-
-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error: Schema for validaton is undefined #4634
Comments
I added that fix because I had undefined schemas and all was working fine. I tested what I was going adding into the db and I spot additional fields that was unexpected.. Then a debug session pointed me to a typo! I'm sure out there there are a lot of typos and developers that think to have set a validation schema.. But they are not! I think that setting a schema as undefined is a "don't care" action. Do not add the property if you don't want the schema instead. |
Instead of |
Yes, but this is a breaking change for me :C |
I like the @climba03003 proposal as mediation 👍 Even though I think an error shows a real security issue tbh |
Sorry, I can't agree with you. This change was about type system and contracts, but not about security. You're trying to shift the user's responsibility on library level. |
@c0sx there are two aspect at play here:
In Fastify, we do deprecation on the current supported line and removal in the next major. If we turned it into a warning, all your code would still work. Overall I'm not convinced of the actual change. More specifically, |
The logic is: if de dav has set the property field (
Absolutely yes, it is both. Security because an endpoint must validate its input and because the framework must help the dev and understand clearly unwanted behaviour: why a developer should write I mean, you need to change it to this code to make it optional:
This will not add the |
Hello all, I think #4620 caused a breaking change for me too. We have |
Throughout the conversation, we should change the |
Sure, @climba03003. I think this is an excellent opportunity for me to become a Fastify contributor. To ensure I understand the scope of the change, what we want is to emit a warning instead of throwing an error, don't we? I have seen there is an abstraction for using warning on Fastify, i.e. |
Yes, so it can be tested easily as well |
Thank you for the feedback, @Eomm. I'm working on it today! stay tuned :P |
Prerequisites
Fastify version
4.15.0
Plugin version
No response
Node.js version
any
Operating system
Windows
Operating system version (i.e. 20.04, 11.3, 10)
10
Description
4.15 release have a backward compatibility issue (PR): it throws an error if schema for validation is undefined.
For example, we get a schemas and pass them to fastify.
Steps to Reproduce
Server throws an error
Failed building the validation schema for GET: /, due to error headers schema is undefined"
when startedExpected Behavior
I think that
undefined
is acceptable value, which means that validation will be skipped.The text was updated successfully, but these errors were encountered: