Make Unix/Linux path handling OS-independent for Windows compatibility #1173
Conversation
|
Note Other AI code review bot(s) detectedCodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review. Summary by CodeRabbit
✏️ Tip: You can customize this high-level summary in your review settings. WalkthroughReplaced fragile string-based path parsing with platform-agnostic pathlib/os.path usage, added UTF-8 when opening template YAMLs, and added/expanded docstrings. No changes to public interfaces or control flow; header filename extraction made OS-agnostic. Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested reviewers
Pre-merge checks and finishing touches❌ Failed checks (1 inconclusive)
✅ Passed checks (4 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
This PR successfully refactors path handling operations across 5 core files to use OS-independent methods, ensuring Nettacker works correctly on both Windows and Unix-like operating systems. The changes replace hardcoded forward slash string operations with proper pathlib properties and os.path functions, which automatically handle platform-specific path separators.
Key Changes:
- Replaced string
.split("/")operations with pathlib properties (.stem,.parent.name) for extracting file path components - Added UTF-8 encoding to YAML file operations for Windows compatibility
- Replaced string splitting with
os.path.basename()for filename extraction
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| nettacker/core/utils/common.py | Added clarifying comment to distinguish URL key delimiter from file path separator |
| nettacker/core/template.py | Added UTF-8 encoding parameter when opening YAML module files to handle non-ASCII characters on Windows |
| nettacker/core/messages.py | Replaced string splitting with language.stem to extract language names from file paths |
| nettacker/core/arg_parser.py | Replaced string splitting with pathlib properties (.stem, .parent.name) in three locations: graph discovery, language loading, and module loading |
| nettacker/api/engine.py | Replaced string splitting with os.path.basename() for extracting filename in file download headers |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@coderabbitai generate docstrings |
✅ Actions performedInitiated docstring generation; will generate only if new commits exist. |
|
Note Docstrings generation - SUCCESS |
Docstrings generation was requested by @subhash-0000. * #1173 (comment) The following files were modified: * `nettacker/api/engine.py` * `nettacker/core/arg_parser.py` * `nettacker/core/messages.py` * `nettacker/core/template.py` * `nettacker/core/utils/common.py`
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
Hi maintainers This PR fixes Windows path compatibility issues by replacing Unix-specific path operations with OS-independent methods ( Changes:
The CI workflow is awaiting approval to run. Could a maintainer please approve the workflow? Thanks! Fixes #1039 |
|
Hi @subhash-0000, I tested PR #1173 locally on macOS. The path-handling changes work as expected, module resolution and the updated directory structure behave correctly. The only failures I encountered were due to Python 3.12 removing To address this and make the test suite compatible with Python 3.12+, I opened a separate test-only compatibility PR here: With that shim applied, all 214 tests pass locally, and PR #1173 runs cleanly. Happy to test anything else if needed! |
|
@deekshithaby Great to hear the path-handling changes work correctly on macOS and that module resolution is functioning as expected. I appreciate you opening #1180 to address the Python 3.12 SSL compatibility issue separately - that's very helpful! Looking forward to getting this merged once the maintainers approve the workflow and review the changes. Thanks again for your thorough testing! |
|
Friendly ping @arkid15r @securestep9 This PR has been tested by @deekshithaby on macOS and is ready for review. The workflow is awaiting approval to run CI checks. Thanks for your time! |
|
Friendly ping @arkid15r @securestep9 This PR has been tested on macOS and is ready for review. The workflow is awaiting approval to run CI checks. |
|
@subhash-0000 the CI is failing due to pre-commit checks on ruff formatting and the commits in the PR missing verified signatures. Please learn how to digitally sign your commits. |
Refactored path operations to use OS-independent methods: - Replaced hardcoded forward slash '/' string splits with pathlib properties (Path.stem, Path.name, Path.parent.name) - Used os.path.basename() for string-based path operations - Added UTF-8 encoding to YAML file operations for Windows compatibility - Added clarifying comment to distinguish URL parsing from file path operations Tested on Windows with all functionality working: - Scan Engine: Module discovery and loading (117 modules) - API: File download headers and path handling - WebUI: Language and graph discovery Changes are backwards compatible with Unix/Linux systems. Fixes issue regarding Windows path handling
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@2.5.0...2.6.0) --- updated-dependencies: - dependency-name: urllib3 dependency-version: 2.6.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v5...v6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v6...v7) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
subhash-0000
force-pushed
the
fix-windows-path-handling
branch
from
e30262d to
10552c4
Compare
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
.github/workflows/ci_cd.yml (1)
26-26: Consider separating workflow updates from path handling changes.These GitHub Actions version bumps appear unrelated to the PR's core objective of making path handling OS-independent. While the updates may be beneficial, mixing unrelated changes in a single PR can complicate review, increase merge risk, and make it harder to track changes historically.
