Uuid::isValid() is broken with uppercase letters

As far as I know, uppercase characters are not allowed in UUIDs, so an uppercased string should be invalid.

According to RFC4122:

The hexadecimal values "a" through "f" are output as lower case characters and are case insensitive on input.

So the current regex pattern in Uuid::isValid() is correct, if we're reading an existing entity's UUID.
Would it be better to:

a) add something to the long description of the function, to recommend wrapping the argument in strtolower() if it contains digits A-F, or
b) add a default parameter to the method signature - something like this:

public static function isValid($uuid, $allow_uppercase = FALSE) {
  $pattern = '/^' . self::VALID_PATTERN . '$/';
  if ($allow_uppercase) {
    $pattern .= 'i';
  }
  return (bool) preg_match($pattern, $uuid);
}

I'd suggest a) as being simpler.

Re #3:

The hexadecimal values "a" through "f" are output as lower case characters and are case insensitive on input.

I see now. Wouldn't this be better?

Oh, I see #3 vs #5, the issue is input vs output.

Yeah better adapt the regex we use. Do you pointing to the right location in the RFC from within the documentation?

To anyone interested, you need to edit Drupal\Tests\Component\Uuid\UuidTest::providerTestValidation and add some uppercased UUIDs.

The test modification is suitable for a Novice.

Attached a patch to update the regex (with documentation), and test a UUID with uppercase digits.

@djevans That's looking pretty good.

I am wondering what the effect of this patch could be on storing UUIDs. Could we now store an upper-cased UUID and maybe output it the same way, which (I guess) by the RFC is not ok?

@mbovan No, UuidInterface::generate() doesn't make any validation checks.

You can also pass arbitrary UUIDs into Entity::create(), so something like this will work (although maybe it shouldn't):

use \Drupal\node\Entity\Node;

$values = ['type' => 'article', 'title' => 'Foo', 'uuid' => '123'];
$node = Node::create($values);
$node->save();

We could define a valid uuid constraint on UuidItem but that seems like a separate task.

We've seen uppercase UUID's when importing data from external systems and yes, for some weird reasons, @mbovan's Drupal generates uppercase UUID's ;)

It's not exactly obvious that you have to convert them to lowercase or somewhere down the line it suddenly won't work. But I guess that's how it is, I agree that we shouldn't allow something that is clearly against the standard.

From that quite in #3:

The hexadecimal values "a" through "f" are output as lower case characters and are case insensitive on input.

However, see my explanation in #2613926: The PECL UUID implementation can return invalid UUIDs, it's better to enforce it, so we should possibly close this as duplicate of that issue?

I agree.