Fixed unit32 conversion

[neilnaveen]

Summary by CodeRabbit

Release Notes

• New Features

  • Introduced a TruncateString function for better string handling, allowing for truncation with ellipsis.
  • Added new utility functions for converting between numeric types and strings: Uint32ToStr, StrToUint32, and IntToUint32.

• Bug Fixes

  • Improved error handling in the new utility functions to provide clearer messages.

• Refactor

  • Updated references from the tools package to the new helpers package for the TruncateString function across various components.
  • Streamlined data type conversions in storage and caching logic, enhancing type safety.
  • Removed unused SanitizeFilename function to simplify the codebase.

• Tests

  • Added unit tests for the new conversion functions to ensure reliability and correctness.

[coderabbitai]

Walkthrough

The changes in this pull request introduce a new function TruncateString in the helpers package for truncating strings to a specified maximum length, prepending them with an ellipsis if they exceed this length. The tools package has been removed, and all references to its TruncateString function have been updated to use the new helper function. Additionally, several files have been modified to improve type safety and streamline data conversion processes, particularly in handling node IDs and Redis storage. Unused functions and test cases related to the tools package have been removed.

Changes

File	Change Summary
cmd/helpers/common.go	Added method: func TruncateString(str string, maxLength int) string
cmd/helpers/common_test.go	Package name changed from tools to helpers; removed method: func TestSanitizeFilename(t *testing.T)
cmd/helpers/getAdditionalInfo.go	Moved strings import for clarity; no logic changes in ComputeAdditionalInfo.
cmd/ingest/osv/osv.go	Updated references from tools.TruncateString to helpers.TruncateString; removed tools import.
cmd/ingest/sbom/sbom.go	Updated reference from tools.TruncateString to helpers.TruncateString in Run method.
cmd/ingest/scorecard/scorecard.go	Updated references from tools.TruncateString to helpers.TruncateString in Run and printProgress methods.
pkg/graph/cache.go	Replaced strconv.Atoi with utils.StrToUint32 and updated error messages; modified cache logic to use new integer type directly.
pkg/storages/redis_storage.go	Updated methods to use utils.IntToUint32 and utils.Uint32ToStr for conversions; no changes to control flow.
pkg/tools/common.go	Removed file containing SanitizeFilename and TruncateString functions.
pkg/tools/ingest/vuln.go	Reordered import statements; no changes to functionality.
pkg/utils/convert.go	Added methods: Uint32ToStr, StrToUint32, IntToUint32 for type conversions.
pkg/utils/convert_test.go	Added unit tests for Uint32ToStr, StrToUint32, and IntToUint32 functions with comprehensive test cases.

Possibly related PRs

• Implemented offline scorecard graphing #108: Introduces ComputeAdditionalInfo in the helpers package, related to string manipulation and formatting for node metadata.
• Cleaned up ingestion #117: Modifies ingestion to utilize LoadDataFromPath, relevant to handling string data and formatting outputs.
• Refactored the cmd for leaderboard #129: Refactors leaderboard commands, potentially related through shared command-line interface improvements.
• SQL storage #137: Introduces SQL storage, possibly relevant to data handling and string manipulation in storage operations.

🐰 "In the code where strings do flow,
A helper function now steals the show.
With truncation done just right,
Our logs will shine, oh what a sight!
From tools to helpers, a leap so grand,
In the world of strings, we take a stand!" 🐇

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[codecov]

Codecov Report

Attention: Patch coverage is 76.36364% with 13 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
pkg/graph/cache.go	81.81%	4 Missing ⚠️
cmd/helpers/common.go	62.50%	2 Missing and 1 partial ⚠️
cmd/ingest/osv/osv.go	0.00%	2 Missing ⚠️
cmd/ingest/scorecard/scorecard.go	0.00%	2 Missing ⚠️
cmd/ingest/sbom/sbom.go	0.00%	1 Missing ⚠️
pkg/storages/redis_storage.go	75.00%	0 Missing and 1 partial ⚠️

Files with missing lines	Coverage Δ
cmd/helpers/getAdditionalInfo.go	100.00% <ø> (ø)
pkg/tools/ingest/vuln.go	73.84% <ø> (ø)
pkg/utils/convert.go	100.00% <100.00%> (ø)
cmd/ingest/sbom/sbom.go	36.84% <0.00%> (ø)
pkg/storages/redis_storage.go	57.60% <75.00%> (+0.17%)	⬆️
cmd/ingest/osv/osv.go	33.33% <0.00%> (ø)
cmd/ingest/scorecard/scorecard.go	35.00% <0.00%> (ø)
cmd/helpers/common.go	62.50% <62.50%> (ø)
pkg/graph/cache.go	70.25% <81.81%> (+1.29%)	⬆️

---

🚨 Try these New Features:

• Flaky Tests Detection - Detect and resolve failed and flaky tests

[coderabbitai]

Actionable comments posted: 7

🧹 Outside diff range and nitpick comments (12)

pkg/utils/convert.go (1)

8-11: Enhance function documentation with examples

While the function is well-implemented, consider adding an example in the documentation to demonstrate usage and expected output.

