Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Empty argument lists () should be disallowed #292

Closed
yuchenshi opened this issue Mar 25, 2024 · 2 comments
Closed

Empty argument lists () should be disallowed #292

yuchenshi opened this issue Mar 25, 2024 · 2 comments

Comments

@yuchenshi
Copy link
Contributor

yuchenshi commented Mar 25, 2024
edited

What happened?

This document validates in gqlparser.

query GetSomething() { # <-- empty arguments list here
  user() { # <-- empty argument list here
    name
  }
}

What did you expect?

There should be a validation error in Line 1 and Line 2 each because in GraphQL, Arguments must contain at least one Argument. In GraphQL spec, the notation [list] means one or more -- see spec definition

Note that the entire "Arguments" portion is optional in both contexts, therefore query GetSomething { ... } is allowed and so is user { ... }, but if the braces () are present they must contain something.

graphql-js reports errors on both cases correctly.

Minimal graphql.schema and models to reproduce

type User {
  name: String
}

Although I haven't tested this, I suspect name(): String will also parse in gqlparser but it should have errored according to the spec. There may be other cases with similar issues but I haven't done a full audit of the spec nor gqlparser.

versions

  • go list -m github.com/vektah/gqlparser/v2?
  • go version?
github.com/vektah/gqlparser/v2 v2.5.11
go version go1.18 linux/amd64
@StevenACoffman
Copy link
Collaborator

Thank you for noticing this issue! Can you please submit a PR to correct it?

yuchenshi added a commit to yuchenshi/gqlparser that referenced this issue Apr 5, 2024
@yuchenshi
Disallow empty parens (vektah#292).
6acf555
@yuchenshi
Copy link
Contributor Author

@StevenACoffman Sure, #293

@yuchenshi yuchenshi mentioned this issue Apr 5, 2024
Merged
1 task
StevenACoffman pushed a commit that referenced this issue Apr 5, 2024
@yuchenshi
Disallow empty parens (#292). (#293)
59e3c3a
andaaron added a commit to rchincha/zot that referenced this issue Jun 4, 2024
@andaaron
fix(zli): _schema query in zli code should not use empty parens
33e8be8 
See vektah/gqlparser#292 and vektah/gqlparser#293

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
andaaron added a commit to rchincha/zot that referenced this issue Jun 4, 2024
@andaaron
fix(zli): _schema query in zli code should not use empty parens
26d519d 
Fix also some tests
See vektah/gqlparser#292 and vektah/gqlparser#293

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
andaaron added a commit to project-zot/zot that referenced this issue Jun 4, 2024
@rchincha @andaaron
chore: fix dependabot alerts (#2446)
1594852 
* chore: fix dependabot alerts

#2435
#2436
#2437
#2438
#2439
#2440
#2441
#2442
#2443
#2444
#2445
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* fix(zli): _schema query in zli code should not use empty parens

Fix also some tests
See vektah/gqlparser#292 and vektah/gqlparser#293

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

---------

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
Co-authored-by: Andrei Aaron <aaaron@luxoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@StevenACoffman @yuchenshi