Fix A-z ranges by bmacnaughton · Pull Request #1625 · validatorjs/validator.js

bmacnaughton · 2021-03-10T13:08:21Z

A number of files contain ranges of [A-z] which allows the characters [\]^_\ and the back-tick character. Those have been replaced by [A-Za-z].

PR contains only changes related; no stray files, etc.
README updated (where applicable)
Tests written (where applicable)

codecov · 2021-03-10T13:09:39Z

Codecov Report

Merging #1625 (0db8241) into master (2331120) will not change coverage.
The diff coverage is 100.00%.

@@            Coverage Diff            @@
##            master     #1625   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files          100       100           
  Lines         1798      1846   +48     
=========================================
+ Hits          1798      1846   +48

Impacted Files	Coverage Δ
src/lib/isPostalCode.js	`100.00% <ø> (ø)`
src/lib/isBIC.js	`100.00% <100.00%> (ø)`
src/lib/isISO31661Alpha2.js	`100.00% <100.00%> (ø)`
src/lib/isLocale.js	`100.00% <100.00%> (ø)`
src/lib/isEAN.js	`100.00% <0.00%> (ø)`
src/lib/isTaxID.js	`100.00% <0.00%> (ø)`
src/lib/isAlphanumeric.js	`100.00% <0.00%> (ø)`
src/lib/isLicensePlate.js	`100.00% <0.00%> (ø)`
src/lib/isPassportNumber.js	`100.00% <0.00%> (ø)`
src/lib/isStrongPassword.js	`100.00% <0.00%> (ø)`

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 2331120...0db8241. Read the comment docs.

src/lib/isBIC.js

tux-tn

Good catch ! Thank you @bmacnaughton and congrats for your first contribution 🎉

profnandaa · 2021-03-12T10:06:07Z

Will recheck something before landing. Thanks for your contrib!

bmacnaughton · 2021-03-15T23:14:59Z

can i help with any information for additional review? this seems like the validator passes some potentially troublesome characters.

bmacnaughton · 2021-03-20T23:29:22Z

@tux-tn, @profnandaa - is there anything i can do to wrap this up? if you need to check something i'm happy to research it for you. i just want to close this out while i'm still fresh with it. and it's a pretty serious gap for a validator.

thanks.

ezkemboi · 2021-03-21T17:07:49Z

src/lib/isBIC.js


-const isBICReg = /^[A-z]{4}[A-z]{2}\w{2}(\w{3})?$/;
+// https://en.wikipedia.org/wiki/ISO_9362
+const isBICReg = /^[A-Za-z]{6}[A-Za-z0-9]{2}([A-Za-z0-9]{3})?$/;


NOTE: This is not part of the changes request. I am just offering suggestions and we can do it in a separate PR. I can also work on it after this PR get merged.

Great work here.
I like the simplicity, but I could offer an alternative based on fact that the second part is country code addition i.e:

Bank code (A-Z) : 4 letter code.

Country code (A-Z) : 2 letter code.

Location Code (0-9 or A-Z) : 2 digit code – either letters or numbers.

Branch Code (0-9 or A-Z) : optional 3 digit code – either letters or numbers*.

-> We could leverage the array in validISO31661Alpha2CountriesCodes for making this a robust validator.

NB: [Editing code based on comments]

// Making validISO31661Alpha2CountriesCodes exportable or just add to new util file import { validISO31661Alpha2CountriesCodes } from './isISO31661Alpha2'; //... other code export default function isBIC(str) { assertString(str); const countryCode = str.slice(4, 6); if( validISO31661Alpha2CountriesCodes.indexOf(countryCode) === -1 || countryCode.toUpperCase !== 'XK' // for Republic of Kosovo ) { return false; } return isBICReg.test(str); }

CC. @tux-tn and @profnandaa

i'm happy to make a change doing this - i think it's a good idea. i would just return false without executing the isBICReg.test(str) if it's not a country code - no reason to execute the test if we already know the answer.

it's not clear to me why using includes is useful though; is there a compatibility issue somewhere that i'm not aware of? this seems like it should be a straight, simple use of indexOf() - some has to call a function each time but even then why replace some() with includes() to does the exact same thing but with an extra layer of a function call.

