Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Variables don't seem to be validated #357

Open
JakeDawkins opened this issue Feb 11, 2021 · 6 comments
Open

Variables don't seem to be validated #357

JakeDawkins opened this issue Feb 11, 2021 · 6 comments

Comments

@JakeDawkins
Copy link

We noticed recently that when we built a query and accidentally added a query variable, and then passed that variable as an argument to a field in an operation that was invalid, we didn't receive any kind of build errors, which made me wonder if arguments and variables are being properly validated, and I don't think they are.

I intend on looking into this deeper, but as a first pass, to reproduce what I'm talking about, you can add any argument you want in the keywords_query test here, and the test will not fail.

The example I used to reproduce this was

query searchQuery($criteria: extern!, $invalid_var: Float!) {
  search {
    transactions(criteria: $searchID, invalid_var: $invalid_var) {
      for
      status
    }
  }
}

Where invalid_var doesn't exist in the schema.

In the meantime, before I have the time to look into this, does anyone know if (and if so, where) these variables are being validated? Or are they not currently part of validation?
@JakeDawkins JakeDawkins mentioned this issue Feb 11, 2021
Closed
@tomhoule
Copy link
Member

There is very little query validation built into the crate — it is something that can be implemented, but it's work that nobody has done yet.

@JakeDawkins
Copy link
Author

@tomhoule I think we'd like to take a look at adding this! Would you be able to help review a PR? 😄

@tomhoule
Copy link
Member

As you probably noticed I sadly don't have free time to work on graphql-client at the moment, but I can definitely make time to review a PR with tests. So yes, that would be awesome :)

@ronanyeah
Copy link

I've been using eslint to validate my query documents.
https://github.com/apollographql/eslint-plugin-graphql
eslint --ext .graphql .

// .eslintrc.js
module.exports = {
  parser: "babel-eslint",
  rules: {
    "graphql/template-strings": [
      "error",
      {
        env: "literal",
        schemaJson: require("./schema.json"),
      },
    ],
  },
  plugins: ["graphql"],
};

@samuela
Copy link

samuela commented Oct 27, 2021

I also ran into this issue recently. I have to say it kinda shook my faith in the whole "Typed, correct" tagline...

What work needs to be done in order to do query validation?

@tomhoule
Copy link
Member

Query validation is part of the graphql spec. Someone would need to implement it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@samuela @JakeDawkins @ronanyeah @tomhoule