Commit fbf3e540 authored by Lukas Fleischer's avatar Lukas Fleischer
Browse files

Add hard limit for the length of dependency lists



Introduce a configuration option max_depends which can be used to
specify a maximum number of (reverse) dependencies to display on the
package details pages.

Fixes FS#49059.

Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <lfleischer@archlinux.org>
parent 0350de4b
......@@ -21,6 +21,7 @@ aur_location = https://aur.archlinux.org
git_clone_uri_anon = https://aur.archlinux.org/%s.git
git_clone_uri_priv = ssh://aur@aur.archlinux.org/%s.git
max_rpc_results = 5000
max_depends = 1000
aur_request_ml = aur-requests@archlinux.org
request_idle_time = 1209600
auto_orphan_age = 15552000
......
......@@ -230,10 +230,11 @@ function pkg_providers($name) {
* Get package dependencies for a specific package
*
* @param int $pkgid The package to get dependencies for
* @param int $limit An upper bound for the number of packages to retrieve
*
* @return array All package dependencies for the package
*/
function pkg_dependencies($pkgid) {
function pkg_dependencies($pkgid, $limit) {
$deps = array();
$pkgid = intval($pkgid);
if ($pkgid > 0) {
......@@ -243,7 +244,7 @@ function pkg_dependencies($pkgid) {
$q.= "OR SUBSTRING(pd.DepName FROM 1 FOR POSITION(': ' IN pd.DepName) - 1) = p.Name ";
$q.= "LEFT JOIN DependencyTypes dt ON dt.ID = pd.DepTypeID ";
$q.= "WHERE pd.PackageID = ". $pkgid . " ";
$q.= "ORDER BY pd.DepName";
$q.= "ORDER BY pd.DepName LIMIT " . intval($limit);
$result = $dbh->query($q);
if (!$result) {
return array();
......@@ -505,10 +506,11 @@ function pkg_source_link($url, $arch) {
*
* @param string $name The package name for the dependency search
* @param array $provides A list of virtual provisions of the package
* @param int $limit An upper bound for the number of packages to retrieve
*
* @return array All packages that depend on the specified package name
*/
function pkg_required($name="", $provides) {
function pkg_required($name="", $provides, $limit) {
$deps = array();
if ($name != "") {
$dbh = DB::connect();
......@@ -523,7 +525,7 @@ function pkg_required($name="", $provides) {
$q.= "LEFT JOIN DependencyTypes dt ON dt.ID = pd.DepTypeID ";
$q.= "WHERE pd.DepName IN (" . $name_list . ") ";
$q.= "OR SUBSTRING(pd.DepName FROM 1 FOR POSITION(': ' IN pd.DepName) - 1) IN (" . $name_list . ") ";
$q.= "ORDER BY p.Name";
$q.= "ORDER BY p.Name LIMIT " . intval($limit);
$result = $dbh->query($q);
if (!$result) {return array();}
while ($row = $result->fetch(PDO::FETCH_NUM)) {
......
......@@ -5,6 +5,7 @@ $log_uri = sprintf(config_get('options', 'log_uri'), urlencode($row['BaseName'])
$snapshot_uri = sprintf(config_get('options', 'snapshot_uri'), urlencode($row['BaseName']));
$git_clone_uri_anon = sprintf(config_get('options', 'git_clone_uri_anon'), htmlspecialchars($row['BaseName']));
$git_clone_uri_priv = sprintf(config_get('options', 'git_clone_uri_priv'), htmlspecialchars($row['BaseName']));
$max_depends = config_get_int('options', 'max_depends');
$uid = uid_from_sid($SID);
......@@ -40,7 +41,7 @@ $out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", intval($
$lics = pkg_licenses($row["ID"]);
$grps = pkg_groups($row["ID"]);
$deps = pkg_dependencies($row["ID"]);
$deps = pkg_dependencies($row["ID"], $max_depends);
usort($deps, function($x, $y) {
if ($x[1] != $y[1]) {
......@@ -82,7 +83,7 @@ foreach ($rels as $rel) {
}
}
$requiredby = pkg_required($row["Name"], $rels_p);
$requiredby = pkg_required($row["Name"], $rels_p, $max_depends);
# $sources[0] = 'src';
$sources = pkg_sources($row["ID"]);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment