fix: Add input validation and bounds checking to parsing methods

[GT-610]

Multiple parsing methods in the codebase access array elements or split strings without properly validating inputs, which can cause RangeError or StateError exceptions when parsing unexpected input formats.

Issue 1: Missing empty check in Proc.binary getter

The binary getter uses command.split(' ') without checking if the command is empty. If command is empty, split() returns an empty list and accessing parts[0] throws a RangeError.

Issue 2: Missing bounds checking in package manager parser methods

The _parsePacman(), _parseOpkg(), and _parseApk() methods in upgrade_info.dart access array indices without checking if the split result has enough elements.

Issue 3: Missing empty check in _extractJumpHost method

The _extractJumpHost method in ssh_config.dart calls split(' ').first without checking if the input is empty, which would throw a StateError on an empty iterable.

Issue 4: Missing bounds check in SingleCpuCore.parse()

The parse() method in cpu.dart accesses matches[0-6] without checking if the split result has at least 7 elements. If the CPU info line is malformed, this would throw a RangeError.

Benefits

Input validation makes parsing intent obvious, catches malformed data early, unifies defensive patterns, and keeps the app stable.

Summary by CodeRabbit

• Bug Fixes
  • Improved parsing resilience across SSH configuration, package parsers, CPU metrics, and process handling to better handle empty, malformed, or unexpectedly formatted input and avoid crashes.
• Style
  • Minor comment typo corrected to improve readability.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Defensive input validation was added across several parsers to prevent out-of-bounds access: SSH config token extraction, package upgrade parsers, CPU core line parsing, and process binary extraction. One comment typo was corrected.

Changes

Cohort / File(s)	Summary
SSH Configuration Parsing lib/core/utils/ssh_config.dart	Added early null return for empty input; when value contains spaces, split and return first token only if present, otherwise null.
Package Upgrade Parsers lib/data/model/pkg/upgrade_info.dart	Added explicit length checks and thrown exceptions for malformed input in _parsePacman (require ≥4 parts), _parseOpkg (require ≥3 parts), and _parseApk (require ≥2 items).
Server Data Parsing lib/data/model/server/cpu.dart, lib/data/model/server/proc.dart	SingleCpuCore.parse now skips lines with fewer than 7 fields after id removal; process binary getter trims, splits, filters empty tokens, and safely returns the first token or an empty string.
Comment Fix lib/data/provider/container.dart	Corrected typo in comment: "permformance" → "performance".

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐇 I nibble through tokens, one by one,
I guard the lines till parsing is done,
No stray indexes left to fall,
Safe hops, small fixes — I checked them all! 🥕

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title accurately describes the main objective of the changeset: adding input validation and bounds checking to multiple parsing methods across various files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d633d1b and 1fa7ddd.

📒 Files selected for processing (1)

• lib/data/model/pkg/upgrade_info.dart

🚧 Files skipped from review as they are similar to previous changes (1)

• lib/data/model/pkg/upgrade_info.dart

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: check

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d633d1be8d

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI Agents

In @lib/data/model/pkg/upgrade_info.dart:
- Line 65: The early-return guards in _parsePacman, _parseOpkg, and _parseApk
can exit before initializing the late fields package, nowVersion, newVersion,
and arch, causing LateInitializationError; update each parser so that on
malformed input you either (a) assign safe default values to package,
nowVersion, newVersion, and arch before returning, or (b) throw a specific
parsing exception instead of returning, or (c) change those fields to nullable
and set them to null on early return—pick one consistent approach and apply it
to the three functions to ensure the fields are never left uninitialized.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7c35abe and d633d1b.

📒 Files selected for processing (5)

• lib/core/utils/ssh_config.dart
• lib/data/model/pkg/upgrade_info.dart
• lib/data/model/server/cpu.dart
• lib/data/model/server/proc.dart
• lib/data/provider/container.dart

🧰 Additional context used

📓 Path-based instructions (3)

lib/data/provider/**/*.dart

📄 CodeRabbit inference engine (CLAUDE.md)

Organize Riverpod providers by feature under lib/data/provider/

Files:

• lib/data/provider/container.dart

lib/data/model/**/*.dart

📄 CodeRabbit inference engine (CLAUDE.md)

After modifying annotated model files, run: dart run build_runner build --delete-conflicting-outputs

Files:

• lib/data/model/server/cpu.dart
• lib/data/model/server/proc.dart
• lib/data/model/pkg/upgrade_info.dart

lib/data/model/server/**/*.dart

📄 CodeRabbit inference engine (CLAUDE.md)

Place server management models under lib/data/model/server/

Files:

• lib/data/model/server/cpu.dart
• lib/data/model/server/proc.dart

🧠 Learnings (2)

📚 Learning: 2025-10-08T09:36:41.682Z

Learnt from: CR
Repo: lollipopkit/flutter_server_box PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-10-08T09:36:41.682Z
Learning: Applies to lib/data/model/container/**/*.dart : Place container/Docker models under lib/data/model/container/

Applied to files:

• lib/data/provider/container.dart

📚 Learning: 2025-10-08T09:36:41.682Z

Learnt from: CR
Repo: lollipopkit/flutter_server_box PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-10-08T09:36:41.682Z
Learning: Applies to lib/data/model/ssh/**/*.dart : Place SSH models under lib/data/model/ssh/

Applied to files:

• lib/core/utils/ssh_config.dart

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: check

🔇 Additional comments (4)

lib/data/model/server/cpu.dart (1)

169-169: LGTM! Effective bounds check.

The guard correctly prevents out-of-bounds access when parsing malformed CPU lines with fewer than 7 fields.

lib/data/model/server/proc.dart (1)

100-101: LGTM! Robust binary extraction.

The refactored logic safely handles empty commands, whitespace-only input, and multiple spaces by filtering empty tokens before accessing the first element.

lib/data/provider/container.dart (1)

283-283: Nice catch on the typo.

lib/core/utils/ssh_config.dart (1)

152-152: LGTM! Defensive token extraction.

The early empty check at line 152 and the safe token access at line 157 prevent StateError on malformed jump host values.

Also applies to: 156-157