-// Uint32ToStr converts uint32 to string
+// Uint32ToStr converts uint32 to string
+//
+// Example:
+//
+//	Uint32ToStr(123) // returns "123"

cmd/helpers/common_test.go (1)

Line range hint 7-71: Consider adding more edge cases to the test suite

The current test suite is well-structured with good coverage of basic scenarios and edge cases. Consider adding these additional test cases to make it even more robust:

1. Unicode characters and emojis
2. Very large maxLength values
3. Negative maxLength values (if applicable)

Here's a suggested addition to the test cases:

 func TestTruncatePath(t *testing.T) {
     tests := []struct {
         name      string
         id        string
         maxLength int
         want      string
     }{
         // ... existing test cases ...
+        {
+            name:      "Path with unicode characters",
+            id:        "path/with/🚀/emoji/⭐/chars/⚡",
+            maxLength: 15,
+            want:      "...emoji/⭐/chars/⚡",
+        },
+        {
+            name:      "Very large maxLength",
+            id:        "normal/path",
+            maxLength: 1000,
+            want:      "normal/path",
+        },
+        {
+            name:      "Negative maxLength",
+            id:        "test/path",
+            maxLength: -1,
+            want:      "",  // or handle according to your requirements
+        },
     }

cmd/ingest/scorecard/scorecard.go (1)

51-51: LGTM! Consider making the truncation length configurable.

The usage of helpers.TruncateString is appropriate here. However, since the truncation length of 50 is used in multiple places, consider making it a named constant for better maintainability.

 const (
	DefaultAddr = "http://localhost:8089" // Default address of the minefield server
+	MaxDisplayLength = 50 // Maximum length for truncated strings in display
 )

cmd/ingest/osv/osv.go (1)

69-69: LGTM, consider making truncation length a constant

The change to use helpers.TruncateString is correct. Since the truncation length of 50 is used in multiple places, consider defining it as a package-level constant for better maintainability.

const (
    DefaultAddr = "http://localhost:8089" // Default address of the minefield server
+   MaxPathLength = 50 // Maximum length for truncated paths in progress messages
)

pkg/utils/convert_test.go (2)

7-26: Consider adding more edge cases to TestUint32ToStr

While the current test cases cover basic scenarios, consider adding more edge cases such as:

• Powers of 10 (100, 1000, etc.)
• Values close to max uint32 (4294967294)

 tests := []struct {
   name     string
   input    uint32
   expected string
 }{
   {"zero value", 0, "0"},
   {"small number", 42, "42"},
   {"max uint32", 4294967295, "4294967295"},
+  {"power of ten", 1000, "1000"},
+  {"near max", 4294967294, "4294967294"},
 }

---

1-6: Add package documentation for the test file

Consider adding a package comment to document the purpose of these conversion functions and their test coverage.

 package utils
+
+// This file contains tests for uint32 conversion utilities that handle
+// conversions between uint32, string, and int types with proper
+// bounds checking and error handling.
 
 import (
   "testing"

pkg/graph/cache.go (4)

51-65: Enhance error messages with more context

While the conversion logic is correct, the error messages could be more specific about the operation being performed.

Consider updating the error messages to provide more context:

-return fmt.Errorf("error converting child key %s: %w", childId, err)
+return fmt.Errorf("error converting child key %s to uint32: %w", childId, err)

-return fmt.Errorf("error getting value for key %s: %w", childId, err)
+return fmt.Errorf("error retrieving cached parent value for key %s: %w", childId, err)

---

Line range hint 262-283: Consider extracting repeated bitmap retrieval logic

The function contains repeated patterns for retrieving and error handling bitmap operations.

