fix: validate whether a package is an URL correctly

[huxuan]

…ctly

• I have added a news fragment under changelog.d/ (if the patch affects the end users)

Summary of changes

Fix #1355

Test plan

Tested by running

# command(s) to exercise these changes
nox -s tests

P.S. Mark it as draft as depends on discussion #1354

[huxuan]

Hi @chrysle, thanks for your review.

I have a little concern whether we should combine the check for package argument in one place. Currently we need to check it is not a URL, and according to the discussion in #1354, we also need check it is not a absolute path. Any ideas?

[chrysle]

Hmm, since we only need the path validation in one place, but can reuse the newly introduced function, I'd be inclined to keep it as-is. Or do you mean something else?

[huxuan]

Hmm, since we only need the path validation in one place, but can reuse the newly introduced function, I'd be inclined to keep it as-is. Or do you mean something else?

I thought to combine all the validation for package and packages argument in one function, but I did not releaize we also need to ensure the spec argument is not a URL but not for an absolute path. So it is fine to keep it as it is now.

In this way, we need another function to fix #1354, something like package_is_abspath. This will be used in the validation for package and packages but not for spec.

Let me know if there is anything wrong.

BTW, if so, then this pull request should be ready for review.

[chrysle]

Thanks!