From 7183e0c19163aeb044b2c0a4685fa1321a36dec2 Mon Sep 17 00:00:00 2001 From: Francois Kritzinger Date: Tue, 7 May 2024 16:55:32 +0200 Subject: Update TODOs/comments --- mod/mod-ci-github-gq.cxx | 2 ++ mod/mod-ci-github.cxx | 33 +++++++++++++++++++++------------ 2 files changed, 23 insertions(+), 12 deletions(-) (limited to 'mod') diff --git a/mod/mod-ci-github-gq.cxx b/mod/mod-ci-github-gq.cxx index 92d3728..c30ab7a 100644 --- a/mod/mod-ci-github-gq.cxx +++ b/mod/mod-ci-github-gq.cxx @@ -66,6 +66,8 @@ namespace brep // we need to check that the errors field is not present before parsing the // data field as it might contain nulls if errors is present. // + // @@ TODO: This function is only called in one place. + // static void gq_parse_response (json::parser& p, function parse_data) diff --git a/mod/mod-ci-github.cxx b/mod/mod-ci-github.cxx index d1f50f2..e433d44 100644 --- a/mod/mod-ci-github.cxx +++ b/mod/mod-ci-github.cxx @@ -19,6 +19,26 @@ #include +// @@ Remaining TODOs +// +// - Rerequested checks +// +// - check_suite (action: rerequested): received when user re-runs all +// checks. +// +// - check_run (action: rerequested): received when user re-runs a +// specific check or all failed checks. +// +// Will need to extract a few more fields from check_runs, but the layout +// is very similar to that of check_suite. +// +// - Pull requests. Handle +// +// - Choose strong webhook secret +// +// - Check that delivery UUID has not been received before (replay attack). +// + // @@ TODO // // Building CI checks with a GitHub App @@ -41,10 +61,6 @@ // https://en.wikipedia.org/wiki/HMAC#Definition. A suitable implementation // is provided by OpenSSL. -// @@ TODO Centralize exception/error handling around calls to -// github_post(). Currently it's mostly duplicated and there is quite -// a lot of it. -// using namespace std; using namespace butl; using namespace web; @@ -104,13 +120,6 @@ namespace brep // // @@ TMP Shouldn't we also error<< in some of these header problem cases? // - // @@ TMP From GitHub docs: "You can create webhooks that subscribe to the - // events listed on this page." - // - // So it seems appropriate to generally use the term "event" (which - // we already do for the most part), and "webhook event" only when - // more context would be useful? - // string event; // Webhook event. string hmac; // Received HMAC. { @@ -892,7 +901,7 @@ namespace brep xml::serializer s (os, "check_run_summary"); // This hack is required to disable XML element name prefixes (which - // GitHub does not like). Note that this adsd an xmlns declaration for + // GitHub does not like). Note that this adds an xmlns declaration for // the XHTML namespace which for now GitHub appears to ignore. If that // ever becomes a problem, then we should redo this with raw XML // serializer calls. -- cgit v1.1