Conversation
|
Copyright Validation Results ✅ Valid Files
✅ All files have valid copyright headers! |
There was a problem hiding this comment.
Pull request overview
This PR addresses “Polaris” (static analysis) findings in the OkHttp-based REST services implementation by tightening request-body handling and guarding against passing null results into handle deserialization.
Changes:
- Simplifies PUT/POST request sending by removing dead
sentValue == nullbranches and always using a non-nullRequestBody. - Avoids calling
receiveContent(...)with a null result frommakeResult(...)in several resource operations (GET/PUT/DELETE). - Refactors result handling to store the
makeResult(...)output in a local variable before use.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| if (result != null) { | ||
| outputBase.receiveContent(result); | ||
| } |
There was a problem hiding this comment.
The behavior around empty/no-content responses changed here (now skipping receiveContent when makeResult returns null). Since some handles (e.g., BytesHandle) can throw on empty content, it would be good to add a unit test that simulates a 204/empty-body response for getResource and verifies it does not throw and that the output handle is in a predictable state (e.g., cleared via set(null) if you adopt that approach).
| if (result != null) { | |
| outputBase.receiveContent(result); | |
| } | |
| outputBase.receiveContent(result); |
| outputBase.receiveContent(makeResult(reqlog, "read", "resource", response, as)); | ||
| Object result = makeResult(reqlog, "read", "resource", response, as); | ||
| if (result != null) { | ||
| outputBase.receiveContent(result); |
There was a problem hiding this comment.
When makeResult(...) returns null (e.g., response body length is 0), skipping receiveContent means the provided output handle is left unchanged. If callers reuse the same handle instance across calls, it can retain stale content from a previous response. Consider explicitly clearing the handle in the null case (e.g., when output implements ContentHandle, call set(null)), so the output consistently reflects an empty response while still avoiding handle implementations that throw on receiveContent(null)/empty content (e.g., BytesHandle).
| outputBase.receiveContent(result); | |
| outputBase.receiveContent(result); | |
| } else if (output instanceof ContentHandle) { | |
| ((ContentHandle<?>) output).set(null); |
| outputBase.receiveContent(makeResult(reqlog, "write", "resource", response, as)); | ||
| Object result = makeResult(reqlog, "write", "resource", response, as); | ||
| if (result != null) { | ||
| outputBase.receiveContent(result); |
There was a problem hiding this comment.
When makeResult(...) returns null for an empty response body, the new null-guard prevents receiveContent(null) (good for handles that throw on empty content), but it also means outputBase is not updated/cleared. To avoid returning an output handle with stale content, consider clearing the output via ContentHandle.set(null) (when applicable) in the null-result case.
| outputBase.receiveContent(result); | |
| outputBase.receiveContent(result); | |
| } else if (output instanceof ContentHandle) { | |
| ((ContentHandle<?>) output).set(null); |
| outputBase.receiveContent(makeResult(reqlog, "delete", "resource", response, as)); | ||
| Object result = makeResult(reqlog, "delete", "resource", response, as); | ||
| if (result != null) { | ||
| outputBase.receiveContent(result); |
There was a problem hiding this comment.
As with the other call sites, if makeResult(...) returns null for a 204/empty-body response, the output handle isn't updated. If the same handle instance is reused, it can keep old content. Consider clearing the output in the null-result case (e.g., if (output instanceof ContentHandle) ((ContentHandle<?>) output).set(null);) so callers don't observe stale data.
| outputBase.receiveContent(result); | |
| outputBase.receiveContent(result); | |
| } else if (output instanceof ContentHandle) { | |
| ((ContentHandle<?>) output).set(null); |
rjrudin
force-pushed
the
feature/27481-polaris
branch
from
1bf5958 to
2192229
Compare
No description provided.