Consider whether these workflow updates should be in a separate PR, unless they're specifically required for testing the Windows path handling changes.
Also applies to: 50-50, 70-70, 93-93, 110-110, 126-126, 134-134, 157-157, 234-234, 254-254, 285-285, 322-322, 348-348
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
poetry.lockis excluded by!**/*.lock
📒 Files selected for processing (6)
.github/workflows/ci_cd.ymlnettacker/api/engine.pynettacker/core/arg_parser.pynettacker/core/messages.pynettacker/core/template.pynettacker/core/utils/common.py
✅ Files skipped from review due to trivial changes (1)
- nettacker/core/utils/common.py
🚧 Files skipped from review as they are similar to previous changes (4)
- nettacker/core/messages.py
- nettacker/core/template.py
- nettacker/core/arg_parser.py
- nettacker/api/engine.py
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-08-06T16:37:47.916Z
Learnt from: arkid15r
Repo: OWASP/Nettacker PR: 0
File: :0-0
Timestamp: 2025-08-06T16:37:47.916Z
Learning: In the OWASP/Nettacker repository's GitHub Actions workflow, artifacts are downloaded by name (specifically the 'dist' artifact) rather than by artifact ID, so updates to actions/download-artifact that affect ID-based downloads don't impact this codebase.
Applied to files:
.github/workflows/ci_cd.yml
🔇 Additional comments (2)
.github/workflows/ci_cd.yml (2)
110-110: actions/upload-artifact@v6 is stable for GitHub-hosted runners.Version 6 is a stable release. The main change is Node.js 24 support and requires Actions Runner 2.327.1+, which is not an issue for GitHub-hosted runners. No new behavioral breaking changes in v6 affect artifact upload/download workflows.
26-26: All version upgrades are valid and safe.actions/checkout@v6, actions/upload-artifact@v6, and actions/download-artifact@v7 are stable releases. The credential persistence change in checkout@v6 requires no workflow modifications. The workflow's single upload-artifact step to 'dist' and multiple download-artifact steps from the same artifact are fully compatible with v6 and v7. All versions require Actions Runner v2.327.1+, which is met by default on GitHub-hosted runners.
Also applies to: 50-50, 70-70, 93-93, 126-126, 157-157, 234-234, 254-254, 285-285
|
@securestep9 |
3 participants
This PR makes the Unix/Linux path handling OS-independent to ensure Nettacker works equally well on both Windows and Unix-like operating systems.
I've requested assignment for issue #933 and have completed the implementation with full testing on Windows.
Changes Made
Refactored path operations in 5 core files to use OS-independent methods:
Fixed graph discovery, language loading, and module loading in arg_parser
Fixed language discovery in messages module
Fixed file download headers in API engine
Added UTF-8 encoding to YAML file operations in template module for Windows compatibility
Added clarifying comment in common utils to distinguish URL parsing from file path operations
All changes replace hardcoded forward slash operations with pathlib properties and os.path functions.
Testing Performed
Tested comprehensively on Windows 10 with Python 3.10.0:
Scan Engine: All 117 modules discovered and loaded successfully
API: File download headers working correctly with Windows paths
WebUI: Language discovery (23 languages) and graph discovery (2 graphs) working
Module Loading: All YAML files parsed without encoding errors
Path Handling: Windows backslash paths working correctly
Database: SQLite connection and operations working
All changes are cross-platform and fully backwards compatible with Unix/Linux systems.
Fixes #933
Type of change
Bugfix (non-breaking change which fixes an issue)
Checklist
I've followed the contributing guidelines
I've run make pre-commit, it didn't generate any changes
I've run make test, all tests passed locally