Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix nested relations #7158

Merged
merged 12 commits into from
Sep 20, 2024
Merged

Fix nested relations #7158

merged 12 commits into from
Sep 20, 2024

Conversation

Weiko
Copy link
Member

@Weiko Weiko commented Sep 19, 2024

No description provided.

greptile-apps[bot]
greptile-apps bot reviewed Sep 19, 2024
View reviewed changes
Copy link

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Summary

This pull request addresses an issue with nested relations processing in the GraphQL query runner. The change focuses on using the correct object metadata name when handling nested relations.

  • Modified process-nested-relations.helper.ts to use referenceObjectMetadata.nameSingular instead of referenceObjectMetadataName when getting the repository
  • This change ensures proper object metadata retrieval for nested relations, improving data integrity and relationship handling
  • The fix is crucial for maintaining consistency between object metadata and relation processing in the GraphQL query runner
  • Potential impact on query performance and accuracy should be monitored after implementation

1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings

github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 20, 2024
View reviewed changes
...query-runner/graphql-query-parsers/graphql-query-filter/graphql-query-filter-field.parser.ts
key: string,
value: any,
): WhereConditionParts {
const uuid = Math.random().toString(36).slice(2, 7);

Check failure

Code scanning / CodeQL

Insecure randomness High

This uses a cryptographically insecure random number generated at
Math.random()
Loading
in a security context.

Copilot Autofix AI about 8 hours ago

To fix the problem, we need to replace the use of Math.random() with a cryptographically secure random number generator. In Node.js, we can use the crypto module's randomBytes function to generate secure random values. We will convert these bytes to a base-36 string to maintain the existing functionality.

  • Replace the line using Math.random() with a line that uses crypto.randomBytes to generate a secure random value.
  • Import the crypto module at the top of the file.
packages/twenty-server/src/engine/api/graphql/graphql-query-runner/graphql-query-parsers/graphql-query-filter/graphql-query-filter-field.parser.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/packages/twenty-server/src/engine/api/graphql/graphql-query-runner/graphql-query-parsers/graphql-query-filter/graphql-query-filter-field.parser.ts b/packages/twenty-server/src/engine/api/graphql/graphql-query-runner/graphql-query-parsers/graphql-query-filter/graphql-query-filter-field.parser.ts
--- a/packages/twenty-server/src/engine/api/graphql/graphql-query-runner/graphql-query-parsers/graphql-query-filter/graphql-query-filter-field.parser.ts
+++ b/packages/twenty-server/src/engine/api/graphql/graphql-query-runner/graphql-query-parsers/graphql-query-filter/graphql-query-filter-field.parser.ts
@@ -1,2 +1,3 @@
 import { ObjectLiteral, WhereExpressionBuilder } from 'typeorm';
+import { randomBytes } from 'crypto';
 
@@ -72,3 +73,3 @@
   ): WhereConditionParts {
-    const uuid = Math.random().toString(36).slice(2, 7);
+    const uuid = randomBytes(3).toString('base64').slice(0, 5).replace(/\+/g, '0').replace(/\//g, '0');
 
EOF
@@ -1,2 +1,3 @@
import { ObjectLiteral, WhereExpressionBuilder } from 'typeorm';
import { randomBytes } from 'crypto';

@@ -72,3 +73,3 @@
): WhereConditionParts {
const uuid = Math.random().toString(36).slice(2, 7);
const uuid = randomBytes(3).toString('base64').slice(0, 5).replace(/\+/g, '0').replace(/\//g, '0');

Copilot is powered by AI and may make mistakes. Always verify output.
@Weiko Weiko merged commit b1889e4 into main Sep 20, 2024
12 of 14 checks passed
@Weiko Weiko deleted the c--fix-nested-relation branch September 20, 2024 03:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@greptile-apps Greptile Apps greptile-apps left review comments

@charlesBochet charlesBochet charlesBochet approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Weiko @charlesBochet