graphql 1.11.8 → 1.11.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4b72615f5488c1aa58c921128dd067d9f098b4617c954ac267e37efa72a9107c
-  data.tar.gz: 4690738202ecd5d048802c80f1fc87095e0c1de4a02adcba26e88415f401908c
+  metadata.gz: '03288f39c878bbb9e7e0831ec3b7f5238e4063439df8f1a8a297b6d2e88798c4'
+  data.tar.gz: 157ad2e363c871c5fe5e13322fe5ea98aedfee77febd0c77ea092507fa11d696
 SHA512:
-  metadata.gz: 744ca52fc03919a071013a27139112c2c18e487f333ee335ea374feaef06bb904079d4c54e0ddf088d2b5dfa345172efb3063faefa792c1c8ade38616752fa1a
-  data.tar.gz: 90fffd6928d128f2516e4f49c9d729a26a57101683e19d0a90818c45f431bae221e4b8b1bf8d7bc374e20c8e98e3f0a0963877e818ae946f999d40942182cddd
+  metadata.gz: 6ab05e247b8a3a3a1d08daec2edeb20fdc29b2cf196e34a5f84fbf228da1bd5da7ce445b2972648b6ce4c74f15e6d1dfc8b2eb1fc0929dd0df2b67f2db4e73da
+  data.tar.gz: 4ce3349c4cd3623827d1596bfbdb9b8974a26cc5ffc5be162c1f3b6fc1fb8922d8902e166345d14afcba77f8b693607769eee2db52907b79190f6beb5ee2ece2

data/lib/graphql/schema.rb

@@ -157,7 +157,7 @@ module GraphQL
 
     accepts_definitions \
       :query_execution_strategy, :mutation_execution_strategy, :subscription_execution_strategy,
-      :validate_timeout, :max_depth, :max_complexity, :default_max_page_size,
+      :validate_timeout, :validate_max_errors, :max_depth, :max_complexity, :default_max_page_size,
       :orphan_types, :resolve_type, :type_error, :parse_error,
       :error_bubbling,
       :raise_definition_error,
@@ -196,7 +196,7 @@ module GraphQL
     attr_accessor \
       :query, :mutation, :subscription,
       :query_execution_strategy, :mutation_execution_strategy, :subscription_execution_strategy,
-      :validate_timeout, :max_depth, :max_complexity, :default_max_page_size,
+      :validate_timeout, :validate_max_errors, :max_depth, :max_complexity, :default_max_page_size,
       :orphan_types, :directives,
       :query_analyzers, :multiplex_analyzers, :instrumenters, :lazy_methods,
       :cursor_encoder,
@@ -366,7 +366,7 @@ module GraphQL
       validator_opts = { schema: self }
       rules && (validator_opts[:rules] = rules)
       validator = GraphQL::StaticValidation::Validator.new(**validator_opts)
-      res = validator.validate(query, timeout: validate_timeout)
+      res = validator.validate(query, timeout: validate_timeout, max_errors: validate_max_errors)
       res[:errors]
     end
 
@@ -951,6 +951,7 @@ module GraphQL
         schema_defn.mutation = mutation && mutation.graphql_definition
         schema_defn.subscription = subscription && subscription.graphql_definition
         schema_defn.validate_timeout = validate_timeout
+        schema_defn.validate_max_errors = validate_max_errors
         schema_defn.max_complexity = max_complexity
         schema_defn.error_bubbling = error_bubbling
         schema_defn.max_depth = max_depth
@@ -1286,6 +1287,19 @@ module GraphQL
         end
       end
 
+      attr_writer :validate_max_errors
+
+      def validate_max_errors(new_validate_max_errors = nil)
+        if new_validate_max_errors
+          @validate_max_errors = new_validate_max_errors
+        elsif defined?(@validate_max_errors)
+          @validate_max_errors
+        else
+          find_inherited_value(:validate_max_errors)
+        end
+      end
+
+
       attr_writer :max_complexity
 
       def max_complexity(max_complexity = nil)

data/lib/graphql/static_validation/base_visitor.rb

@@ -205,6 +205,9 @@ module GraphQL
       private
 
       def add_error(error, path: nil)
+        if @context.too_many_errors?
+          throw :too_many_validation_errors
+        end
         error.path ||= (path || @path.dup)
         context.errors << error
       end

data/lib/graphql/static_validation/rules/fields_will_merge.rb

@@ -193,26 +193,26 @@ module GraphQL
           if node1.name != node2.name
             errored_nodes = [node1.name, node2.name].sort.join(" or ")
             msg = "Field '#{response_key}' has a field conflict: #{errored_nodes}?"
-            context.errors << GraphQL::StaticValidation::FieldsWillMergeError.new(
+            add_error(GraphQL::StaticValidation::FieldsWillMergeError.new(
               msg,
               nodes: [node1, node2],
               path: [],
               field_name: response_key,
               conflicts: errored_nodes
-            )
+            ))
           end
 
