Skip to content

fix: skip translation files exceeding a size limit#143

Open
konradmichalik wants to merge 1 commit into
mainfrom
fix/file-size-limit
Open

fix: skip translation files exceeding a size limit#143
konradmichalik wants to merge 1 commit into
mainfrom
fix/file-size-limit

Conversation

@konradmichalik

@konradmichalik konradmichalik commented Jul 4, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Parsers read entire files into memory with file_get_contents and no upper bound, so a very large (or sparsely inflated) translation file could exhaust memory when scanning untrusted directories.
  • The collector now skips files larger than 30 MB and logs a warning, so oversized files never reach the parsers.

Changes

  • src/FileDetector/Collector.php — add a MAX_FILE_SIZE guard applied in both the recursive and non-recursive scan paths
  • tests/src/FileDetector/CollectorTest.php — assert an oversized (sparse) file is skipped while a normal file is still collected

Summary by CodeRabbit

  • Bug Fixes

    • Translation files larger than 30 MB are now skipped during file collection.
    • A warning is logged when an oversized translation file is detected.
    • Normal-sized translation files continue to be processed as expected.
  • Tests

    • Added coverage to verify oversized files are excluded while smaller files are collected.

@coderabbitai

coderabbitai Bot commented Jul 4, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

Collector now skips translation files larger than 30 MB during recursive and non-recursive discovery, logs a warning for rejected files, and adds coverage using small and sparse oversized XLF fixtures.

Changes

Translation file size filtering

Layer / File(s) Summary
Collector size-limit filtering
src/FileDetector/Collector.php
Defines a 30 MB limit, checks file sizes in both collection paths, and logs warnings when files exceed the limit.
Oversized-file collection test
tests/src/FileDetector/CollectorTest.php
Verifies oversized XLF files are excluded, small XLF files are collected, and a warning is logged.

Estimated code review effort: 2 (Simple) | ~10 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Collector
  participant Filesystem
  participant Logger
  participant Detector
  Collector->>Filesystem: Check candidate file size
  Filesystem-->>Collector: Return file size
  Collector->>Logger: Warn when size exceeds 30 MB
  Collector->>Detector: Map files within the size limit
Loading
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the main change: translation files over a size limit are skipped.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/file-size-limit

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 PHPStan (2.2.2)

PHPStan was skipped because the config uses disallowed bootstrapFiles, bootstrapFile, or includes directives.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@konradmichalik

Copy link
Copy Markdown
Contributor Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 9, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@konradmichalik

Copy link
Copy Markdown
Contributor Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 9, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@konradmichalik

Copy link
Copy Markdown
Contributor Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
src/FileDetector/Collector.php (1)

134-138: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Add test coverage for the recursive scan path.

The size-limit guard is applied in both the non-recursive (line 138) and recursive (line 163) code paths, but the new test only exercises the non-recursive path (default $recursive = false). Adding a recursive variant ensures the compound condition in the recursive iterator is also validated against oversized files.

Also applies to: 161-163

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/FileDetector/Collector.php` around lines 134 - 138, Add a test variant
that invokes the recursive scan path by setting recursive to true, using an
oversized file with a supported extension and asserting it is excluded. Keep the
existing non-recursive coverage and target the relevant Collector test and
recursive scanning logic.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/FileDetector/Collector.php`:
- Around line 184-193: Update the size check in the file collection method
containing the filesize() call to handle a false result explicitly: log a
warning identifying the file and inability to determine its size, then return
false. Preserve the existing warning and rejection behavior for files exceeding
MAX_FILE_SIZE.

---

Nitpick comments:
In `@src/FileDetector/Collector.php`:
- Around line 134-138: Add a test variant that invokes the recursive scan path
by setting recursive to true, using an oversized file with a supported extension
and asserting it is excluded. Keep the existing non-recursive coverage and
target the relevant Collector test and recursive scanning logic.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 40eac3d4-778a-4b98-ba05-74c7c850ae0d

📥 Commits

Reviewing files that changed from the base of the PR and between 7ea7046 and 2eabf24.

📒 Files selected for processing (2)
  • src/FileDetector/Collector.php
  • tests/src/FileDetector/CollectorTest.php

Comment on lines +184 to +193
$size = filesize($file);
if (false !== $size && $size > self::MAX_FILE_SIZE) {
$this->logger?->warning(
sprintf('Skipping file exceeding the maximum size of %d bytes: %s', self::MAX_FILE_SIZE, $file),
);

return false;
}

return true;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🩺 Stability & Availability | 🟡 Minor | ⚡ Quick win

Handle filesize() failure explicitly.

When filesize() returns false (e.g., permission denied, file removed between is_file() and filesize()), the file silently passes the size guard with no log entry. This defeats the memory-safety purpose of the limit. Consider logging a warning and returning false (or at minimum logging for observability) when the size cannot be determined.

🛡️ Proposed fix
     private function isWithinSizeLimit(string $file): bool
     {
         $size = filesize($file);
-        if (false !== $size && $size > self::MAX_FILE_SIZE) {
+        if (false === $size) {
+            $this->logger?->warning(
+                sprintf('Unable to determine file size, skipping: %s', $file),
+            );
+
+            return false;
+        }
+
+        if ($size > self::MAX_FILE_SIZE) {
             $this->logger?->warning(
                 sprintf('Skipping file exceeding the maximum size of %d bytes: %s', self::MAX_FILE_SIZE, $file),
             );
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
$size = filesize($file);
if (false !== $size && $size > self::MAX_FILE_SIZE) {
$this->logger?->warning(
sprintf('Skipping file exceeding the maximum size of %d bytes: %s', self::MAX_FILE_SIZE, $file),
);
return false;
}
return true;
$size = filesize($file);
if (false === $size) {
$this->logger?->warning(
sprintf('Unable to determine file size, skipping: %s', $file),
);
return false;
}
if ($size > self::MAX_FILE_SIZE) {
$this->logger?->warning(
sprintf('Skipping file exceeding the maximum size of %d bytes: %s', self::MAX_FILE_SIZE, $file),
);
return false;
}
return true;
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/FileDetector/Collector.php` around lines 184 - 193, Update the size check
in the file collection method containing the filesize() call to handle a false
result explicitly: log a warning identifying the file and inability to determine
its size, then return false. Preserve the existing warning and rejection
behavior for files exceeding MAX_FILE_SIZE.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant