mirror of
https://github.com/Syngnat/GoNavi.git
synced 2026-07-12 16:02:48 +08:00
Release/0.5.7 (#226)
* 🎨 style(DataGrid): 清理冗余代码与静态分析告警 - 类型重构:通过修正 React Context 的函数签名解决了 void 类型的链式调用错误 - 代码精简:利用 Nullish Coalescing (??) 优化组件配置项降级逻辑,剥离无意义的隐式 undefined 赋值 - 工具链适配:适配 IDE 拼写检查与 Promise strict rules,确保全文件零警 * 🔧 fix(db/kingbase_impl): 修复标识符无条件加双引号导致SQL语法报错 - quoteKingbaseIdent 改为条件引用,仅对大写字母、保留字、特殊字符的标识符添加双引号 - 新增 kingbaseIdentNeedsQuote 判断标识符是否需要引用 - 新增 isKingbaseReservedWord 检测常见SQL保留字 - 补充 TestQuoteKingbaseIdent、TestKingbaseIdentNeedsQuote 单测覆盖各场景 - refs #176 * 🔧 fix(release,db/kingbase_impl): 修复金仓默认 schema 并静默生成 DMG - Kingbase:在 current_schema() 为 public 时探测候选 schema,并通过 DSN search_path 重连,兼容未限定 schema 的查询 - 候选优先级:数据库名/用户名同名 schema(存在性校验),否则仅在“唯一用户 schema 有表”场景兜底 - 避免连接污染:每次 Connect 重置探测结果,重连成功后替换连接并关闭旧连接 - 打包脚本:create-dmg 增加 --sandbox-safe,避免构建时自动弹出/打开挂载窗口 - 产物格式:强制 --format UDZO,并将 rw.*.dmg/UDRW 中间产物转换为可分发 DMG - 校验门禁:增加 hdiutil verify,失败时保留 .app 便于排查,同时修正卷图标探测并补 ad-hoc 签名 * 🐛 fix(connection/redis): 修复 Redis URI 用户名处理导致认证失败 - Redis URI 解析回填 user 字段,兼容 redis://user:pass@... 与 redis://:pass@... - 生成 URI 时按需输出 user/password,避免丢失用户名信息 - Redis 类型默认用户名置空,并在构建配置时清理历史默认 root - 避免 go-redis 触发 ACL AUTH(user, pass) 导致 WRONGPASS - refs #212 * 🔧 fix(release,ssh): 修复 SSH 误判连接成功并纠正 DMG 打包结构 - SSH 缓存 key 纳入认证指纹(password/keyPath),避免改错凭证仍复用旧连接/端口转发 - MySQL/MariaDB/Doris:SSH 隧道建立失败直接返回错误,不再回退直连导致测试误判成功 - 新增最小单测覆盖 SSH cache key 与 UseSSH 异常路径 - build-release.sh:create-dmg 使用 staging 目录作为 source,避免 DMG 根目录变成 Contents - refs #213 * fix: KingBase 连接后自动设置 search_path,修复自定义 schema 下表查询报 relation does not exist 的问题 (#215) * 🔧 fix(driver/kingbase,mongodb): 修复外置驱动事务引用与连接测试链路问题 - 金仓外置驱动链路增加表名与变更字段归一化,修复 ApplyChanges 场景下双引号转义异常导致的 SQL 语法错误 - 新增金仓公共标识符工具并复用到 kingbase_impl 与 optional_driver_agent_impl,统一处理多重转义、schema.table 拆分与引用规范 - 金仓代理连接后自动探测并设置 search_path,降低查询时必须手写 schema 前缀的概率 - MongoDB 连接参数改为显式 host/hosts 优先,避免被 URI 中 localhost 覆盖;代理链路保留目标地址不再改写为本地地址 - 连接测试增加前后端超时收敛与日志增强,避免长时间转圈;连接错误文案在未启用 TLS 时移除误导性的“SSL”前缀 - 统一日志级别为 INFO/WARN/ERROR,默认日志目录收敛到 ~/.GoNavi/Logs,并补充驱动构建脚本 build-driver-agents.sh * 🔧 fix(release/sidebar): 统一跨平台UPX压缩并修复PG函数列表查询兼容性 - 构建脚本新增通用 UPX 压缩函数,覆盖 macOS、Linux、Windows 产物 - 本地打包改为强制压缩策略:未安装 upx、压缩失败或校验失败直接终止 - macOS 打包在签名前压缩 .app 主程序并执行 upx -t 校验 - Linux 打包在生成 tar.gz 前压缩可执行文件并执行 upx -t 校验 - GitHub Release 与测试构建流程补齐 macOS/Linux/Windows 的 upx 安装与压缩步骤 - PostgreSQL/PG-like 函数元数据查询增加多路兼容 SQL,修复函数列表不显示问题 - refs #221 - refs #222 --------- Co-authored-by: Syngnat <yangguofeng919@gmail.com> Co-authored-by: 凌封 <49424247+fengin@users.noreply.github.com>
This commit is contained in:
@@ -5,6 +5,7 @@ import (
|
||||
"crypto/tls"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/url"
|
||||
"strconv"
|
||||
"strings"
|
||||
"sync"
|
||||
@@ -174,8 +175,31 @@ func (r *RedisClientImpl) toDisplayKey(key string) string {
|
||||
return strings.TrimPrefix(key, prefix)
|
||||
}
|
||||
|
||||
// sanitizeRedisPassword 对 Redis 密码进行防御性 URL 解码。
|
||||
// 当密码中包含 URL 编码序列(如 %40)时,尝试解码还原原始字符。
