graphql 1.11.4 → 1.11.8

data/lib/graphql/static_validation/rules/input_object_names_are_unique.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+module GraphQL
+  module StaticValidation
+    module InputObjectNamesAreUnique
+      def on_input_object(node, parent)
+        validate_input_fields(node)
+        super
+      end
+
+      private
+
+      def validate_input_fields(node)
+        input_field_defns = node.arguments
+        input_fields_by_name = Hash.new { |h, k| h[k] = [] }
+        input_field_defns.each { |a| input_fields_by_name[a.name] << a }
+
+        input_fields_by_name.each do |name, defns|
+          if defns.size > 1
+            error = GraphQL::StaticValidation::InputObjectNamesAreUniqueError.new(
+              "There can be only one input field named \"#{name}\"",
+              nodes: defns,
+              name: name
+            )
+            add_error(error)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/graphql/static_validation/rules/input_object_names_are_unique_error.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+module GraphQL
+  module StaticValidation
+    class InputObjectNamesAreUniqueError < StaticValidation::Error
+      attr_reader :name
+
+      def initialize(message, path: nil, nodes: [], name:)
+        super(message, path: path, nodes: nodes)
+        @name = name
+      end
+
+      # A hash representation of this Message
+      def to_h
+        extensions = {
+          "code" => code,
+          "name" => name
+        }
+
+        super.merge({
+          "extensions" => extensions
+        })
+      end
+
+      def code
+        "inputFieldNotUnique"
+      end
+    end
+  end
+end
+

data/lib/graphql/static_validation/validation_timeout_error.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+module GraphQL
+  module StaticValidation
+    class ValidationTimeoutError < StaticValidation::Error
+      def initialize(message, path: nil, nodes: [])
+        super(message, path: path, nodes: nodes)
+      end
+
+      # A hash representation of this Message
+      def to_h
+        extensions = {
+          "code" => code
+        }
+
+        super.merge({
+          "extensions" => extensions
+        })
+      end
+
+      def code
+        "validationTimeout"
+      end
+    end
+  end
+end

data/lib/graphql/static_validation/validator.rb

@@ -20,8 +20,10 @@ module GraphQL
 
       # Validate `query` against the schema. Returns an array of message hashes.
       # @param query [GraphQL::Query]
+      # @param validate [Boolean]
+      # @param timeout [Float] Number of seconds to wait before aborting validation. Any positive number may be used, including Floats to specify fractional seconds.
       # @return [Array<Hash>]
-      def validate(query, validate: true)
+      def validate(query, validate: true, timeout: nil)
         query.trace("validate", { validate: validate, query: query }) do
           can_skip_rewrite = query.context.interpreter? && query.schema.using_ast_analysis? && query.schema.is_a?(Class)
           errors = if validate == false && can_skip_rewrite
@@ -32,18 +34,29 @@ module GraphQL
 
             context = GraphQL::StaticValidation::ValidationContext.new(query, visitor_class)
 
-            # Attach legacy-style rules
-            rules_to_use.each do |rule_class_or_module|
-              if rule_class_or_module.method_defined?(:validate)
-                rule_class_or_module.new.validate(context)
+            begin
+              # CAUTION: Usage of the timeout module makes the assumption that validation rules are stateless Ruby code that requires no cleanup if process was interrupted. This means no blocking IO calls, native gems, locks, or `rescue` clauses that must be reached.
+              # A timeout value of 0 or nil will execute the block without any timeout.
+              Timeout::timeout(timeout) do
+                # Attach legacy-style rules.
+                # Only loop through rules if it has legacy-style rules
+                unless (legacy_rules = rules_to_use - GraphQL::StaticValidation::ALL_RULES).empty?
+                  legacy_rules.each do |rule_class_or_module|
+                    if rule_class_or_module.method_defined?(:validate)
+                      rule_class_or_module.new.validate(context)
+                    end
+                  end
+                end
+
+                context.visitor.visit
               end
+            rescue Timeout::Error
+              handle_timeout(query, context)
             end
 
-            context.visitor.visit
             context.errors
           end
 
-
           irep = if errors.empty? && context
             # Only return this if there are no errors and validation was actually run
             context.visitor.rewrite_document
@@ -57,6 +70,15 @@ module GraphQL
           }
         end
       end
+
+      # Invoked when static validation times out.
+      # @param query [GraphQL::Query]
+      # @param context [GraphQL::StaticValidation::ValidationContext]
+      def handle_timeout(query, context)
+        context.errors << GraphQL::StaticValidation::ValidationTimeoutError.new(
+          "Timeout on validation of query"
+        )
+      end
     end
   end
 end

