diff options
| author | Yuriy Andamasov <yuriy@vyos.io> | 2026-05-14 00:43:41 +0300 |
|---|---|---|
| committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2026-05-14 05:08:53 +0000 |
| commit | 7001ac6f5e46d1fb1cc6d9cdb5899a20c7d9a752 (patch) | |
| tree | 15d38a3a3aa0e8d177ebb99d0aeeb03afda253cb /docs/configuration/service/md-https.md | |
| parent | 63de0a455fda2e065775542d6bbe23ded1d7160e (diff) | |
| download | vyos-documentation-7001ac6f5e46d1fb1cc6d9cdb5899a20c7d9a752.tar.gz vyos-documentation-7001ac6f5e46d1fb1cc6d9cdb5899a20c7d9a752.zip | |
ci(doc-linter): check every IP on a line, not just the first
`lint_ipv4()` and `lint_ipv6()` used `re.search`, which returns
only the first match. A line like
Set DNS forwarder 192.0.2.1 then fall back to 8.8.8.8
flagged nothing because `192.0.2.1` (RFC 5737 documentation
range) is allowed and the search stopped there. The real
public IP `8.8.8.8` slipped through despite being exactly
the case the linter was meant to catch.
Switch both functions to `re.finditer` and walk every match:
return on the first disallowed address; only return None when
all matches on the line are allowed (private / multicast /
non-global).
Also fix the casing of "private space" in both error
messages — was "private Space" with a stray capital.
Verified with 7 hand-coded cases (allowed + public mixes,
boundary cases, IPv6 RFC 3849 / Google DNS). All pass.
Tracked as items 1, 2, and 10 of the rolling-side cleanup
backlog from PR #2014 / #2019 / #2020 reviews.
🤖 Generated by [robots](https://vyos.io)
(cherry picked from commit 85c0c1ea222d2c70662de5a03ecaf04b6498006e)
Diffstat (limited to 'docs/configuration/service/md-https.md')
0 files changed, 0 insertions, 0 deletions
