Skip to content

Remove global regex limit due to permissions error #784

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
abnegate merged 3 commits into from
Jan 14, 2026
Merged

Remove global regex limit due to permissions error #784

abnegate merged 3 commits into from
Jan 14, 2026

Conversation

@abnegate
Copy link
Member

@abnegate abnegate commented Jan 14, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Refactor
    • Adjusted timeout handling to stop issuing a global server setting and rely on per-query timeout hints instead.
  • Tests
    • Deactivated an end-to-end test focused on regex ReDoS by commenting it out so it no longer runs.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 14, 2026
edited
Loading

📝 Walkthrough

Walkthrough

Removed direct PDO execution that set MySQL's global regexp_time_limit in setTimeout; the code now relies solely on injecting a max-execution-time query hint via a before-event callback. A ReDoS-focused end-to-end test was deactivated (commented out).

Changes

Cohort / File(s) Summary
MySQL Adapter Simplification
src/Database/Adapter/MySQL.php		 Removed direct PDO SET GLOBAL regexp_time_limit execution; retained query-hint injection via before-event callback (3 lines removed).
Tests — ReDoS deactivated
tests/e2e/Adapter/Scopes/DocumentTests.php		 Disabled/commented-out the testRegexRedos() test; test logic preserved as comments but no longer executed (active test removed).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I nibbled at globals under moonlight bright,

Lines folded softly out of sight,
Hints now hum where commands once spoke,
A sleepy test tucked under oak,
The rabbit hops on, carrot in light.

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: removing the global PDO SET GLOBAL call that set regexp_time_limit due to permissions constraints.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings
📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 899c1ff and 490e773.

📒 Files selected for processing (1)
  • tests/e2e/Adapter/Scopes/DocumentTests.php
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-10-03T02:04:17.803Z 
Learnt from: abnegate
Repo: utopia-php/database PR: 721
File: tests/e2e/Adapter/Scopes/DocumentTests.php:6418-6439
Timestamp: 2025-10-03T02:04:17.803Z
Learning: In tests/e2e/Adapter/Scopes/DocumentTests::testSchemalessDocumentInvalidInteralAttributeValidation (PHP), when the adapter reports getSupportForAttributes() === false (schemaless), the test should not expect exceptions from createDocuments for “invalid” internal attributes; remove try/catch and ensure the test passes without exceptions, keeping at least one assertion.

Applied to files:

  • tests/e2e/Adapter/Scopes/DocumentTests.php
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)
  • GitHub Check: Adapter Tests (Postgres)
  • GitHub Check: Adapter Tests (SharedTables/MariaDB)
  • GitHub Check: Adapter Tests (Pool)
  • GitHub Check: Adapter Tests (SharedTables/Postgres)
  • GitHub Check: Adapter Tests (Mirror)
  • GitHub Check: Adapter Tests (SharedTables/MySQL)
  • GitHub Check: Adapter Tests (SharedTables/SQLite)
  • GitHub Check: Adapter Tests (SQLite)
  • GitHub Check: Adapter Tests (MySQL)
  • GitHub Check: Adapter Tests (MariaDB)

✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Jan 14, 2026
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
tests/e2e/Adapter/Scopes/DocumentTests.php (1)

7243-7465: Remove the orphan PHPDoc + commented-out method block; use the file's existing skip pattern instead.

The orphan PHPDoc followed by a fully commented-out method violates PSR-12's statement_indentation rule (the commented block has inconsistent indentation). However, the proposed fix should align with the skip pattern already used throughout this file: expectNotToPerformAssertions() + early return, not markTestSkipped().

Proposed fix (using existing codebase pattern) 
     /**
      * Test ReDoS (Regular Expression Denial of Service) with timeout protection
      * This test verifies that ReDoS patterns either timeout properly or complete quickly,
      * preventing denial of service attacks.
      */
-//    public function testRegexRedos(): void
-//    {
-//        /** `@var` Database $database */
-//        $database = static::getDatabase();
-//        ...
-//    }
+    public function testRegexRedos(): void
+    {
+        // TODO: Adapt to per-query timeout strategy and skip (not fail) when environment cannot enforce timeout.
+        $this->expectNotToPerformAssertions();
+        return;
+    }
📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9e33fe2 and 899c1ff.

