fix(stac_cli): remove snake case conversion

[Potatomonsta]

Description

Removed the automatic conversion of artifact names to snake_case when generating JSON files with stac build.
BuildService._processArtifacts now uses the user-provided artifact.artifactName directly as the base for the output JSON filename, ensuring the generated screens and themes JSON files exactly match the names specified in @StacScreen / @StacThemeRef annotations.

Type of Change

• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Breaking change (fix or feature that would cause existing functionality to change)
• Code refactor
• Build configuration change
• Documentation
• Chore

Summary by CodeRabbit

• Bug Fixes
  • Updated JSON artifact file naming: generated files now use artifact names directly instead of applying an automatic format conversion, yielding more predictable filenames that match your asset identifiers.
  • Note: This changes output filenames compared to the previous converted format—expect different file names for existing artifacts.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d1ae414f-64fb-41e1-beb7-dd1805127626

📥 Commits

Reviewing files that changed from the base of the PR and between c85c709 and e5edbe2.

📒 Files selected for processing (1)

• packages/stac_cli/lib/src/utils/string_utils.dart

💤 Files with no reviewable changes (1)

• packages/stac_cli/lib/src/utils/string_utils.dart

---

📝 Walkthrough

Walkthrough

The build service was changed to use the artifact name verbatim when naming generated JSON files; the string utility method that converted names to snake_case (StringUtils.toSnakeCase) was removed.

Changes

Cohort / File(s)	Summary
File Naming Logic packages/stac_cli/lib/src/services/build_service.dart	Replaced filename generation that previously applied StringUtils.toSnakeCase(artifactName) with using artifactName directly for the output JSON filename.
String Utilities packages/stac_cli/lib/src/utils/string_utils.dart	Removed the public static method toSnakeCase(String value) from StringUtils; no replacement provided.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I hopped through code to trim a funny case,
Took off the snake, left the name in place.
Files march out plain, no underscores to see,
A tidy parade—short, sweet, and free. ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: removing snake case conversion from the stac_cli package, which is reflected in both the BuildService changes and StringUtils cleanup.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch mn/cli-screen-name-snake-fix

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

CodeRabbit can use Trivy to scan for security misconfigurations and secrets in Infrastructure as Code files.

Add a .trivyignore file to your project to customize which findings Trivy reports.

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/stac_cli/lib/src/services/build_service.dart (1)

497-501: ⚠️ Potential issue | 🔴 Critical

Validate artifact names before joining paths to prevent path escape and invalid filenames

Line 497 now trusts user-provided names directly. Combined with Line 498, values like /home, ../x, or a/b can escape/reshape the target path; reserved characters can also break builds on Windows.

🔧 Suggested hardening patch

-        final fileName = artifact.artifactName;
-        final outputFilePath = path.join(outputDir, '$fileName.json');
+        final fileName = artifact.artifactName.trim();
+        if (fileName.isEmpty ||
+            fileName == '.' ||
+            fileName == '..' ||
+            fileName.contains(RegExp(r'[\\/]')) ||
+            fileName.contains(RegExp(r'[<>:"|?*]'))) {
+          throw BuildException(
+            'Invalid ${artifact.logLabel} name "$fileName". '
+            'Names must not contain path separators or reserved filename characters.',
+          );
+        }
+
+        final normalizedOutputDir = path.normalize(outputDir);
+        final outputFilePath = path.normalize(
+          path.join(normalizedOutputDir, '$fileName.json'),
+        );
+        if (!path.isWithin(normalizedOutputDir, outputFilePath)) {
+          throw BuildException(
+            'Invalid ${artifact.logLabel} name "$fileName": output path escapes build directory.',
+          );
+        }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/stac_cli/lib/src/services/build_service.dart` around lines 497 -
501, artifact.artifactName is used directly to build outputFilePath and can
contain path separators or reserved chars allowing path traversal or invalid
filenames; validate and sanitize artifact.artifactName before joining paths in
the code that creates outputFilePath and calls FileUtils.writeFile. Ensure you
canonicalize to a safe basename (strip directory components), reject or
normalize ".." and absolute paths, remove or replace path separators and
Windows-reserved characters, and enforce a whitelist regex (e.g., alphanumerics,
dash, underscore) or throw a clear error if the name is invalid; update the code
that sets outputFilePath and the generatedResults key to use the sanitized name
to prevent escaping the intended outputDir or creating invalid filenames.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In `@packages/stac_cli/lib/src/services/build_service.dart`:
- Around line 497-501: artifact.artifactName is used directly to build
outputFilePath and can contain path separators or reserved chars allowing path
traversal or invalid filenames; validate and sanitize artifact.artifactName
before joining paths in the code that creates outputFilePath and calls
FileUtils.writeFile. Ensure you canonicalize to a safe basename (strip directory
components), reject or normalize ".." and absolute paths, remove or replace path
separators and Windows-reserved characters, and enforce a whitelist regex (e.g.,
alphanumerics, dash, underscore) or throw a clear error if the name is invalid;
update the code that sets outputFilePath and the generatedResults key to use the
sanitized name to prevent escaping the intended outputDir or creating invalid
filenames.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b8c65c35-99d0-4f05-8378-4aeb79fac6be

📥 Commits

Reviewing files that changed from the base of the PR and between c89e071 and c85c709.

📒 Files selected for processing (1)

• packages/stac_cli/lib/src/services/build_service.dart

[divyanshub024]

@coderabbitai are we using StringUtils.toSnakeCase function anywhere else in the repo?

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Search for all usages of StringUtils.toSnakeCase across the repo
rg -n "StringUtils\.toSnakeCase" --type dart -C 3

echo "---"

# Also search for toSnakeCase broadly
rg -n "toSnakeCase" --type dart -C 3

echo "---"

# Check where StringUtils is defined
rg -n "toSnakeCase" -C 5

Length of output: 1518

---

@divyanshub024 No, StringUtils.toSnakeCase is not used anywhere else in the repository. After this PR removes the call in build_service.dart, the only occurrence left is the method definition itself in packages/stac_cli/lib/src/utils/string_utils.dart (Line 24).

This means toSnakeCase will become a dead/unused method after this PR merges. It might be worth considering removing the method definition from string_utils.dart as part of this cleanup to avoid leaving orphaned code.

[divyanshub024]

LGTM!!