That is great. And I am happy that you are willing to make these changes.

First, I would like to say that, the code above was a sample and required more modifications.

If it not country code, please do that return as you have mentioned

Take the array of validISO31661Alpha2CountriesCodes from isISO31661Alpha2 and create a new file inside lib/util. Import for both isISO31661Alpha2 and BIC validators.

You can make use of indexOf() instead of includes() and some()

I am happy to review that and give a go-ahead to merge this PR.
Thanks again for your contributions @bmacnaughton.

i think this is ready to be merged. it made sense to check that the bank ID was valid.

bmacnaughton · 2021-03-24T23:13:18Z

@tux-tn @profnandaa - any chance of getting this reviewed and merged? the core problem that is fixed is pretty serious.

tux-tn · 2021-03-25T19:08:11Z

@bmacnaughton sorry can't help on this. Both ezkemboi and i already approved your PR but you still need to wait for profnandaa in order to merge it. He will probably do it when he has time

ezkemboi · 2021-03-25T19:57:58Z

cc @profnandaa

profnandaa

Thanks for the good catch; my assumption had been that [A-z] == [A-Za-z]; now just learnt that A-z just meant all ASCII codes for 65 to 122, which include the in between none-alphas (91 - 96)!

bmacnaughton added 3 commits March 9, 2021 18:46

Use correct BIC regex

cfb6be2

fix isLocale alpha ranges

c1e8b23

Fix IE alpha range

369d1e9

fedeci reviewed Mar 10, 2021

View reviewed changes

src/lib/isBIC.js Outdated Show resolved Hide resolved

allow lowercase alpha

2c41f65

bmacnaughton changed the title ~~Fix A-x ranges~~ Fix A-z ranges Mar 10, 2021

tux-tn previously approved these changes Mar 10, 2021

View reviewed changes

tux-tn added ready-to-land For PRs that are reviewed and ready to be landed 🎉 first-pr labels Mar 10, 2021

profnandaa previously approved these changes Mar 12, 2021

View reviewed changes

profnandaa added the needs-more-review label Mar 12, 2021

ezkemboi reviewed Mar 21, 2021

View reviewed changes

check country code too

0db8241

bmacnaughton dismissed stale reviews from profnandaa and tux-tn via 0db8241 March 22, 2021 12:15

ezkemboi approved these changes Mar 24, 2021

View reviewed changes

tux-tn removed the needs-more-review label Mar 25, 2021

profnandaa approved these changes Apr 17, 2021

View reviewed changes

profnandaa merged commit b65ddc5 into validatorjs:master Apr 17, 2021

profnandaa mentioned this pull request Apr 19, 2021

[release staging] April 2021 Release (v13.6.0) #1650

Closed

Uh oh!

Conversation

bmacnaughton commented Mar 10, 2021

Uh oh!

codecov bot commented Mar 10, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Uh oh!

tux-tn left a comment

Choose a reason for hiding this comment

Uh oh!

profnandaa commented Mar 12, 2021

Uh oh!

bmacnaughton commented Mar 15, 2021

Uh oh!

bmacnaughton commented Mar 20, 2021

Uh oh!

ezkemboi Mar 21, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

bmacnaughton Mar 22, 2021

Choose a reason for hiding this comment

Uh oh!

ezkemboi Mar 22, 2021

Choose a reason for hiding this comment

Uh oh!

bmacnaughton Mar 22, 2021

Choose a reason for hiding this comment

Uh oh!

bmacnaughton commented Mar 24, 2021

Uh oh!

tux-tn commented Mar 25, 2021

Uh oh!

ezkemboi commented Mar 25, 2021

Uh oh!

profnandaa left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

codecov bot commented Mar 10, 2021 •

edited

Loading

ezkemboi Mar 21, 2021 •

edited

Loading