Skip to content

Fix case-sensitive filesystem handling in stub validator #217

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
73junito merged 2 commits into from
Jan 18, 2026
Merged

Fix case-sensitive filesystem handling in stub validator #217

73junito merged 2 commits into from
Jan 18, 2026

Conversation

Copy link
Contributor

Copilot AI commented Jan 17, 2026
edited
Loading

Summary

  • What: Remove lowercase normalization in is_under_allowed() path comparison.
  • Why: Prevent false negatives on case-sensitive filesystems where Content/ would incorrectly match ALLOWED_ROOTS = ("content",).

Changes

  • Remove .lower() call in scripts/validate_no_stubs.py:33
  • Update docstring to clarify case-sensitive behavior

Before:

def is_under_allowed(p: Path) -> bool:
    s = str(p).replace('\\', '/').lstrip('./')
    s = s.lower()  # Problematic on case-sensitive FS
    for root in ALLOWED_ROOTS:
        if s == root or s.startswith(root + '/'):
            return True
    return False

After:

def is_under_allowed(p: Path) -> bool:
    s = str(p).replace('\\', '/').lstrip('./')
    # No lowercasing - case-sensitive match
    for root in ALLOWED_ROOTS:
        if s == root or s.startswith(root + '/'):
            return True
    return False

Migration steps

N/A - backward compatible fix

Testing

  • Verified content/ matches, Content/ does not
  • Confirmed script runs successfully against existing content/ directory

Rollback plan

  • Revert commit if case-insensitive matching is required on Windows (not expected based on current usage)

Checklist

  • Code change made
  • Manual testing completed
  • Code review passed
  • Security scan passed

Reviewers

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI mentioned this pull request Jan 17, 2026
Open
@73junito
Fix path normalization to handle case-sensitive filesystems
d55914b 
Co-authored-by: 73junito <86015877+73junito@users.noreply.github.com>
Copilot AI changed the title [WIP] Address feedback on flagged modules for validator compliance Fix case-sensitive filesystem handling in stub validator Jan 17, 2026
Copilot AI requested a review from 73junito January 17, 2026 21:56
73junito
73junito approved these changes Jan 18, 2026
View reviewed changes
Copy link
Owner

@73junito 73junito left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

viewed

@73junito 73junito marked this pull request as ready for review January 18, 2026 17:26
Copilot AI review requested due to automatic review settings January 18, 2026 17:26
@73junito 73junito merged commit 8a5edc5 into chore/humanize-modules Jan 18, 2026
4 of 7 checks passed
Copilot AI reviewed Jan 18, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes a security/correctness issue in the stub validator script where case normalization could allow files in incorrectly-cased directories (e.g., "Content/") to be validated on case-sensitive filesystems when only "content/" should be allowed.

Changes:

  • Removed .lower() normalization in path comparison to enforce case-sensitive matching
  • Updated docstring to document case-sensitive behavior

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@73junito 73junito 73junito approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@73junito 73junito

Copilot code review Copilot

Labels

None yet

Projects

@73junito's autolearnpro
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@73junito