Consider extracting the common pattern into a helper function:

+func getBitmapForKey(cache *NativeKeyManagement, key string) (roaring.Bitmap, error) {
+    bitmap, err := cache.Get(key)
+    if err != nil {
+        return roaring.Bitmap{}, fmt.Errorf("error retrieving bitmap for key %s: %w", key, err)
+    }
+    return bitmap, nil
+}

 func getTodoAndFutureNodes(children, parents *NativeKeyManagement, curNode *Node, direction Direction) ([]uint32, []uint32, error) {
     var todoNodes, futureNodes []uint32
     nodeIDStr := utils.Uint32ToStr(curNode.ID)
 
     if direction == ChildrenDirection {
-        todoNodesBitmap, err := children.Get(nodeIDStr)
+        todoNodesBitmap, err := getBitmapForKey(children, nodeIDStr)
         if err != nil {
             return nil, nil, err
         }
-        futureNodesBitmap, err := parents.Get(nodeIDStr)
+        futureNodesBitmap, err := getBitmapForKey(parents, nodeIDStr)
         if err != nil {
             return nil, nil, err
         }
         todoNodes, futureNodes = todoNodesBitmap.ToArray(), futureNodesBitmap.ToArray()
     } else {
         // Similar changes for the else block
     }

---

290-306: Remove unnecessary empty line and improve error messages

The function has correct type conversions but could benefit from some cleanup.

Consider these improvements:

 func addToCache(bm *NativeKeyManagement, curElem, todoElem uint32) error {
     curElemStr := utils.Uint32ToStr(curElem)
     todoElemStr := utils.Uint32ToStr(todoElem)
-
     curElemVal, err := bm.Get(curElemStr)
     if err != nil {
-        return fmt.Errorf("error getting value for curElem key from value %d: %w", curElem, err)
+        return fmt.Errorf("error retrieving bitmap for current element %d: %w", curElem, err)
     }
 
     todoVal, err := bm.Get(todoElemStr)
     if err != nil {
-        return fmt.Errorf("error getting value for todoElem key %d: %w", todoElem, err)
+        return fmt.Errorf("error retrieving bitmap for todo element %d: %w", todoElem, err)
     }

---

53-53: Standardize error message patterns

While error handling is generally good, the error messages could follow a more consistent pattern.

Consider standardizing error messages to follow this pattern:

• Start with the operation being performed
• Include relevant identifiers
• Wrap the underlying error

Example:

-return fmt.Errorf("error converting child key %s: %w", childId, err)
+return fmt.Errorf("failed to convert node ID %s to uint32: %w", childId, err)

-return fmt.Errorf("error getting value for key %s: %w", childId, err)
+return fmt.Errorf("failed to retrieve cached value for node ID %s: %w", childId, err)

Also applies to: 61-61, 295-295, 300-300

pkg/storages/redis_storage.go (2)

44-45: Good improvement, consider applying consistently

The change to use utils.Uint32ToStr improves type safety and eliminates unnecessary type conversions. However, similar string conversions exist in other methods (e.g., GetAllKeys, ToBeCached) that could benefit from the same treatment.

Consider updating these methods to use the new utility function:

// In GetAllKeys method:
-id, err := strconv.ParseUint(strings.TrimPrefix(key, NodeKeyPrefix), 10, 32)
+id, err := utils.StrToUint32(strings.TrimPrefix(key, NodeKeyPrefix))

// In ToBeCached method:
-id, err := strconv.ParseUint(item, 10, 32)
+id, err := utils.StrToUint32(item)

---

Line range hint 1-1: Consider comprehensive type safety improvements

While the current changes improve type safety for some operations, consider a more comprehensive approach:

1. Create constants for Redis key prefixes to avoid string literals
2. Implement consistent type conversion across all ID handling methods
3. Consider adding validation for uint32 overflow in ID generation

This would further improve maintainability and type safety across the entire storage implementation.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between a1e1869 and 11e2bd3.

📒 Files selected for processing (12)

• cmd/helpers/common.go (1 hunks)
• cmd/helpers/common_test.go (1 hunks)
• cmd/helpers/getAdditionalInfo.go (1 hunks)
• cmd/ingest/osv/osv.go (2 hunks)
• cmd/ingest/sbom/sbom.go (1 hunks)
• cmd/ingest/scorecard/scorecard.go (2 hunks)
• pkg/graph/cache.go (5 hunks)
• pkg/storages/redis_storage.go (3 hunks)
• pkg/tools/common.go (0 hunks)
• pkg/tools/ingest/vuln.go (1 hunks)
• pkg/utils/convert.go (1 hunks)
• pkg/utils/convert_test.go (1 hunks)

💤 Files with no reviewable changes (1)

• pkg/tools/common.go

✅ Files skipped from review due to trivial changes (1)

• pkg/tools/ingest/vuln.go

🔇 Additional comments (13)

cmd/helpers/common.go (1)

3-3: Verify all usages have been updated

Let's verify that all references to the old tools.TruncateString have been updated and check for potentially problematic usage patterns.

