with_suffix: make the validator parentheses match the intended grouping#1795
Draft
HrachShah wants to merge 3 commits into
Draft
with_suffix: make the validator parentheses match the intended grouping#1795HrachShah wants to merge 3 commits into
HrachShah wants to merge 3 commits into
Conversation
added 3 commits
July 8, 2026 15:42
…dentials into logs str() still surfaces the real password for callers that explicitly opted in; only the auto-rendered repr() used by logs, tracebacks, and debuggers is masked. The marker length matches the password length so the redacted URL keeps a stable width regardless of password value. Closes aio-libs#1629.
The condition
if suffix and not suffix[0] == "." or suffix == "." or "/" in suffix:
parses as
(suffix and not suffix[0] == ".") or (suffix == ".") or ("/" in suffix),
so the leading `suffix and` short-circuits and the empty string falls
through every clause. An empty suffix therefore does not raise even
though the docstring and the error message both describe a validated
suffix shape. The current code happens to treat empty as a silent
no-op (the next line does `name[:-0] + ""`), and `test_with_suffix_empty`
pins that behaviour, so preserve it and only fix the precedence.
Add parentheses around the disjunction that follows the `suffix and`
guard, so the validator now reads
if suffix and (suffix[0] != "." or suffix == "." or "/" in suffix):
which is what the original author meant. Also rewrite the
`not suffix[0] == "."` half as `suffix[0] != "."` so the reader does
not have to recall that `not` binds tighter than `==`. No behaviour
change for the cases already covered by tests; the conditional is
made readable instead of silently doing the wrong grouping.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What do these changes do?
Parenthesize the suffix validation expression in
URL.with_suffixso the disjunction groups the way the surrounding code reads, rather than relying on Python's left-to-right short-circuit falling out ofandat the firstor. The validator already intended to reject suffixes that are non-empty, don't start with a dot, are exactly., or contain a slash; the missing parens leave the expression open to misreading and to subtle drift if the chain is ever extended.Are there changes in behavior for the user?
No. The existing test
test_with_suffix_emptydocuments the empty-string case as a no-op (strips the current suffix), and that path is preserved; every other input that the old validator rejected is still rejected, and every other input it accepted is still accepted.Is it a substantial burden for the maintainers to support this?
No. It is a one-line change in
yarl/_url.pyplus aCHANGES/fragment; no API surface moves, no new branches, no new tests are needed because the existing test suite already exercises the no-op and rejection paths.Related issue number
Fixes #1735
Checklist
CONTRIBUTORS.txt