[Lens] Quote csv values when contain separator char #155905
Conversation
dej611
added
release_note:fix
Team:Visualizations
|
Pinging @elastic/kibana-visualizations @elastic/kibana-visualizations-external (Team:Visualizations) |
| const formulasEscaped = escapeFormulas && cellHasFormulas(val) ? "'" + val : val; | ||
| if (quoteValues && nonAlphaNumRE.test(formulasEscaped)) { | ||
| return `"${formulasEscaped.replace(allDoubleQuoteRE, '""')}"`; | ||
| const formulasEscaped = escapeFormulaValues && cellHasFormulas(val) ? "'" + val : val; |
There was a problem hiding this comment.
This PR fixes a problem of escape for the , separator. But here we allow any string to be passed as separator, even the empty string "".
I am not sure we want to wrap in quotes if the separator is empty or the letter a, that is quite greedy 😊
Can we have a list of chars that would require wrapping? Something like
const doWrapWithQuotes = [',', ';'].includes(separator);
// Only wrap if flag is true
There was a problem hiding this comment.
good catch, an other possibility is to force it via typescript with something like:
function createEscapeValue({
separator,
quoteValues,
escapeFormulaValues,
}: {
separator: ',' | ';';
quoteValues: boolean;
escapeFormulaValues: boolean;
})There was a problem hiding this comment.
From a quick search the common delimiters for CSV and similar formats are:
const delimiters = [',', ';', '\t',' ', '|'];I can change the PR to wrap the value only if these delimiters are used. Would it work for you @sebelga ?
There was a problem hiding this comment.
I've checked where the separator value comes from. It arrives from the Settings csv:separator and there is no check for that value, so the typescript only will not work here.
I think checking for the most common separators is safe and doesn't break the common sense configurations
There was a problem hiding this comment.
Yeah I think we don't want to rely only on TS for this kind of validations that modifies values.
I can change the PR to wrap the value only if these delimiters are used.
That'd be great 👍
There was a problem hiding this comment.
Had to refactor a bit the code, after some more unit tests: strings are always quoted when the quote flag is enabled AND it contains any char which is not a letter or a number.
So the fix applies only to non-string values.
The only thing I'm not 100% sure is the case where the quote flag is off BUT the string might fall into the shouldBeQuotable check: would it be ok to quote the string value in this case ignoring the user's will?
I would argue that it would be safer to quote it anyway, but I see that some users might not like it.
There was a problem hiding this comment.
I also guess it is the safest bet 👍
…-ref HEAD~1..HEAD --fix'
💚 Build Succeeded
Metrics [docs]Public APIs missing comments
Async chunks
Page load bundle
Unknown metric groupsAPI count
ESLint disabled line counts
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: |
## Summary Fix a bug found by @markov00 When a cell value contains the csvSeparator char (by default `,`) the text was not escaped correctly. This PR fixes this by wrapping the value in quotes (if enabled). ### Checklist Delete any items that are not applicable to this PR. - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] Any UI touched in this PR is usable by keyboard only (learn more about [keyboard accessibility](https://webaim.org/techniques/keyboard/)) - [ ] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [ ] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [ ] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers) ### Risk Matrix Delete this section if it is not applicable to this PR. Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release. When forming the risk matrix, consider some of the following examples and how they may potentially impact the change: | Risk | Probability | Severity | Mitigation/Notes | |---------------------------|-------------|----------|-------------------------| | Multiple Spaces—unexpected behavior in non-default Kibana Space. | Low | High | Integration tests will verify that all features are still supported in non-default Kibana Space and when user switches between spaces. | | Multiple nodes—Elasticsearch polling might have race conditions when multiple Kibana nodes are polling for the same tasks. | High | Low | Tasks are idempotent, so executing them multiple times will not result in logical error, but will degrade performance. To test for this case we add plenty of unit tests around this logic and document manual testing procedure. | | Code should gracefully handle cases when feature X or plugin Y are disabled. | Medium | High | Unit tests will verify that any feature flag or plugin combination still results in our service operational. | | [See more potential risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) | ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: kibanamachine <[email protected]> (cherry picked from commit 1ab34e1)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added
the
backport missing
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
stratoula
removed
backport missing
|
ok so this was never backported in 8.8. I am removing the labels. |
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
kibanamachine
added
the
backport missing
stratoula
removed
the
backport missing
kibanamachine
added
the
backport missing
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
6 similar comments
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
markov00
added
backport:skip
Summary
Fix a bug found by @markov00
When a cell value contains the csvSeparator char (by default
,) the text was not escaped correctly. This PR fixes this by wrapping the value in quotes (if enabled).Checklist
Delete any items that are not applicable to this PR.
Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release.
When forming the risk matrix, consider some of the following examples and how they may potentially impact the change:
For maintainers