✅ Verification successful

Let me try a different search pattern to find all usages of TruncateString, regardless of the package prefix.

---

Let me try a more specific search to find all usages of TruncateString and check the imports:

---

Based on the search results, I can now provide a final response:

All TruncateString usages have been properly updated

All calls to TruncateString are using the correct helpers.TruncateString import and implementation. The function is used consistently across the codebase with a maxLength parameter of 50, which is a safe value. No instances of the old tools.TruncateString remain.

• Function is properly defined in cmd/helpers/common.go
• All imports correctly reference github.com/bitbomdev/minefield/cmd/helpers
• Used safely in osv, sbom, and scorecard packages for path truncation
• Test coverage exists in cmd/helpers/common_test.go

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for any remaining references to tools.TruncateString
# and verify the usage patterns of helpers.TruncateString

# Check for any remaining references to tools.TruncateString
echo "Checking for remaining references to tools.TruncateString:"
rg "tools\.TruncateString"

# Find all calls to helpers.TruncateString to review usage patterns
echo -e "\nChecking usage patterns of helpers.TruncateString:"
ast-grep --pattern 'TruncateString($str, $length)'

Length of output: 325

---

Script:

#!/bin/bash
# Search for any TruncateString function calls with context
echo "Searching for TruncateString function calls:"
rg "TruncateString\(" -A 1

# Also check for import statements related to this
echo -e "\nChecking related imports:"
rg "import.*\".*tools\"" 
rg "import.*\".*helpers\""

Length of output: 132637

---

Script:

#!/bin/bash
# Search for import statements related to TruncateString
echo "Checking imports:"
rg "\".*/(tools|helpers)\"" --type go

# Search for all TruncateString usages with more context
echo -e "\nChecking TruncateString usages:"
rg "TruncateString" -B 2 -A 2 --type go

Length of output: 3557

pkg/utils/convert.go (3)

1-7: LGTM: Clean package structure and imports

The package structure follows Go conventions with appropriate imports.

---

13-20: LGTM: Robust string to uint32 conversion

The function implements proper error handling and safe conversion using appropriate string parsing options.

---

1-28: Verify conversion function usage

Let's verify the usage of these new conversion functions across the codebase to ensure consistent type handling.

✅ Verification successful

All conversion functions are properly used across the codebase

The verification shows that:

• All instances of direct strconv conversions in Redis storage have been replaced with the new utility functions
• The graph cache is using the new utility functions consistently
• The remaining direct strconv usages in cmd/ packages are appropriate as they handle uint64 values, not uint32
• No instances of unsafe type conversions were found

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for direct uint32/string conversions that should use these new functions
rg --type go 'strconv\.(FormatUint|ParseUint|Atoi)' --glob '!pkg/utils/convert*'

# Search for places where these new functions are used
rg --type go 'utils\.(Uint32ToStr|StrToUint32|IntToUint32)'

Length of output: 1779

cmd/helpers/common_test.go (1)

Line range hint 1-71: Verify complete migration from tools package

Let's ensure all references to tools.TruncateString have been updated to use helpers.TruncateString.

✅ Verification successful

Let me search for any references to the function in other files to ensure we have a complete picture.

---

Let me search for any references to the old tools package to ensure we have a complete picture.

---

Based on the search results, I can now provide a final response:

Migration to helpers package is complete and correct

The function has been properly migrated from the tools package to the helpers package. All references to TruncateString are now using the helpers package:

• cmd/ingest/sbom/sbom.go: helpers.TruncateString
• cmd/ingest/osv/osv.go: helpers.TruncateString
• cmd/ingest/scorecard/scorecard.go: helpers.TruncateString

No references to tools.TruncateString remain in the codebase.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for any remaining references to tools.TruncateString

# Search for any remaining references to tools.TruncateString
echo "Checking for remaining references to tools.TruncateString:"
rg "tools\.TruncateString"

# Search for import statements of the old tools package
echo -e "\nChecking for remaining imports of the tools package:"
rg "\".*tools\""

Length of output: 124316

---

Script:

#!/bin/bash
# Search for TruncateString function usage across the codebase
echo "Searching for TruncateString function usage:"
rg "TruncateString\(" -A 2

# Search for files importing the helpers package
echo -e "\nSearching for helpers package imports:"
rg "\".*helpers\""

Length of output: 153609

---

Script:

#!/bin/bash
# Search for any files importing the tools package
echo "Searching for tools package imports:"
rg "\".*tools\""

# Search for any references to tools package in Go files
echo -e "\nSearching for tools package references in Go files:"
rg "tools\." --type go

Length of output: 102660

cmd/helpers/getAdditionalInfo.go (2)

6-8: LGTM! Import organization looks good.