data/lib/graphql/subscriptions.rb

@@ -4,9 +4,7 @@ require "graphql/subscriptions/broadcast_analyzer"
 require "graphql/subscriptions/event"
 require "graphql/subscriptions/instrumentation"
 require "graphql/subscriptions/serialize"
-if defined?(ActionCable)
-  require "graphql/subscriptions/action_cable_subscriptions"
-end
+require "graphql/subscriptions/action_cable_subscriptions"
 require "graphql/subscriptions/subscription_root"
 require "graphql/subscriptions/default_subscription_resolve_extension"
 

data/lib/graphql/subscriptions/action_cable_subscriptions.rb

@@ -4,7 +4,7 @@ module GraphQL
     # A subscriptions implementation that sends data
     # as ActionCable broadcastings.
     #
-    # Experimental, some things to keep in mind:
+    # Some things to keep in mind:
     #
     # - No queueing system; ActiveJob should be added
     # - Take care to reload context when re-delivering the subscription. (see {Query#subscription_update?})
@@ -86,28 +86,32 @@ module GraphQL
       EVENT_PREFIX = "graphql-event:"
 
       # @param serializer [<#dump(obj), #load(string)] Used for serializing messages before handing them to `.broadcast(msg)`
-      def initialize(serializer: Serialize, **rest)
+      # @param namespace [string] Used to namespace events and subscriptions (default: '')
+      def initialize(serializer: Serialize, namespace: '', action_cable: ActionCable, action_cable_coder: ActiveSupport::JSON, **rest)
         # A per-process map of subscriptions to deliver.
         # This is provided by Rails, so let's use it
         @subscriptions = Concurrent::Map.new
         @events = Concurrent::Map.new { |h, k| h[k] = Concurrent::Map.new { |h2, k2| h2[k2] = Concurrent::Array.new } }
+        @action_cable = action_cable
+        @action_cable_coder = action_cable_coder
         @serializer = serializer
+        @transmit_ns = namespace
         super
       end
 
       # An event was triggered; Push the data over ActionCable.
       # Subscribers will re-evaluate locally.
       def execute_all(event, object)
-        stream = EVENT_PREFIX + event.topic
+        stream = stream_event_name(event)
         message = @serializer.dump(object)
-        ActionCable.server.broadcast(stream, message)
+        @action_cable.server.broadcast(stream, message)
       end
 
       # This subscription was re-evaluated.
       # Send it to the specific stream where this client was waiting.
       def deliver(subscription_id, result)
         payload = { result: result.to_h, more: true }
-        ActionCable.server.broadcast(SUBSCRIPTION_PREFIX + subscription_id, payload)
+        @action_cable.server.broadcast(stream_subscription_name(subscription_id), payload)
       end
 
       # A query was run where these events were subscribed to.
@@ -117,7 +121,7 @@ module GraphQL
       def write_subscription(query, events)
         channel = query.context.fetch(:channel)
         subscription_id = query.context[:subscription_id] ||= build_id
-        stream = query.context[:action_cable_stream] ||= SUBSCRIPTION_PREFIX + subscription_id
+        stream = stream_subscription_name(subscription_id)
         channel.stream_from(stream)
         @subscriptions[subscription_id] = query
         events.each do |event|
@@ -141,7 +145,7 @@ module GraphQL
       #
       def setup_stream(channel, initial_event)
         topic = initial_event.topic
-        channel.stream_from(EVENT_PREFIX + topic, coder: ActiveSupport::JSON) do |message|
+        channel.stream_from(stream_event_name(initial_event), coder: @action_cable_coder) do |message|
           object = @serializer.load(message)
           events_by_fingerprint = @events[topic]
           events_by_fingerprint.each do |_fingerprint, events|
@@ -197,6 +201,16 @@ module GraphQL
           end
         end
       end
+
+      private
+
+      def stream_subscription_name(subscription_id)
+        [SUBSCRIPTION_PREFIX, @transmit_ns, subscription_id].join
+      end
+
+      def stream_event_name(event)
+        [EVENT_PREFIX, @transmit_ns, event.topic].join
+      end
     end
   end
 end

data/lib/graphql/tracing/platform_tracing.rb

@@ -95,7 +95,7 @@ module GraphQL
       end
 
       def self.use(schema_defn, options = {})
-        tracer = self.new(options)
+        tracer = self.new(**options)
         schema_defn.instrument(:field, tracer)
         schema_defn.tracer(tracer)
       end

data/lib/graphql/tracing/prometheus_tracing/graphql_collector.rb

@@ -16,7 +16,10 @@ module GraphQL
         end
 
         def collect(object)
-          labels = { key: object['key'], platform_key: object['platform_key'] }
+          default_labels = { key: object['key'], platform_key: object['platform_key'] }
+          custom = object['custom_labels']
+          labels = custom.nil? ? default_labels : default_labels.merge(custom)
+
           @graphql_gauge.observe object['duration'], labels
         end
 