           if !same_arguments?(node1, node2)
             args = [serialize_field_args(node1), serialize_field_args(node2)]
             conflicts = args.map { |arg| GraphQL::Language.serialize(arg) }.join(" or ")
             msg = "Field '#{response_key}' has an argument conflict: #{conflicts}?"
-            context.errors << GraphQL::StaticValidation::FieldsWillMergeError.new(
+            add_error(GraphQL::StaticValidation::FieldsWillMergeError.new(
               msg,
               nodes: [node1, node2],
               path: [],
               field_name: response_key,
               conflicts: conflicts
-            )
+            ))
           end
         end
 

data/lib/graphql/static_validation/rules/fragments_are_finite.rb

@@ -7,12 +7,12 @@ module GraphQL
         dependency_map = context.dependencies
         dependency_map.cyclical_definitions.each do |defn|
           if defn.node.is_a?(GraphQL::Language::Nodes::FragmentDefinition)
-            context.errors << GraphQL::StaticValidation::FragmentsAreFiniteError.new(
+            add_error(GraphQL::StaticValidation::FragmentsAreFiniteError.new(
               "Fragment #{defn.name} contains an infinite loop",
               nodes: defn.node,
               path: defn.path,
               name: defn.name
-            )
+            ))
           end
         end
       end

data/lib/graphql/static_validation/validation_context.rb

@@ -19,10 +19,11 @@ module GraphQL
 
       def_delegators :@query, :schema, :document, :fragments, :operations, :warden
 
-      def initialize(query, visitor_class)
+      def initialize(query, visitor_class, max_errors)
         @query = query
         @literal_validator = LiteralValidator.new(context: query.context)
         @errors = []
+        @max_errors = max_errors || Float::INFINITY
         @on_dependency_resolve_handlers = []
         @visitor = visitor_class.new(document, self)
       end
@@ -38,6 +39,10 @@ module GraphQL
       def validate_literal(ast_value, type)
         @literal_validator.validate(ast_value, type)
       end
+
+      def too_many_errors?
+        @errors.length >= @max_errors
+      end
     end
   end
 end

data/lib/graphql/static_validation/validator.rb

@@ -22,8 +22,9 @@ module GraphQL
       # @param query [GraphQL::Query]
       # @param validate [Boolean]
       # @param timeout [Float] Number of seconds to wait before aborting validation. Any positive number may be used, including Floats to specify fractional seconds.
+      # @param max_errors [Integer] Maximum number of errors before aborting validation. Any positive number will limit the number of errors. Defaults to nil for no limit.
       # @return [Array<Hash>]
-      def validate(query, validate: true, timeout: nil)
+      def validate(query, validate: true, timeout: nil, max_errors: nil)
         query.trace("validate", { validate: validate, query: query }) do
           can_skip_rewrite = query.context.interpreter? && query.schema.using_ast_analysis? && query.schema.is_a?(Class)
           errors = if validate == false && can_skip_rewrite
@@ -32,23 +33,26 @@ module GraphQL
             rules_to_use = validate ? @rules : []
             visitor_class = BaseVisitor.including_rules(rules_to_use, rewrite: !can_skip_rewrite)
 
-            context = GraphQL::StaticValidation::ValidationContext.new(query, visitor_class)
+            context = GraphQL::StaticValidation::ValidationContext.new(query, visitor_class, max_errors)
 
             begin
               # CAUTION: Usage of the timeout module makes the assumption that validation rules are stateless Ruby code that requires no cleanup if process was interrupted. This means no blocking IO calls, native gems, locks, or `rescue` clauses that must be reached.
               # A timeout value of 0 or nil will execute the block without any timeout.
               Timeout::timeout(timeout) do
-                # Attach legacy-style rules.
-                # Only loop through rules if it has legacy-style rules
-                unless (legacy_rules = rules_to_use - GraphQL::StaticValidation::ALL_RULES).empty?
-                  legacy_rules.each do |rule_class_or_module|
-                    if rule_class_or_module.method_defined?(:validate)
-                      rule_class_or_module.new.validate(context)
+
+                catch(:too_many_validation_errors) do
+                  # Attach legacy-style rules.
+                  # Only loop through rules if it has legacy-style rules
+                  unless (legacy_rules = rules_to_use - GraphQL::StaticValidation::ALL_RULES).empty?
+                    legacy_rules.each do |rule_class_or_module|
+                      if rule_class_or_module.method_defined?(:validate)
+                        rule_class_or_module.new.validate(context)
+                      end
                     end
                   end
-                end
 
-                context.visitor.visit
+                  context.visitor.visit
+                end
               end
             rescue Timeout::Error
               handle_timeout(query, context)

data/lib/graphql/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module GraphQL
-  VERSION = "1.11.8"
+  VERSION = "1.11.9"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: graphql
 version: !ruby/object:Gem::Version
-  version: 1.11.8
+  version: 1.11.9
 platform: ruby
 authors:
 - Robert Mosolgo
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-02-12 00:00:00.000000000 Z
+date: 2021-11-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: benchmark-ips
@@ -741,7 +741,7 @@ metadata:
   source_code_uri: https://github.com/rmosolgo/graphql-ruby
   bug_tracker_uri: https://github.com/rmosolgo/graphql-ruby/issues
   mailing_list_uri: https://tinyletter.com/graphql-ruby
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -756,8 +756,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
-signing_key: 
+rubygems_version: 3.2.22
+signing_key:
 specification_version: 4
 summary: A GraphQL language and runtime for Ruby
 test_files: []