The import statement organization is clean and follows standard Go conventions.

---

Line range hint 1-65: Verify package dependencies after tools package removal.

Since the AI summary mentions that the tools package has been removed, let's verify that the remaining imports are still valid and required.

cmd/ingest/sbom/sbom.go (1)

52-52: LGTM! Verify helper function behavior.

The change from tools.TruncateString to helpers.TruncateString looks correct. Let's verify the new implementation maintains the same behavior.

✅ Verification successful

Implementation verified and behavior is correct

The new helpers.TruncateString implementation in cmd/helpers/common.go follows the same logic for string truncation:

• Returns the original string if its length is within the max length
• For longer strings, adds "..." prefix and keeps the last (maxLength-3) characters

The function maintains the same behavior as before and is properly placed in the helpers package. The change is safe.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the implementation of helpers.TruncateString matches the expected behavior

# Check the implementation of the new helper function
ast-grep --pattern 'func TruncateString($str, $maxLen) {
  $$$
}'

# Look for any test cases
rg -l "TestTruncateString" 

Length of output: 94

---

Script:

#!/bin/bash
# Let's try a broader search for the TruncateString function
rg -p "func.*TruncateString"

# Also search for the file containing the function
fd -t f "helpers.go"

Length of output: 159

---

Script:

#!/bin/bash
# Let's examine both implementations to compare them
echo "=== New Implementation in cmd/helpers/common.go ==="
rg -A 10 "func TruncateString" cmd/helpers/common.go

echo -e "\n=== Previous Implementation in pkg/tools/ingest/helpers.go ==="
rg -A 10 "func TruncateString" pkg/tools/ingest/helpers.go

Length of output: 514

cmd/ingest/scorecard/scorecard.go (1)

51-51: Verify the implementation of helpers.TruncateString.

Let's verify that the new helpers.TruncateString function is properly implemented and consistently used across the codebase.

Also applies to: 73-73

✅ Verification successful

Implementation of helpers.TruncateString is correct and consistently used

The helper function is properly implemented in cmd/helpers/common.go with correct string truncation logic, and it's being used consistently across the codebase for truncating paths in progress messages. No instances of the old tools.TruncateString remain.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the implementation and usage of TruncateString

# Check the implementation
echo "Checking TruncateString implementation:"
ast-grep --pattern 'func TruncateString($str, $maxLen) {
  $$$
}'

# Check for any remaining references to tools.TruncateString
echo -e "\nChecking for remaining tools.TruncateString references:"
rg "tools\.TruncateString"

# Check for consistent usage of the new helper
echo -e "\nChecking helpers.TruncateString usage:"
rg "helpers\.TruncateString"

Length of output: 1279

---

Script:

#!/bin/bash
# Let's check the actual implementation of TruncateString in the helpers package

# First, find the file containing TruncateString
echo "Finding TruncateString implementation file:"
fd "helpers" --type f --exec rg -l "TruncateString"

# Then get the actual implementation
echo -e "\nChecking the implementation:"
rg -A 10 "func TruncateString" 

Length of output: 529

cmd/ingest/osv/osv.go (1)

Line range hint 1-70: PR objective mismatch

The changes in this file involve migrating from tools.TruncateString to helpers.TruncateString, which appears unrelated to the PR's stated objective of fixing uint32 conversion. Please clarify if there are additional changes pending or if the PR title should be updated to reflect these changes.

pkg/utils/convert_test.go (1)

28-57: Well-structured and comprehensive test cases!

The test cases effectively cover:

• Valid conversions
• Error handling for invalid inputs
• Boundary conditions (overflow)
• Proper error validation

pkg/graph/cache.go (1)

8-8: LGTM: Import addition is appropriate

The new import aligns with the changes to use utility functions for type-safe conversions.

pkg/storages/redis_storage.go (1)

10-10: LGTM: Import statement follows Go conventions

The utils package import is properly placed and grouped with other internal imports.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 11e2bd3 and e131e07.