data/lib/graphql/types/int.rb

@@ -9,8 +9,15 @@ module GraphQL
       MIN = -(2**31)
       MAX = (2**31) - 1
 
-      def self.coerce_input(value, _ctx)
-        value.is_a?(Integer) ? value : nil
+      def self.coerce_input(value, ctx)
+        return if !value.is_a?(Integer)
+
+        if value >= MIN && value <= MAX
+          value
+        else
+          err = GraphQL::IntegerDecodingError.new(value)
+          ctx.schema.type_error(err, ctx)
+        end
       end
 
       def self.coerce_result(value, ctx)

data/lib/graphql/types/relay/base_connection.rb

@@ -94,7 +94,8 @@ module GraphQL
             type = nullable ? [@node_type, null: true] : [@node_type]
             field :nodes, type,
               null: nullable,
-              description: "A list of nodes."
+              description: "A list of nodes.",
+              connection: false
           end
         end
 

data/lib/graphql/types/relay/base_edge.rb

@@ -33,7 +33,8 @@ module GraphQL
             if node_type
               @node_type = node_type
               # Add a default `node` field
-              field :node, node_type, null: null, description: "The item at the end of the edge."
+              field :node, node_type, null: null, description: "The item at the end of the edge.",
+                connection: false
             end
             @node_type
           end

data/lib/graphql/types/string.rb

@@ -7,7 +7,13 @@ module GraphQL
 
       def self.coerce_result(value, ctx)
         str = value.to_s
-        str.encoding == Encoding::UTF_8 ? str : str.encode(Encoding::UTF_8)
+        if str.encoding == Encoding::UTF_8
+          str
+        elsif str.frozen?
+          str.encode(Encoding::UTF_8)
+        else
+          str.encode!(Encoding::UTF_8)
+        end
       rescue EncodingError
         err = GraphQL::StringEncodingError.new(str)
         ctx.schema.type_error(err, ctx)

data/lib/graphql/unauthorized_error.rb

@@ -22,7 +22,7 @@ module GraphQL
       @object = object
       @type = type
       @context = context
-      message ||= "An instance of #{object.class} failed #{type.name}'s authorization check"
+      message ||= "An instance of #{object.class} failed #{type.graphql_name}'s authorization check"
       super(message)
     end
   end

data/lib/graphql/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module GraphQL
-  VERSION = "1.11.4"
+  VERSION = "1.11.8"
 end

data/readme.md

@@ -9,7 +9,7 @@
 A Ruby implementation of [GraphQL](https://graphql.org/).
 
 - [Website](https://graphql-ruby.org/)
-- [API Documentation](https://www.rubydoc.info/gems/graphql)
+- [API Documentation](https://www.rubydoc.info/github/rmosolgo/graphql-ruby)
 - [Newsletter](https://tinyletter.com/graphql-ruby)
 
 ## Installation

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: graphql
 version: !ruby/object:Gem::Version
-  version: 1.11.4
+  version: 1.11.8
 platform: ruby
 authors:
 - Robert Mosolgo
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-25 00:00:00.000000000 Z
+date: 2021-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: benchmark-ips
@@ -445,6 +445,7 @@ files:
 - lib/graphql/id_type.rb
 - lib/graphql/input_object_type.rb
 - lib/graphql/int_type.rb
+- lib/graphql/integer_decoding_error.rb
 - lib/graphql/integer_encoding_error.rb
 - lib/graphql/interface_type.rb
 - lib/graphql/internal_representation.rb
@@ -650,6 +651,8 @@ files:
 - lib/graphql/static_validation/rules/fragments_are_on_composite_types_error.rb
 - lib/graphql/static_validation/rules/fragments_are_used.rb
 - lib/graphql/static_validation/rules/fragments_are_used_error.rb
+- lib/graphql/static_validation/rules/input_object_names_are_unique.rb
+- lib/graphql/static_validation/rules/input_object_names_are_unique_error.rb
 - lib/graphql/static_validation/rules/mutation_root_exists.rb
 - lib/graphql/static_validation/rules/mutation_root_exists_error.rb
 - lib/graphql/static_validation/rules/no_definitions_are_present.rb
@@ -676,6 +679,7 @@ files:
 - lib/graphql/static_validation/rules/variables_are_used_and_defined_error.rb
 - lib/graphql/static_validation/type_stack.rb
 - lib/graphql/static_validation/validation_context.rb
+- lib/graphql/static_validation/validation_timeout_error.rb
 - lib/graphql/static_validation/validator.rb
 - lib/graphql/string_encoding_error.rb
 - lib/graphql/string_type.rb
@@ -752,7 +756,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.4
 signing_key: 
 specification_version: 4
 summary: A GraphQL language and runtime for Ruby