Skip to content

Added ghe support#7

Closed
richgo wants to merge 1 commit intomicrosoft:mainfrom
richgo:main
Closed

Added ghe support#7
richgo wants to merge 1 commit intomicrosoft:mainfrom
richgo:main

Conversation

@richgo
Copy link
Contributor

@richgo richgo commented Oct 17, 2025
edited
Loading

Title: Add GitHub Enterprise (GHE) hostname support to dependency parsing

Summary

  • Add support for GitHub Enterprise hostnames (e.g. orgname.ghe.com) when parsing dependency references.
  • Keep existing support for github.com and short form user/repo.
  • Add unit tests for GHE formats and update lockfile.

What changed

  • src/apm_cli/models/apm_package.py
    • Enhanced parsing logic to accept:
      • user/repo (defaults to github.com)
      • github.com/user/repo
      • orgname.ghe.com/user/repo
      • full URLs (https://.../user/repo and .git suffix)
    • Detects and uses the provided host when constructing the URL.
    • Strengthened validation:
      • Validates the hostname is github.com or endswith '.ghe.com'.
      • Validates user and repo characters via regex to prevent injection/invalid names.
      • Returns clear errors for unsupported formats.
  • tests/test_apm_package_models.py
  • uv.lock
    • Regenerated/updated lockfile after code changes.

Motivation

  • Users running GitHub Enterprise instances need apm to accept and correctly parse enterprise hostnames for dependency references. This change enables that while retaining strict validation to avoid accidental or malicious inputs.

Security notes

  • Hostname validation restricts accepted hosts to github.com and hostnames ending in .ghe.com (explicitly allowing common GHE naming patterns).
  • User and repository names are validated with a conservative regex (alphanumeric, dot, underscore, dash) to reduce injection/routing risks.
  • Error messages are explicit when formats are unsupported.

Compatibility

  • Backwards compatible: user/repo still defaults to github.com.
  • No changes to public API beyond allowing enterprise-hosted repos.

Testing

  • Added unit test(s) for GHE formats.
  • Existing URL parsing tests remain; please run the full test suite to confirm.
  • Lockfile updated to reflect dependency/resolution changes.

How to review

  • Verify parsing behavior for these inputs:
  • Confirm validation behavior and error messages for unsupported formats.
  • Run tests: pytest tests/test_apm_package_models.py (and full suite).
  • Confirm lockfile changes are expected.

Checklist

  • Add appropriate label (enhancement/feature)
  • Run test suite locally
  • Update docs if you want to call out GHE support in README or usage notes

@richgo richgo closed this Oct 17, 2025
sergio-sisternes-epam added a commit to sergio-sisternes-epam/apm that referenced this pull request Mar 2, 2026
@sergio-sisternes-epam
fix: address PR microsoft#123 review feedback from danielmeppiel
6dd7bab 
- Use LockFile.read() instead of raw yaml.safe_load() in _collect_transitive_mcp_deps (#1)
- Guard against mcp:null in get_mcp_dependencies() (#2)
- Remove inline MCP installation pipeline, defer to follow-up PR (microsoft#3/microsoft#7)
- Remove redundant import builtins in _deduplicate_mcp_deps (microsoft#10)
- Add tests for mcp:null, mcp:[], root-over-transitive dedup order (microsoft#9)
- Remove tests for deleted inline pipeline functions
@danielmeppiel danielmeppiel mentioned this pull request Mar 4, 2026
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@richgo