[aur-dev] [PATCH] Add hard limit for the length of dependency lists
Introduce a configuration option max_depends which can be used to specify a maximum number of (reverse) dependencies to display on the package details pages. Fixes FS#49059. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org> --- conf/config.proto | 1 + web/lib/pkgfuncs.inc.php | 10 ++++++---- web/template/pkg_details.php | 5 +++-- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/conf/config.proto b/conf/config.proto index 560c705..64af774 100644 --- a/conf/config.proto +++ b/conf/config.proto @@ -21,6 +21,7 @@ aur_location = https://aur.archlinux.org git_clone_uri_anon = https://aur.archlinux.org/%s.git git_clone_uri_priv = ssh://aur@aur.archlinux.org/%s.git max_rpc_results = 5000 +max_depends = 1000 aur_request_ml = aur-requests@archlinux.org request_idle_time = 1209600 auto_orphan_age = 15552000 diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index eaea318..4b0fdba 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -230,10 +230,11 @@ function pkg_providers($name) { * Get package dependencies for a specific package * * @param int $pkgid The package to get dependencies for + * @param int $limit An upper bound for the number of packages to retrieve * * @return array All package dependencies for the package */ -function pkg_dependencies($pkgid) { +function pkg_dependencies($pkgid, $limit) { $deps = array(); $pkgid = intval($pkgid); if ($pkgid > 0) { @@ -243,7 +244,7 @@ function pkg_dependencies($pkgid) { $q.= "OR SUBSTRING(pd.DepName FROM 1 FOR POSITION(': ' IN pd.DepName) - 1) = p.Name "; $q.= "LEFT JOIN DependencyTypes dt ON dt.ID = pd.DepTypeID "; $q.= "WHERE pd.PackageID = ". $pkgid . " "; - $q.= "ORDER BY pd.DepName"; + $q.= "ORDER BY pd.DepName LIMIT " . intval($limit); $result = $dbh->query($q); if (!$result) { return array(); @@ -505,10 +506,11 @@ function pkg_source_link($url, $arch) { * * @param string $name The package name for the dependency search * @param array $provides A list of virtual provisions of the package + * @param int $limit An upper bound for the number of packages to retrieve * * @return array All packages that depend on the specified package name */ -function pkg_required($name="", $provides) { +function pkg_required($name="", $provides, $limit) { $deps = array(); if ($name != "") { $dbh = DB::connect(); @@ -523,7 +525,7 @@ function pkg_required($name="", $provides) { $q.= "LEFT JOIN DependencyTypes dt ON dt.ID = pd.DepTypeID "; $q.= "WHERE pd.DepName IN (" . $name_list . ") "; $q.= "OR SUBSTRING(pd.DepName FROM 1 FOR POSITION(': ' IN pd.DepName) - 1) IN (" . $name_list . ") "; - $q.= "ORDER BY p.Name"; + $q.= "ORDER BY p.Name LIMIT " . intval($limit); $result = $dbh->query($q); if (!$result) {return array();} while ($row = $result->fetch(PDO::FETCH_NUM)) { diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index 8b038b9..b9c66d4 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -5,6 +5,7 @@ $log_uri = sprintf(config_get('options', 'log_uri'), urlencode($row['BaseName']) $snapshot_uri = sprintf(config_get('options', 'snapshot_uri'), urlencode($row['BaseName'])); $git_clone_uri_anon = sprintf(config_get('options', 'git_clone_uri_anon'), htmlspecialchars($row['BaseName'])); $git_clone_uri_priv = sprintf(config_get('options', 'git_clone_uri_priv'), htmlspecialchars($row['BaseName'])); +$max_depends = config_get_int('options', 'max_depends'); $uid = uid_from_sid($SID); @@ -40,7 +41,7 @@ $out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", intval($ $lics = pkg_licenses($row["ID"]); $grps = pkg_groups($row["ID"]); -$deps = pkg_dependencies($row["ID"]); +$deps = pkg_dependencies($row["ID"], $max_depends); usort($deps, function($x, $y) { if ($x[1] != $y[1]) { @@ -82,7 +83,7 @@ foreach ($rels as $rel) { } } -$requiredby = pkg_required($row["Name"], $rels_p); +$requiredby = pkg_required($row["Name"], $rels_p, $max_depends); # $sources[0] = 'src'; $sources = pkg_sources($row["ID"]); -- 2.8.0
On 28/04, Lukas Fleischer wrote:
Introduce a configuration option max_depends which can be used to specify a maximum number of (reverse) dependencies to display on the package details pages.
Fixes FS#49059.