📒 Files selected for processing (1)
  • tests/e2e/Adapter/Scopes/DocumentTests.php
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-10-03T02:04:17.803Z 
Learnt from: abnegate
Repo: utopia-php/database PR: 721
File: tests/e2e/Adapter/Scopes/DocumentTests.php:6418-6439
Timestamp: 2025-10-03T02:04:17.803Z
Learning: In tests/e2e/Adapter/Scopes/DocumentTests::testSchemalessDocumentInvalidInteralAttributeValidation (PHP), when the adapter reports getSupportForAttributes() === false (schemaless), the test should not expect exceptions from createDocuments for “invalid” internal attributes; remove try/catch and ensure the test passes without exceptions, keeping at least one assertion.

Applied to files:

  • tests/e2e/Adapter/Scopes/DocumentTests.php
🪛 GitHub Actions: Linter
tests/e2e/Adapter/Scopes/DocumentTests.php

[error] 1-1: PSR-12: statement_indentation violation detected by Pint. Run 'vendor/bin/pint' to fix formatting. Command that failed: 'php -d memory_limit=2G ./vendor/bin/pint --test'.

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (14)
  • GitHub Check: Adapter Tests (SharedTables/SQLite)
  • GitHub Check: Adapter Tests (Pool)
  • GitHub Check: Adapter Tests (SharedTables/MariaDB)
  • GitHub Check: Adapter Tests (MongoDB)
  • GitHub Check: Adapter Tests (Schemaless/MongoDB)
  • GitHub Check: Adapter Tests (SharedTables/MongoDB)
  • GitHub Check: Adapter Tests (SharedTables/Postgres)
  • GitHub Check: Adapter Tests (Postgres)
  • GitHub Check: Adapter Tests (MariaDB)
  • GitHub Check: Adapter Tests (SharedTables/MySQL)
  • GitHub Check: Adapter Tests (SQLite)
  • GitHub Check: Adapter Tests (Mirror)
  • GitHub Check: Adapter Tests (MySQL)
  • GitHub Check: Unit Test

✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.

coderabbitai[bot]
coderabbitai bot reviewed Jan 14, 2026
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
tests/e2e/Adapter/Scopes/DocumentTests.php (1)

7243-7465: Replace the commented-out test with an explicit skip and remove the dead code.

The testRegexRedos() test is currently disabled via ~200 lines of comments, which hides it from CI and leaves dead code. Use markTestSkipped() instead, with a reason (e.g., "pending stability across adapters"). This improves CI signal and allows proper git history tracking.

Note: ReDoS coverage is now minimal—only a basic < 1.0s assertion on pattern (a+)+$ in testFindRegex() (line 7005–7015). If the commented test is being re-enabled with the new per-query max_execution_time approach, consider doing so explicitly rather than leaving it hidden.

Suggested change 
 /**
  * Test ReDoS (Regular Expression Denial of Service) with timeout protection
  * This test verifies that ReDoS patterns either timeout properly or complete quickly,
  * preventing denial of service attacks.
  */
-//    public function testRegexRedos(): void
-//    {
-//        ...
-//    }
+    public function testRegexRedos(): void
+    {
+        $this->markTestSkipped('ReDoS timeout validation temporarily skipped pending per-query timeout stability.');
+    }
📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 899c1ff and 490e773.

📒 Files selected for processing (1)
  • tests/e2e/Adapter/Scopes/DocumentTests.php
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-10-03T02:04:17.803Z 
Learnt from: abnegate
Repo: utopia-php/database PR: 721
File: tests/e2e/Adapter/Scopes/DocumentTests.php:6418-6439
Timestamp: 2025-10-03T02:04:17.803Z
Learning: In tests/e2e/Adapter/Scopes/DocumentTests::testSchemalessDocumentInvalidInteralAttributeValidation (PHP), when the adapter reports getSupportForAttributes() === false (schemaless), the test should not expect exceptions from createDocuments for “invalid” internal attributes; remove try/catch and ensure the test passes without exceptions, keeping at least one assertion.

Applied to files:

  • tests/e2e/Adapter/Scopes/DocumentTests.php
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)
  • GitHub Check: Adapter Tests (Postgres)
  • GitHub Check: Adapter Tests (SharedTables/MariaDB)
  • GitHub Check: Adapter Tests (Pool)
  • GitHub Check: Adapter Tests (SharedTables/Postgres)
  • GitHub Check: Adapter Tests (Mirror)
  • GitHub Check: Adapter Tests (SharedTables/MySQL)
  • GitHub Check: Adapter Tests (SharedTables/SQLite)
  • GitHub Check: Adapter Tests (SQLite)
  • GitHub Check: Adapter Tests (MySQL)
  • GitHub Check: Adapter Tests (MariaDB)

✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.

@abnegate abnegate merged commit 7b935bb into main Jan 14, 2026
18 checks passed
@abnegate abnegate deleted the fix-regex-perms branch January 14, 2026 12:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@abnegate