE-2024-25621 HIGH
golang.org/x/crypto v0.31.0 CVE-2025-22869 HIGH
golang.org/x/oauth2 v0.24.0 CVE-2025-22868 HIGH
stdlib 1.22.10 CVE-2025-47907 HIGH
stdlib 1.22.10 CVE-2025-58183 HIGH
stdlib 1.22.10 CVE-2025-58186 HIGH
stdlib 1.22.10 CVE-2025-58187 HIGH

Source Code Scan Results

🎉 No vulnerabilities found!

coderabbitai[bot]
coderabbitai bot reviewed Nov 28, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
app/controllers/api/vcs.php (1)

1039-1068: Based on my verification of the codebase, I can now provide the final assessment:

Add error handling for Query::parseQueries() and fix pagination math

The review comment identifies two legitimate issues that need to be addressed:

  1. Missing error handling for Query::parseQueries (line 1059): Confirmed. The endpoint lacks a try/catch wrapper that is consistently used across all other similar endpoints (migrations.php, users.php, account.php, messaging.php, teams.php, etc.). Without it, a QueryException will bubble up as a 500 error instead of being properly converted to an Appwrite GENERAL_QUERY_INVALID 4xx response.

  2. Pagination math issue (line 1065): Confirmed. The calculation $page = ($offset / $limit) + 1 uses float division, and while PHP's type coercion (no strict_types declared) will silently convert it, this is problematic:

    • The searchRepositories method signature explicitly type-hints int $page
    • For non-multiple offsets (e.g., offset=1, limit=2), this produces 1.5 which truncates to 1, potentially returning incorrect results
    • Using intdiv($offset, $limit) + 1 or an explicit (int) cast is clearer and more robust

  3. GitHub total count usage (confirmed good): Using $total from the GitHub API response is correct and requires no changes.

The same pagination issue applies at lines 1238-1241 as these are part of the same response handling.

🧹 Nitpick comments (1)
composer.json (1)

78-78: Dev-branch alias and VCS repository entry may not be ideal for a stable 1.8.x line

Pinning utopia-php/vcs to dev-ser-504 as 0.12.99 and adding a direct VCS repository is fine for iterating on this feature, but it does couple 1.8.x to an untagged development branch and to GitHub availability.

Consider, before releasing this branch, either:

  • Moving back to a tagged/stable utopia-php/vcs version that includes the needed changes, or
  • Pinning to a specific commit hash and documenting why, to avoid surprises if the branch moves.

Also double‑check that minimum-stability / prefer-stable still behave as expected with this alias and custom repository.

Also applies to: 111-117

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c4366c9 and 6f0c4d6.

⛔ Files ignored due to path filters (1)
  • composer.lock is excluded by !**/*.lock
📒 Files selected for processing (3)
  • app/controllers/api/vcs.php (4 hunks)
  • composer.json (2 hunks)
  • tests/e2e/Services/VCS/VCSConsoleClientTest.php (1 hunks)
🧰 Additional context used
🧬 Code graph analysis (2)
tests/e2e/Services/VCS/VCSConsoleClientTest.php (1)
tests/e2e/Client.php (1)
  • Client (8-342)
app/controllers/api/vcs.php (2)
src/Appwrite/GraphQL/Types/Mapper.php (1)
  • param (255-363)
src/Appwrite/Platform/Modules/Databases/Http/Databases/Collections/XList.php (1)
  • action (73-128)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
  • GitHub Check: Setup & Build Appwrite Image
  • GitHub Check: Setup & Build Appwrite Image
  • GitHub Check: scan
🔇 Additional comments (1)
app/controllers/api/vcs.php (1)

34-37: New query validator imports are consistent with their usage

Queries, Limit, and Offset are imported and used correctly in the queries param definition for the repositories listing endpoint.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Nov 28, 2025
edited
Loading

✨ Benchmark results

  • Requests per second: 1,177
  • Requests with 200 status code: 211,953
  • P99 latency: 0.165047407

⚡ Benchmark Comparison

Metric This PR Latest version
RPS 1,177 1,231
200 211,953 221,540
P99 0.165047407 0.166257968

Meldiron
Meldiron reviewed Nov 28, 2025
View reviewed changes
@Meldiron Meldiron merged commit 64dbb28 into 1.8.x Nov 28, 2025
41 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Meldiron Meldiron Meldiron approved these changes

+1 more reviewer

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hmacr @Meldiron