Don't have time to poke at it right now, but maybe we want to make it more like archweb and have a "Show more" link to show all of them. Though we'd probably want a hard-limit either way, just in case.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org> --- conf/config.proto | 1 + web/lib/pkgfuncs.inc.php | 10 ++++++---- web/template/pkg_details.php | 5 +++-- 3 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/conf/config.proto b/conf/config.proto index 560c705..64af774 100644 --- a/conf/config.proto +++ b/conf/config.proto @@ -21,6 +21,7 @@ aur_location = https://aur.archlinux.org git_clone_uri_anon = https://aur.archlinux.org/%s.git git_clone_uri_priv = ssh://aur@aur.archlinux.org/%s.git max_rpc_results = 5000 +max_depends = 1000 aur_request_ml = aur-requests@archlinux.org request_idle_time = 1209600 auto_orphan_age = 15552000 diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index eaea318..4b0fdba 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -230,10 +230,11 @@ function pkg_providers($name) { * Get package dependencies for a specific package * * @param int $pkgid The package to get dependencies for + * @param int $limit An upper bound for the number of packages to retrieve * * @return array All package dependencies for the package */ -function pkg_dependencies($pkgid) { +function pkg_dependencies($pkgid, $limit) { $deps = array(); $pkgid = intval($pkgid); if ($pkgid > 0) { @@ -243,7 +244,7 @@ function pkg_dependencies($pkgid) { $q.= "OR SUBSTRING(pd.DepName FROM 1 FOR POSITION(': ' IN pd.DepName) - 1) = p.Name "; $q.= "LEFT JOIN DependencyTypes dt ON dt.ID = pd.DepTypeID "; $q.= "WHERE pd.PackageID = ". $pkgid . " "; - $q.= "ORDER BY pd.DepName"; + $q.= "ORDER BY pd.DepName LIMIT " . intval($limit); $result = $dbh->query($q); if (!$result) { return array(); @@ -505,10 +506,11 @@ function pkg_source_link($url, $arch) { * * @param string $name The package name for the dependency search * @param array $provides A list of virtual provisions of the package + * @param int $limit An upper bound for the number of packages to retrieve * * @return array All packages that depend on the specified package name */ -function pkg_required($name="", $provides) { +function pkg_required($name="", $provides, $limit) { $deps = array(); if ($name != "") { $dbh = DB::connect(); @@ -523,7 +525,7 @@ function pkg_required($name="", $provides) { $q.= "LEFT JOIN DependencyTypes dt ON dt.ID = pd.DepTypeID "; $q.= "WHERE pd.DepName IN (" . $name_list . ") "; $q.= "OR SUBSTRING(pd.DepName FROM 1 FOR POSITION(': ' IN pd.DepName) - 1) IN (" . $name_list . ") "; - $q.= "ORDER BY p.Name"; + $q.= "ORDER BY p.Name LIMIT " . intval($limit); $result = $dbh->query($q); if (!$result) {return array();} while ($row = $result->fetch(PDO::FETCH_NUM)) { diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index 8b038b9..b9c66d4 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -5,6 +5,7 @@ $log_uri = sprintf(config_get('options', 'log_uri'), urlencode($row['BaseName']) $snapshot_uri = sprintf(config_get('options', 'snapshot_uri'), urlencode($row['BaseName'])); $git_clone_uri_anon = sprintf(config_get('options', 'git_clone_uri_anon'), htmlspecialchars($row['BaseName'])); $git_clone_uri_priv = sprintf(config_get('options', 'git_clone_uri_priv'), htmlspecialchars($row['BaseName'])); +$max_depends = config_get_int('options', 'max_depends');
$uid = uid_from_sid($SID);
@@ -40,7 +41,7 @@ $out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", intval($ $lics = pkg_licenses($row["ID"]); $grps = pkg_groups($row["ID"]);
-$deps = pkg_dependencies($row["ID"]); +$deps = pkg_dependencies($row["ID"], $max_depends);
usort($deps, function($x, $y) { if ($x[1] != $y[1]) { @@ -82,7 +83,7 @@ foreach ($rels as $rel) { } }
-$requiredby = pkg_required($row["Name"], $rels_p); +$requiredby = pkg_required($row["Name"], $rels_p, $max_depends);
# $sources[0] = 'src'; $sources = pkg_sources($row["ID"]); -- 2.8.0
-- Sincerely, Johannes Löthberg PGP Key ID: 0x50FB9B273A9D0BB5 https://theos.kyriasis.com/~kyrias/
On Thu, 28 Apr 2016 at 20:44:54, Johannes Löthberg wrote:
On 28/04, Lukas Fleischer wrote:
Introduce a configuration option max_depends which can be used to specify a maximum number of (reverse) dependencies to display on the package details pages.
Fixes FS#49059.
Don't have time to poke at it right now, but maybe we want to make it more like archweb and have a "Show more" link to show all of them. Though we'd probably want a hard-limit either way, just in case. [...]
Huh? That's what we have right now... If there are more than 20 items, the list is collapsed and a "Show More…" link is added. The issue addressed here is with packages that really have a *huge* number of dependencies or reverse dependencies, such as git-git [1]. In that case, everything beyond the first 1000 items is stripped on the server side. Then, the remaining 1000 entries are transferred to the client and there, the list is still collapsed such that only 20 items are visible by default. [1] https://aur.archlinux.org/packages/git-git/
On 28/04, Lukas Fleischer wrote:
On Thu, 28 Apr 2016 at 20:44:54, Johannes Löthberg wrote:
On 28/04, Lukas Fleischer wrote:
Introduce a configuration option max_depends which can be used to specify a maximum number of (reverse) dependencies to display on the package details pages.
Fixes FS#49059.
Don't have time to poke at it right now, but maybe we want to make it more like archweb and have a "Show more" link to show all of them. Though we'd probably want a hard-limit either way, just in case. [...]
Huh? That's what we have right now... If there are more than 20 items, the list is collapsed and a "Show More…" link is added.
The issue addressed here is with packages that really have a *huge* number of dependencies or reverse dependencies, such as git-git [1]. In that case, everything beyond the first 1000 items is stripped on the server side. Then, the remaining 1000 entries are transferred to the client and there, the list is still collapsed such that only 20 items are visible by default.
Oh, it loads the whole list and /then/ hides it, that's why I didn't realize... -- Sincerely, Johannes Löthberg PGP Key ID: 0x50FB9B273A9D0BB5 https://theos.kyriasis.com/~kyrias/
participants (2)
-
Johannes Löthberg
-
Lukas Fleischer