📒 Files selected for processing (4)

• cmd/helpers/common.go (1 hunks)
• cmd/ingest/scorecard/scorecard.go (2 hunks)
• pkg/utils/convert.go (1 hunks)
• pkg/utils/convert_test.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

• cmd/helpers/common.go
• cmd/ingest/scorecard/scorecard.go
• pkg/utils/convert_test.go

🧰 Additional context used

🪛 GitHub Check: build

pkg/utils/convert.go

[failure] 32-32:
syntax error: non-declaration statement outside function body

---

[failure] 36-36:
syntax error: imports must appear before other declarations

🔇 Additional comments (3)

pkg/utils/convert.go (3)

8-11: LGTM!

The implementation is correct and efficient. The function properly handles the conversion from uint32 to string using appropriate type conversion and base 10 formatting.

---

13-20: LGTM!

The implementation is robust with proper error handling and type safety checks. The use of ParseUint with bitSize 32 ensures values stay within uint32 range.

---

22-31: LGTM! Safety checks properly implemented

The function implementation includes all necessary safety checks:

• Negative value validation
• Overflow protection using math.MaxUint32
• Clear error messages for both cases

This addresses the previous review comment about int overflow protection.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (1)

cmd/helpers/common_test.go (1)

Line range hint 7-60: Fix inconsistent function names in test.

The test contains naming inconsistencies:

1. The test function is named TestTruncatePath but it tests TruncateString
2. The error message uses truncatePath() but should use TruncateString()

Apply this diff to fix the inconsistencies:

-func TestTruncatePath(t *testing.T) {
+func TestTruncateString(t *testing.T) {
     // ... test cases ...
     for _, tt := range tests {
         t.Run(tt.name, func(t *testing.T) {
             if got := TruncateString(tt.id, tt.maxLength); got != tt.want {
-                t.Errorf("truncatePath() = %v, want %v", got, tt.want)
+                t.Errorf("TruncateString() = %v, want %v", got, tt.want)
             }
         })
     }
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between e131e07 and 712a71c.

📒 Files selected for processing (12)

• cmd/helpers/common.go (1 hunks)
• cmd/helpers/common_test.go (1 hunks)
• cmd/helpers/getAdditionalInfo.go (1 hunks)
• cmd/ingest/osv/osv.go (2 hunks)
• cmd/ingest/sbom/sbom.go (1 hunks)
• cmd/ingest/scorecard/scorecard.go (2 hunks)
• pkg/graph/cache.go (6 hunks)
• pkg/storages/redis_storage.go (4 hunks)
• pkg/tools/common.go (0 hunks)
• pkg/tools/ingest/vuln.go (1 hunks)
• pkg/utils/convert.go (1 hunks)
• pkg/utils/convert_test.go (1 hunks)

💤 Files with no reviewable changes (1)

• pkg/tools/common.go

🚧 Files skipped from review as they are similar to previous changes (10)

• cmd/helpers/common.go
• cmd/helpers/getAdditionalInfo.go
• cmd/ingest/osv/osv.go
• cmd/ingest/sbom/sbom.go
• cmd/ingest/scorecard/scorecard.go
• pkg/graph/cache.go
• pkg/storages/redis_storage.go
• pkg/tools/ingest/vuln.go
• pkg/utils/convert.go
• pkg/utils/convert_test.go

🔇 Additional comments (2)

cmd/helpers/common_test.go (2)

1-5: LGTM! Package change and imports look good.

The package rename from tools to helpers is consistent with the codebase refactoring, and the imports are appropriately minimal.

---

Line range hint 1-60: Verify TruncateString usage across the codebase.

Let's verify that all references to the old tools.TruncateString have been updated to use helpers.TruncateString.

✅ Verification successful

All references to TruncateString have been properly updated

The verification shows that:

• No instances of tools.TruncateString remain in the codebase
• All usages in the ingest commands (osv, sbom, scorecard) have been properly updated to use helpers.TruncateString

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for any remaining references to tools.TruncateString and verify helpers.TruncateString usage

# Check for any remaining references to tools.TruncateString
echo "Checking for remaining tools.TruncateString references..."
rg "tools\.TruncateString"

# Verify the new helpers.TruncateString usage
echo "Verifying helpers.TruncateString usage..."
rg "helpers\.TruncateString" "cmd/ingest/"

Length of output: 1137