|
||||
// 这可以防止前端 URI 构建中 encodeURIComponent 编码后的密码被误传入。
|
||||
func sanitizeRedisPassword(password string) string {
|
||||
if password == "" {
|
||||
return password
|
||||
}
|
||||
// 仅当密码中包含 '%' 且后跟两位十六进制数字时,才尝试 URL 解码
|
||||
if !strings.Contains(password, "%") {
|
||||
return password
|
||||
}
|
||||
decoded, err := url.QueryUnescape(password)
|
||||
if err != nil {
|
||||
// 解码失败,使用原始密码
|
||||
return password
|
||||
}
|
||||
if decoded != password {
|
||||
logger.Warnf("Redis 密码检测到 URL 编码,已自动解码(原长度=%d 解码后长度=%d)", len(password), len(decoded))
|
||||
}
|
||||
return decoded
|
||||
}
|
||||
|
||||
// Connect establishes a connection to Redis
|
||||
func (r *RedisClientImpl) Connect(config connection.ConnectionConfig) error {
|
||||
config.Password = sanitizeRedisPassword(config.Password)
|
||||
r.config = config
|
||||
if r.config.RedisDB < 0 || r.config.RedisDB > 15 {
|
||||
r.config.RedisDB = 0
|
||||
|
||||
81
internal/redis/redis_impl_test.go
Normal file
81
internal/redis/redis_impl_test.go
Normal file
@@ -0,0 +1,81 @@
|
||||
package redis
|
||||
|
||||
import "testing"
|
||||
|
||||
func TestSanitizeRedisPassword(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
input string
|
||||
expected string
|
||||
}{
|
||||
{
|
||||
name: "empty password",
|
||||
input: "",
|
||||
expected: "",
|
||||
},
|
||||
{
|
||||
name: "plain password without special chars",
|
||||
input: "mypassword123",
|
||||
expected: "mypassword123",
|
||||
},
|
||||
{
|
||||
name: "password with @ not encoded",
|
||||
input: "p@ssword",
|
||||
expected: "p@ssword",
|
||||
},
|
||||
{
|
||||
name: "password with @ URL-encoded as %40",
|
||||
input: "p%40ssword",
|
||||
expected: "p@ssword",
|
||||
},
|
||||
{
|
||||
name: "password with multiple encoded chars",
|
||||
input: "p%40ss%23word",
|
||||
expected: "p@ss#word",
|
||||
},
|
||||
{
|
||||
name: "password with + encoded as %2B",
|
||||
input: "p%2Bss",
|
||||
expected: "p+ss",
|
||||
},
|
||||
{
|
||||
name: "password that is purely encoded",
|
||||
input: "%40%23%24",
|
||||
expected: "@#$",
|
||||
},
|
||||
{
|
||||
name: "password with invalid percent encoding",
|
||||
input: "p%ZZssword",
|
||||
expected: "p%ZZssword",
|
||||
},
|
||||
{
|
||||
name: "password with trailing percent",
|
||||
input: "password%",
|
||||
expected: "password%",
|
||||
},
|
||||
{
|
||||
name: "password with literal percent not encoding anything",
|
||||
input: "100%safe",
|
||||
expected: "100%safe",
|
||||
},
|
||||
{
|
||||
name: "password with space encoded as %20",
|
||||
input: "my%20pass",
|
||||
expected: "my pass",
|
||||
},
|
||||
{
|
||||
name: "complex password with mixed content",
|
||||
input: "P%40ss%23w0rd!",
|
||||
expected: "P@ss#w0rd!",
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
result := sanitizeRedisPassword(tt.input)
|
||||
if result != tt.expected {
|
||||
t.Errorf("sanitizeRedisPassword(%q) = %q, want %q", tt.input, result, tt.expected)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user