8000 SEAB-6173: Remove getPublishedContainerSchema endpoint by svonworl · Pull Request #5860 · dockstore/dockstore · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

SEAB-6173: Remove getPublishedContainerSchema endpoint #5860

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 8, 2024
Merged

SEAB-6173: Remove getPublishedContainerSchema endpoint #5860

merged 1 commit into from
Apr 8, 2024

Conversation

svonworl
Copy link
Contributor
@svonworl svonworl commented Apr 3, 2024
edited
Loading

Description
This PR removes the getPublishedContainerSchema endpoint from the webservice, which failed on this request:

curl -X GET http://localhost:4200/api/containers/schema/514/published

The failed request threw a NPE at:

https://github.com/dockstore/dockstore/blob/develop/dockstore-webservice/src/main/java/io/dockstore/webservice/helpers/JsonLdRetriever.java#L226

The reason was that tag.getReference() was null. About 1/3 of our old-style tools have at least one Tag with a null reference and will cause this endpoint to fail.

Upon inspection, we found that the endpoint had not been accessed in production in the last three months and was not used in the UI or CLI.

So, we removed the endpoint, and the entirety of the JsonLdRetriever class, which the endpoint used exclusively.

Review Instructions
Confirm that the endpoint has been removed.

Issue
https://ucsc-cgl.atlassian.net/browse/SEAB-6173

Security and Privacy

No concerns.

  • Security and Privacy assessed

e.g. Does this change...

  • Any user data we collect, or data location?
  • Access control, authentication or authorization?
  • Encryption features?

Please make sure that you've checked the following before submitting your pull request. Thanks!

  • Check that you pass the basic style checks and unit tests by running mvn clean install
  • Ensure that the PR targets the correct branch. Check the milestone or fix version of the ticket.
  • Follow the existing JPA patterns for queries, using named parameters, to avoid SQL injection
  • If you are changing dependencies, check the Snyk status check or the dashboard to ensure you are not introducing new high/critical vulnerabilities
  • Assume that inputs to the API can be malicious, and sanitize and/or check for Denial of Service type values, e.g., massive sizes
  • Do not serve user-uploaded binary images through the Dockstore API
  • Ensure that endpoints that only allow privileged access enforce that with the @RolesAllowed annotation
  • Do not create cookies, although this may change in the future
  • If this PR is for a user-facing feature, create and link a documentation ticket for this feature (usually in the same milestone as the linked issue). Style points if you create a documentation PR directly and link that instead.

@codecov Codecov
Copy link
codecov bot commented Apr 3, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 74.49%. Comparing base (45f08cf) to head (b74819f).
Report is 1 commits behind head on develop.

Additional details and impacted files 
@@              Coverage Diff              @@
##             develop    #5860      +/-   ##
=============================================
- Coverage      74.52%   74.49%   -0.04%     
+ Complexity      5274     5241      -33     
=============================================
  Files            369      368       -1     
  Lines          19056    18938     -118     
  Branches        2025     1991      -34     
=============================================
- Hits           14202    14108      -94     
+ Misses          3893     3880      -13     
+ Partials         961      950      -11
Flag Coverage Δ
bitbuckettests 27.23% <ø> (+0.16%) ⬆️
integrationtests 58.92% <ø> (+0.36%) ⬆️
languageparsingtests 11.07% <ø> (+0.06%) ⬆️
localstacktests 21.71% <ø> (+0.13%) ⬆️
toolintegrationtests 30.60% <ø> (+0.18%) ⬆️
unit-tests_and_non-confidential-tests 28.59% <ø> (-0.31%) ⬇️
workflowintegrationtests 38.88% <ø> (+0.24%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@svonworl svonworl self-assigned this Apr 3, 2024
@denis-yuen
Copy link
Member

So, we removed the endpoint, and the entirety of the JsonLdRetriever class, which the endpoint used exclusively.

Hmmm, this was part an effort to make Dockstore's search results more relevant. It probably didn't get maintained and fell by the wayside, but I think we may want to take another look in the future.
(Dockstore's search results still leave much to be desired)

More context at dockstore/dockstore-ui2#667

denis-yuen
denis-yuen reviewed Apr 3, 2024
View reviewed changes
Copy link
Member
@denis-yuen denis-yuen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

May want to continue work on Dockstore's search results at some point, maybe kill the endpoints but not the supporting code.

coverbeck
coverbeck approved these changes Apr 4, 2024
View reviewed changes
Copy link
Collaborator
@coverbeck coverbeck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like the endpoint being removed was done way back when, in March 2017 (before I started on Dockstore!), and was never used. We do have an implementation that generates the json+ld in the browser via TypeScript that's working (well, it's generating JSON+LD), and is recognized by Google Rich Results Test, although it annoyingly still doesn't show up in their search results.

Because the logic/effort for figuring out the details of what's in the JSON+LD are already in the UI, IMO it's OK to remove entirely -- we can always restore from history if needed.

@denis-yuen
Copy link
Member

We do have an implementation that generates the json+ld in the browser via TypeScript that's working (well, it's generating JSON+LD), and is recognized by Google Rich Results Test, although it annoyingly still doesn't show up in their search results.

Ok, cool. I didn't remember that part being moved.

@denis-yuen denis-yuen self-requested a review April 4, 2024 14:36
@svonworl svonworl mentioned this pull request Apr 4, 2024
Merged
10 tasks
@svonworl svonworl merged commit 7ea8312 into develop Apr 8, 2024
@svonworl svonworl deleted the feature/seab-6173/delete-unused-endpoint branch April 8, 2024 16:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coverbeck coverbeck coverbeck approved these changes

@denis-yuen denis-yuen denis-yuen approved these changes

@kathy-t kathy-t kathy-t approved these changes

@hyunnaye hyunnaye hyunnaye approved these changes

Assignees

@svonworl svonworl

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@svonworl @denis-yuen @coverbeck @kathy-t @hyunnaye
0