Feature description:
celpy which protovalidate uses does not support RE2-style regular expressions, which is required according to the CEL specification. Consider using a CEL evaluator that does support RE2-style regular expressions.
Problem it solves or use case:
protovalidate implementations should behave similarly across languages but for rules relying on pattern matching, protovalidate-python will consider common patterns like ^foo$ to match a string like foo\n, while other protovalidate implementations would correctly reject it.
The re2 specification indicates that $ should only match end of text unless multiline mode is enabled, and multiline mode is not the default:
$ at end of text (like \z not \Z) or line (m=true)
Additionally, some protovalidate rules are implemented in terms of patterns, e.g., (buf.validate.field).string.uuid which is implemented as the CEL "this == \'\' || this.matches(\'^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$\')" which means it can match a string of 37 characters (the normal 36 plus newline).
Examples or references:
echo '"\n"' | python -m celpy 'string(this).matches("^$")'
# Outputs truewhich makes sense because all celpy does is call re.search and
import re
assert re.search("^$", "\n") is not NoneThe cel-go REPL (correctly) does not match this pattern:
$ git clone https://github.com/google/cel-go
$ cd cel-go/repl/main
$ go run .
cel-repl> %let this = '\n'
cel-repl> this.matches('^$')
false : bool
Feature description:
celpy which protovalidate uses does not support RE2-style regular expressions, which is required according to the CEL specification. Consider using a CEL evaluator that does support RE2-style regular expressions.
Problem it solves or use case:
protovalidate implementations should behave similarly across languages but for rules relying on pattern matching, protovalidate-python will consider common patterns like
^foo$to match a string likefoo\n, while other protovalidate implementations would correctly reject it.The re2 specification indicates that
$should only match end of text unless multiline mode is enabled, and multiline mode is not the default:Additionally, some protovalidate rules are implemented in terms of patterns, e.g.,
(buf.validate.field).string.uuidwhich is implemented as the CEL"this == \'\' || this.matches(\'^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$\')"which means it can match a string of 37 characters (the normal 36 plus newline).Examples or references:
which makes sense because all celpy does is call
re.searchandThe cel-go REPL (correctly) does not match this pattern: