[PHP-WEBMASTER] [web-downloads] main: Implement review suggestions

Wed, 19 Nov 2025 02:32:47 -0800 

Author: Shivam Mathur (shivammathur)
Date: 2025-11-19T16:00:09+05:30

Commit: 
https://github.com/php/web-downloads/commit/01928cc490ceedecf642c9e2594202939b10d50f
Raw diff: 
https://github.com/php/web-downloads/commit/01928cc490ceedecf642c9e2594202939b10d50f.diff

Implement review suggestions

Changed paths:
  M  API.md
  M  src/Console/Command/SeriesDeleteCommand.php
  M  src/Console/Command/SeriesInitCommand.php
  M  src/Console/Command/SeriesStabilityCommand.php
  M  src/Console/Command/SeriesUpdateCommand.php
  M  src/Http/Controllers/SeriesUpdateController.php
  M  src/Http/Controllers/WinlibsController.php


Diff:

diff --git a/API.md b/API.md
index 2933363..8f324ea 100644
--- a/API.md
+++ b/API.md
@@ -136,7 +136,7 @@ curl -i -X POST \
 - Auth: Required
 - Purpose: Record metadata and fetch all artifacts for a specific GitHub 
Actions workflow run of 
[`winlibs/winlib-builder`](https://github.com/winlibs/winlib-builder).
 - Request body (JSON):
-    - `library` (string, required)
+    - `library` (string, required): matching `^[a-zA-Z0-9_-]+$`
     - `ref` (string, required)
     - `type` (string, required): `php`, or `pecl`.
     - `workflow_run_id` (string, required)
@@ -224,13 +224,13 @@ curl -i -X POST \
 ### POST /api/series-update
 
 - Auth: Required
-- Purpose: Queue an update to a library entry in a series packages file, or 
remove it entirely.
+- Purpose: Update a library entry in a series packages file, or remove it 
entirely.
 - Request body (JSON):
     - `php_version` (string, required): Matches `^(\d+\.\d+|master)$`.
     - `vs_version` (string, required): Matches `^v[c|s]\d{2}$`.
     - `stability` (string, required): Either `stable` or `staging`.
     - `library` (string, required): Library identifier to update/remove.
-    - `ref` (string, required but may be empty): When non-empty, 
updates/creates entries named `<library>-<ref>-<vs_version>-<arch>.zip` for 
both `x86` and `x64`; when empty, removes the library from both files if 
present.
+    - `ref` (string, required but may be empty): Matches 
`^([a-zA-Z0-9\.-]+)?$`, When empty, removes the library.
 - Success: `200 OK`, empty body.
 - Errors:
     - `400` with validation details if the payload is invalid.
diff --git a/src/Console/Command/SeriesDeleteCommand.php 
b/src/Console/Command/SeriesDeleteCommand.php
index 797407d..1c79daf 100644
--- a/src/Console/Command/SeriesDeleteCommand.php
+++ b/src/Console/Command/SeriesDeleteCommand.php
@@ -28,7 +28,7 @@ public function handle(): int
 
             $series_directory = $buildsDirectory . '/series';
             if(!is_dir($series_directory)) {
-                return Command::SUCCESS;
+                throw new Exception('Series directory does not exist');
             }
 
             $files = glob($series_directory . '/series-delete-*.json');
diff --git a/src/Console/Command/SeriesInitCommand.php 
b/src/Console/Command/SeriesInitCommand.php
index 53c4dfd..6ff80ab 100644
--- a/src/Console/Command/SeriesInitCommand.php
+++ b/src/Console/Command/SeriesInitCommand.php
@@ -28,7 +28,7 @@ public function handle(): int
 
             $series_directory = $buildsDirectory . '/series';
             if(!is_dir($series_directory)) {
-                return Command::SUCCESS;
+                throw new Exception('Series directory does not exist');
             }
 
             $files = glob($series_directory . '/series-init-*.json');
diff --git a/src/Console/Command/SeriesStabilityCommand.php 
b/src/Console/Command/SeriesStabilityCommand.php
index c8cfcfd..2ff6af4 100644
--- a/src/Console/Command/SeriesStabilityCommand.php
+++ b/src/Console/Command/SeriesStabilityCommand.php
@@ -28,7 +28,7 @@ public function handle(): int
 
             $series_directory = $buildsDirectory . '/series';
             if(!is_dir($series_directory)) {
-                return Command::SUCCESS;
+                throw new Exception('Series directory does not exist');
             }
 
             $files = glob($series_directory . '/series-stability-*.json');
diff --git a/src/Console/Command/SeriesUpdateCommand.php 
b/src/Console/Command/SeriesUpdateCommand.php
index f50362f..e72ba8f 100644
--- a/src/Console/Command/SeriesUpdateCommand.php
+++ b/src/Console/Command/SeriesUpdateCommand.php
@@ -28,7 +28,7 @@ public function handle(): int
 
             $seriesDirectory = $buildsDirectory . '/series';
             if (!is_dir($seriesDirectory)) {
-                return Command::SUCCESS;
+                throw new Exception('Series directory does not exist');
             }
 
             $tasks = glob($seriesDirectory . '/series-update-*.json');
diff --git a/src/Http/Controllers/SeriesUpdateController.php 
b/src/Http/Controllers/SeriesUpdateController.php
index f36d44e..9492ac8 100644
--- a/src/Http/Controllers/SeriesUpdateController.php
+++ b/src/Http/Controllers/SeriesUpdateController.php
@@ -14,8 +14,8 @@ protected function validate(array $data): bool
             'php_version' => 'required|string|regex:/^(?:\d+\.\d+|master)$/',
             'vs_version' => 'required|string|regex:/^v[c|s]\d{2}$/',
             'stability' => 'required|string|regex:/^(stable|staging)$/',
-            'library' => 'required|string',
-            'ref' => 'string',
+            'library' => 'required|string|regex:/^[a-zA-Z0-9_-]+$/',
+            'ref' => 'string|regex:/^([a-zA-Z0-9\.-]+)?$/',
         ]);
 
         $validator->validate($data);
diff --git a/src/Http/Controllers/WinlibsController.php 
b/src/Http/Controllers/WinlibsController.php
index 2679c20..e582be1 100644
--- a/src/Http/Controllers/WinlibsController.php
+++ b/src/Http/Controllers/WinlibsController.php
@@ -12,8 +12,8 @@ class WinlibsController extends BaseController
     protected function validate(array $data): bool
     {
         $validator = new Validator([
-            'library' => 'required|string',
-            'ref' => 'required|string',
+            'library' => 'required|string|regex:/^[a-zA-Z0-9_-]+$/',
+            'ref' => 'required|string|regex:/^[a-zA-Z0-9\.-]+$/',
             'type' => 'required|string|regex:/^(php|pecl)$/',
             'workflow_run_id' => 'required|string',
             'php_versions' => 
'required|string|regex:/^(?:\d+\.\d+|master)(?:,\s*(?:\d+\.\d+|master))*$/',

Reply via email to