Merge dev into main

DinisCruz · DinisCruz · commit 3765f8a267d9 · 2025-05-10T15:56:21.000+01:00
diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
 
 Powerful Python util methods and classes that simplify common apis and tasks.
 
-![Current Release](https://img.shields.io/badge/release-v2.57.0-blue)
+![Current Release](https://img.shields.io/badge/release-v2.57.2-blue)
 [![codecov](https://codecov.io/gh/owasp-sbot/OSBot-Utils/graph/badge.svg?token=GNVW0COX1N)](https://codecov.io/gh/owasp-sbot/OSBot-Utils)
 
 
diff --git a/osbot_utils/helpers/safe_str/Safe_Str.py b/osbot_utils/helpers/safe_str/Safe_Str.py
@@ -37,6 +37,9 @@ def __new__(cls, value: Optional[str] = None) -> 'Safe_Str':
         elif not cls.exact_length and len(value) > cls.max_length:                                                      # Check max length
             raise ValueError(f"Value exceeds maximum length of {cls.max_length} characters (was {len(value)})")
 
+        if cls.allow_empty and value =='':
+            return str.__new__(cls, '')
+
         if cls.strict_validation:                                                                                       # If using strict validation, check if the value matches the regex pattern exactly
             if not cls.regex.search(value) is None:                                                                     # If there are non-matching characters
                 raise ValueError(f"Value contains invalid characters (must match pattern: {cls.regex.pattern})")
diff --git a/osbot_utils/version b/osbot_utils/version
@@ -1 +1 @@
-v2.57.0
+v2.57.2
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name        = "osbot_utils"
-version     = "v2.57.0"
+version     = "v2.57.2"
 description = "OWASP Security Bot - Utils"
 authors     = ["Dinis Cruz <dinis.cruz@owasp.org>"]
 license     = "MIT"
diff --git a/tests/unit/helpers/safe_str/test_Safe_Str.py b/tests/unit/helpers/safe_str/test_Safe_Str.py
@@ -217,4 +217,26 @@ class Hash_Like_Str(Safe_Str):
 
         # Spaces should be trimmed before validation
         with pytest.raises(ValueError, match="Value must be exactly 10 characters long") as exc_info:
-            Hash_Like_Str(' 123456789 ')  # After trimming, it's only 9 chars
+            Hash_Like_Str(' 123456789 ')  # After trimming, it's only 9 chars
+
+    def test__check__trim_whitespace__allow_all_replacement_char(self):
+        class An_Safe_Str(Safe_Str):
+            allow_empty                = True
+            trim_whitespace            = True
+            allow_all_replacement_char = False
+        assert An_Safe_Str() == ''
+        expected_message = "Sanitized value consists entirely of '_' characters"
+        with pytest.raises(ValueError, match=expected_message):
+            An_Safe_Str('*')
+
+    def test__regression__regex__allow_all_replacement_char(self):
+        class An_Safe_Str(Safe_Str):
+            regex                      = re.compile(r'^(?!https?://)')          # on this type of regex
+            allow_all_replacement_char = False                                  # this will trigger the exception bellow
+
+        #expected_message = "Sanitized value consists entirely of '_' characters"
+        # with pytest.raises(ValueError, match=expected_message):
+        #     An_Safe_Str("")                                                    #  BUG: should had not raised
+        assert An_Safe_Str() == ''                                               # FIXED: correct behaviour
+        assert An_Safe_Str(None) == ''
+        assert An_Safe_Str('') == ''
diff --git a/tests/unit/helpers/safe_str/test_Safe_Str__Url.py b/tests/unit/helpers/safe_str/test_Safe_Str__Url.py
@@ -50,16 +50,11 @@ def test_Safe_Str__Url_class(self):
         assert str(Safe_Str__Url('https://example.com/path?param=value+with+spaces'     )) == 'https://example.com/path?param=value+with+spaces'
         assert str(Safe_Str__Url('https://example.com/search?q=test&param="invalid"'    )) == 'https://example.com/search?q=test&param=_invalid_'
 
-        
-        # Edge cases: exceptions with specific error message checks
-        with pytest.raises(ValueError) as exc_info:
-            Safe_Str__Url(None)
-        assert "Sanitized value consists entirely of '_' characters" in str(exc_info.value)                             # todo : find better way to handle this scenario (this error comes from Safe_Str
-        
-        with pytest.raises(ValueError) as exc_info:
-            Safe_Str__Url('')
-        assert "Sanitized value consists entirely of '_' characters" in str(exc_info.value)
+        # Empty values allowed
+        assert Safe_Str__Url(None) == ''
+        assert Safe_Str__Url(''  ) == ''
 
+        # Edge cases: exceptions with specific error message checks
         with pytest.raises(ValueError) as exc_info:
             Safe_Str__Url('example.com')  # Missing scheme
         assert "Sanitized value consists entirely of '_' characters" in str(exc_info.value)                             # todo : find better way to handle this scenario (this error comes from Safe_Str
@@ -106,4 +101,7 @@ def test_url_encoding(self):
         
         # Special characters in URL paths
         assert str(Safe_Str__Url('https://example.com/%7Euser/profile'          )) == 'https://example.com/%7Euser/profile'
-        assert str(Safe_Str__Url('https://example.com/caf%C3%A9'                )) == 'https://example.com/caf%C3%A9'
+        assert str(Safe_Str__Url('https://example.com/caf%C3%A9'                )) == 'https://example.com/caf%C3%A9'
+
+    def test_edge_cases(self):
+        assert Safe_Str__Url() == ''
