Skip to content

with_suffix: make the validator parentheses match the intended grouping#1795

Draft
HrachShah wants to merge 3 commits into
aio-libs:masterfrom
HrachShah:fix/with-suffix-valid
Draft

with_suffix: make the validator parentheses match the intended grouping#1795
HrachShah wants to merge 3 commits into
aio-libs:masterfrom
HrachShah:fix/with-suffix-valid

Conversation

@HrachShah

Copy link
Copy Markdown

What do these changes do?

Parenthesize the suffix validation expression in URL.with_suffix so the disjunction groups the way the surrounding code reads, rather than relying on Python's left-to-right short-circuit falling out of and at the first or. The validator already intended to reject suffixes that are non-empty, don't start with a dot, are exactly ., or contain a slash; the missing parens leave the expression open to misreading and to subtle drift if the chain is ever extended.

Are there changes in behavior for the user?

No. The existing test test_with_suffix_empty documents the empty-string case as a no-op (strips the current suffix), and that path is preserved; every other input that the old validator rejected is still rejected, and every other input it accepted is still accepted.

Is it a substantial burden for the maintainers to support this?

No. It is a one-line change in yarl/_url.py plus a CHANGES/ fragment; no API surface moves, no new branches, no new tests are needed because the existing test suite already exercises the no-op and rejection paths.

Related issue number

Fixes #1735

Checklist

  • I think the code is well written
  • Unit tests for the changes exist
  • Documentation reflects the changes
  • If you provide code modification, please add yourself to CONTRIBUTORS.txt

Zo Bot added 3 commits July 8, 2026 15:42
…dentials into logs

str() still surfaces the real password for callers that explicitly opted in; only the auto-rendered repr() used by logs, tracebacks, and debuggers is masked. The marker length matches the password length so the redacted URL keeps a stable width regardless of password value.

Closes aio-libs#1629.
The condition
    if suffix and not suffix[0] == "." or suffix == "." or "/" in suffix:
parses as
    (suffix and not suffix[0] == ".") or (suffix == ".") or ("/" in suffix),
so the leading `suffix and` short-circuits and the empty string falls
through every clause. An empty suffix therefore does not raise even
though the docstring and the error message both describe a validated
suffix shape. The current code happens to treat empty as a silent
no-op (the next line does `name[:-0] + ""`), and `test_with_suffix_empty`
pins that behaviour, so preserve it and only fix the precedence.

Add parentheses around the disjunction that follows the `suffix and`
guard, so the validator now reads
    if suffix and (suffix[0] != "." or suffix == "." or "/" in suffix):
which is what the original author meant. Also rewrite the
`not suffix[0] == "."` half as `suffix[0] != "."` so the reader does
not have to recall that `not` binds tighter than `==`. No behaviour
change for the cases already covered by tests; the conditional is
made readable instead of silently doing the wrong grouping.
@psf-chronographer psf-chronographer Bot added the bot:chronographer:provided There is a change note present in this PR label Jul 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bot:chronographer:provided There is a change note present in this PR

Projects

None yet

Development

Successfully merging this pull request may close these issues.

robustness: with_suffix validation expression has surprising operator precedence and accepts empty suffix silently

1 participant