JSON schema validation of a string against a regex pattern does not work #6089
Comments
charlieegan3
changed the title
|
Thanks for opening this issue @ewout8. Here's another playground example showing that the schema is also valid: https://play.openpolicyagent.org/p/fmjL7tdsde Anyone else running into this issue in the meantime, might be able to use |
|
This was intentionally disabled for the purpose of type checking, where the pattern serves no meaningful purpose, but still would have some schemas fail the entire policy compilation process as the RE2 dialect used by Golang/OPA would choke on anything from the Javascript Regex dialect from JSON schema it did not understand, like negative lookahead. This was before these new JSON schema related built-in functions were added though. For those, pattern property validation makes sense, although with the same caveat as mentioned above, that some patterns are simply going to fail even if "valid". I haven't looked into it, but I can imagine it'll be hairy to try and make this conditional, as we had to patch the vendored code in order to fix this. |
|
If it was intentionally disabled I would expect the validation of the schema itself to fail, or at least some warning. The whole purpose of validating the input for me is not having to do checks in policy rules. My best option now is validating the input document outside OPA I guess. |
|
Perhaps I wasn't clear enough — pattern validation was not intentionally disabled for these built-in functions. It couldn't have been, as they did not exist at the time 🙂 The JSON schema library we depend on is used for another purpose in OPA, which is (optional) enhanced compile time type checking. Pattern validation makes no sense in that context, but still managed to fail some cases where an unknown pattern was provided and because of that it was disabled. The problem is that these built-in functions depend on the same patched JSON schema library where we had to disable that, so the challenge will be to make that feature conditional.. i.e. keep it disabled for type checking while have it enabled for the schema validation built-in functions. |
|
This issue has been automatically marked as inactive because it has not had any activity in the last 30 days. Although currently inactive, the issue could still be considered and actively worked on in the future. More details about the use-case this issue attempts to address, the value provided by completing it or possible solutions to resolve it would help to prioritize the issue. |
|
+1 |
Short description
JSON validation of a string against a regex pattern does not work. All strings are valid, regardless of the pattern in the json-schema.
Steps To Reproduce
https://play.openpolicyagent.org/p/bp1bkcvv0y
Expected behavior
Strings that do not match the regex pattern cause the JSON validation to fail.
The text was updated successfully, but these errors were encountered: