rack-graphql 2.4.0 → 2.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0d1aad090a41b8371934fb35708504a1c08d473aa4991607119fd98485adefbf
-  data.tar.gz: 25902f5ffc962398799a20fe3bdeb4dd7b3dae772d7f5bbcddbd267c8f9eb6d4
+  metadata.gz: b0aed325620504c52731b38726309a1633831e5af42af1f2a42b9a85e1c7b662
+  data.tar.gz: df13c1c063bab50027908d4c44f0ecc242fca1bf6d7485e1fadb69a2e9dddbac
 SHA512:
-  metadata.gz: d5daf847af3b599990248a75664aed30015c88b136bf8a91f530a81716d8739a8dbd3fc272e46bfe36abbc9b1b1f2ad50968e1da64697df23e85adee5183b519
-  data.tar.gz: dd3e2c521fa4112b3c177f29e4a0a53d94036e4aabca5c50b43c79518828ac5140ddd2b94bd41a571aa23ebb7cc45f66af4c1fc1c27df92b8ebbffa8ade55612
+  metadata.gz: a0ca07400a4d7229462f720310d9da3a734c91ca78318bcba122734d8983cae935563488c1e146f19a991d3a1890be740ba6f752fb6ef0babeca791f188bed3b
+  data.tar.gz: 571b478112fd84ae108c78afd17a1e48a7163d8c2c2b582824ec9b2bdb1057aaa934a9a12f9a0dadfa6fe0008a80391e5d210970cc7736bfcfee173b09757ca6

data/.bundler-version

@@ -0,0 +1 @@
+2.2.14

data/.dependabot/config.yml

@@ -3,9 +3,14 @@ version: 1
 update_configs:
   - package_manager: "ruby:bundler"
     directory: "/"
-    update_schedule: "monthly"
+    update_schedule: "daily"
     commit_message:
       prefix: "[dependabot]"
     allowed_updates:
       - match:
-          update_type: "all"
+          dependency_type: "all"
+          update_type: "security"
+    automerged_updates:
+      - match:
+          dependency_type: "all"
+          update_type: "security:patch"

data/.github/workflows/auto-merge.yml

@@ -0,0 +1,19 @@
+name: automerge
+on:
+  pull_request_review:
+    types:
+      - submitted
+  check_suite:
+    types:
+      - completed
+  status: {}
+jobs:
+  automerge:
+    runs-on: ubuntu-latest
+    steps:
+      - name: automerge
+        uses: "pascalgn/automerge-action@v0.12.0"
+        env:
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+          MERGE_METHOD: squash
+          MERGE_DELETE_BRANCH: true

data/.travis.yml

@@ -5,6 +5,7 @@ cache: bundler
 rvm:
   - 2.6
   - 2.7
+  - 3.0
 before_install: gem install bundler
 script:
   - bundle exec rake rubocop

data/CHANGELOG.md

@@ -1,5 +1,25 @@
 # CHANGELOG
 
+## 2.7.0 - 2021-03-24
+
+- Add ability to skip setting up health endpoint on root path with `health_on_root_path` option.
+
+## 2.6.1 - 2021-01-14
+
+- Fix uninitialized `Timeout` error. The issue was fixed in https://github.com/rmosolgo/graphql-ruby/commit/56abba472dbb48a1f8445d41f928bea72b5148e9, but new version has not yet been relased.
+
+## 2.6.0 - 2021-01-14
+
+- Add ability to re-raise exception (`re_raise_exceptions` option)
+
+## 2.5.1 - 2020-11-19
+
+- respond with http status `400` when UTF null byte is passed as a part of the input
+
+## 2.5.0 - 2020-11-18
+
+- make `log_exception_backtrace` false by default and allow to be controlled by `RACK_GRAPHQL_LOG_EXCEPTION_BACKTRACE` env var
+
 ## 2.4.0 - 2020-09-39
 
 - Use `http_status` from `ExecutionError` for http response

data/Gemfile.lock

@@ -1,68 +1,69 @@
 PATH
   remote: .
   specs:
-    rack-graphql (2.4.0)
-      graphql (~> 1.11)
+    rack-graphql (2.7.0)
+      graphql
       oj
       rack (~> 2.2)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    ast (2.4.1)
-    awesome_print (1.8.0)
+    ast (2.4.2)
+    awesome_print (1.9.2)
     coderay (1.1.3)
     diff-lcs (1.4.4)
-    graphql (1.11.5)
+    graphql (1.12.6)
     method_source (1.0.0)
-    oj (3.10.14)
-    parallel (1.19.2)
-    parser (2.7.1.5)
+    oj (3.11.3)
+    parallel (1.20.1)
+    parser (3.0.0.0)
       ast (~> 2.4.1)
-    pry (0.13.1)
+    pry (0.14.0)
       coderay (~> 1.1)
       method_source (~> 1.0)
     rack (2.2.3)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rainbow (3.0.0)
-    rake (13.0.1)
-    regexp_parser (1.8.1)
+    rake (13.0.3)
+    regexp_parser (2.1.1)
     rexml (3.2.4)
-    rspec (3.9.0)
-      rspec-core (~> 3.9.0)
-      rspec-expectations (~> 3.9.0)
-      rspec-mocks (~> 3.9.0)
-    rspec-core (3.9.2)
-      rspec-support (~> 3.9.3)
-    rspec-expectations (3.9.2)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.1)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-mocks (3.9.1)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-support (3.9.3)
-    rubocop (0.92.0)
+      rspec-support (~> 3.10.0)
+    rspec-support (3.10.2)
+    rubocop (1.11.0)
       parallel (~> 1.10)
-      parser (>= 2.7.1.5)
+      parser (>= 3.0.0.0)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.7)
+      regexp_parser (>= 1.8, < 3.0)
       rexml
-      rubocop-ast (>= 0.5.0)
+      rubocop-ast (>= 1.2.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-ast (0.7.1)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.4.1)
       parser (>= 2.7.1.5)
-    rubocop-performance (1.8.1)
-      rubocop (>= 0.87.0)
-      rubocop-ast (>= 0.4.0)
-    rubocop-rspec (1.43.2)
-      rubocop (~> 0.87)
-    ruby-progressbar (1.10.1)
-    unicode-display_width (1.7.0)
+    rubocop-rake (0.5.1)
+      rubocop
+    rubocop-rspec (2.2.0)
+      rubocop (~> 1.0)
+      rubocop-ast (>= 1.1.0)
+    ruby-progressbar (1.11.0)
+    unicode-display_width (2.0.0)
 
 PLATFORMS
-  ruby
+  x86_64-darwin-20
+  x86_64-linux
 
 DEPENDENCIES
   awesome_print
@@ -73,8 +74,8 @@ DEPENDENCIES
   rake
   rspec
   rubocop
-  rubocop-performance
+  rubocop-rake
   rubocop-rspec
 
 BUNDLED WITH
-   2.1.4
+   2.2.15

data/README.md

@@ -23,13 +23,16 @@ Add following to your `config.ru` file:
 
 ```ruby
 run RackGraphql::Application.call(
-  schema: YourGraqphqlSchema,                      # required
-  app_name: 'your-service-name',                   # optional, used for health endpoint content
-  context_handler: YourGraphqlContextHandler,      # optional, empty `proc` by default
-  log_exception_backtrace: !A9n.env.production?,   # optional, `true` default
-  health_route: true,                              # optional, true by default
-  logger: A9n.logger,                              # optional, not set by default
+  schema: YourGraqphqlSchema,                       # required
+  app_name: 'your-service-name',                    # optional, used for health endpoint content
+  context_handler: YourGraphqlContextHandler,       # optional, empty `proc` by default
+  log_exception_backtrace: !A9n.env.production?,    # optional, `false` default
+  # `true` when `RACK_GRAPHQL_LOG_EXCEPTION_BACKTRACE` env var is set to `'1'` or `'true'`
+  health_route: true,                               # optional, true by default
+  health_on_root_path: health_route,                # optional, health_route value by default (mind map '/' is covering '/any/path-123') 
+  logger: A9n.logger,                               # optional, not set by default
   error_status_code_map: { IamTeapotError => 418 }, # optional
+  re_raise_exceptions: true,                        # optional, false by default
 )
 ```
 
@@ -80,6 +83,38 @@ RackGraphql catches all errors and respond with 500 code. By default it adds exc
 RackGraphql.log_exception_backtrace = false
 ```
 
+### Error tracking/reporting
+
+To respect the graphql spec, all errors need to be returned as json and `rack-graphql` catches all exceptions and does NOT re-raise them. You can change this behavior via `re_raise_exceptions` argument.
+Because of this, using error tracking middleware (`use Sentry::Rack::CaptureExceptions`, `use Raven::Rack`) does not take any effect for graphql requests.
+
+To use Sentry or other reporting tool for graphql queries, you should handle it on graphql schema level:
+
+```ruby
+class MySchema < GraphQL::Schema
+  rescue_from StandardError do |e, obj, args, ctx, field|
+    extra = {
+      args: args,
+      field: field.inspect,
+      context: ctx
+    }
+    Sentry.capture_exception(e, extra: extra)
+    # re-raise to be handled by rack middleware
+    raise
+    # or return execution error
+    ::GraphQL::ExecutionError.new(
+      exception.class.to_s,
+      options: { "http_status" => 500 },
+      extensions: {
+        "code" => exception.class.to_s,
+        "http_status" => 500,
+        "details" => exception.inspect
+      }
+    )
+  end
+end
+```
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/RenoFi/rack-graphql. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.

data/lib/rack_graphql.rb

@@ -2,6 +2,10 @@ require 'oj'
 require 'rack'
 require 'graphql'
 
+# Timeout needs to be manually required before following fix is released:
+# https://github.com/rmosolgo/graphql-ruby/commit/56abba472dbb48a1f8445d41f928bea72b5148e9
+require 'timeout'
+
 require 'rack_graphql/version'
 require 'rack_graphql/exceptions'
 require 'rack_graphql/health_response_builder'
@@ -10,8 +14,12 @@ require 'rack_graphql/application'
 
 module RackGraphql
   class << self
-    attr_accessor :log_exception_backtrace
-  end
+    def log_exception_backtrace
+      return @log_exception_backtrace unless @log_exception_backtrace.nil?
 
-  self.log_exception_backtrace = true
+      %w[1 true].include?(ENV['RACK_GRAPHQL_LOG_EXCEPTION_BACKTRACE'].to_s)
+    end
+
+    attr_writer :log_exception_backtrace
+  end
 end

data/lib/rack_graphql/application.rb

@@ -5,9 +5,11 @@ module RackGraphql
       app_name: 'rack-graphql-service',
       logger: nil,
       context_handler: nil,
+      re_raise_exceptions: false,
       log_exception_backtrace: RackGraphql.log_exception_backtrace,
       health_route: true,
       health_response_builder: RackGraphql::HealthResponseBuilder,
+      health_on_root_path: health_route,
       error_status_code_map: {}
     )
 
@@ -17,6 +19,7 @@ module RackGraphql
             app_name: app_name,
             schema: schema,
             context_handler: context_handler,
+            re_raise_exceptions: re_raise_exceptions,
             logger: logger,
             log_exception_backtrace: log_exception_backtrace,
             error_status_code_map: error_status_code_map,
@@ -31,7 +34,9 @@ module RackGraphql
           map '/healthz' do
             run ->(env) { health_response_builder.new(app_name: app_name, env: env).build }
           end
+        end
 
+        if health_on_root_path
           map '/' do
             run ->(env) { health_response_builder.new(app_name: app_name, env: env).build }
           end

data/lib/rack_graphql/middleware.rb

@@ -2,6 +2,7 @@ module RackGraphql
   class Middleware
     DEFAULT_STATUS_CODE = 200
     DEFAULT_ERROR_STATUS_CODE = 500
+    NULL_BYTE = '\u0000'.freeze
 
     def initialize(
       schema:,
@@ -9,6 +10,7 @@ module RackGraphql
       context_handler: nil,
       logger: nil,
       log_exception_backtrace: RackGraphql.log_exception_backtrace,
+      re_raise_exceptions: false,
       error_status_code_map: {}
     )
 
@@ -17,6 +19,7 @@ module RackGraphql
       @context_handler = context_handler || ->(_) {}
       @logger = logger
       @log_exception_backtrace = log_exception_backtrace
+      @re_raise_exceptions = re_raise_exceptions
       @error_status_code_map = error_status_code_map
     end
 
@@ -51,9 +54,14 @@ module RackGraphql
       ]
     rescue StandardError, LoadError, SyntaxError => e
       # To respect the graphql spec, all errors need to be returned as json.
-      # It needs to take Rack::ShowExceptions role of catching all exceptions raised by the app.
+      # By default exceptions are not re-raised,
+      # so they cannot be caught by error tracking rack middlewares.
+      # You can change this behavior via `re_raise_exceptions` argument.
       exception_string = dump_exception(e)
       log(exception_string)
+
+      raise e if re_raise_exceptions
+
       env[Rack::RACK_ERRORS].puts(exception_string)
       env[Rack::RACK_ERRORS].flush
       [
@@ -67,14 +75,18 @@ module RackGraphql
 
     private
 
-    attr_reader :schema, :app_name, :logger, :context_handler, :log_exception_backtrace, :error_status_code_map
+    attr_reader :schema, :app_name, :logger, :context_handler,
+      :log_exception_backtrace, :error_status_code_map, :re_raise_exceptions
 
     def post_request?(env)
       env['REQUEST_METHOD'] == 'POST'
     end
 
     def post_data(env)
-      ::Oj.load(env['rack.input'].gets.to_s)
+      payload = env['rack.input'].read.to_s
+      return nil if payload.index(NULL_BYTE)
+
+      ::Oj.load(payload)
     rescue Oj::ParseError
       nil
     end

data/lib/rack_graphql/version.rb

@@ -1,3 +1,3 @@
 module RackGraphql
-  VERSION = '2.4.0'.freeze
+  VERSION = '2.7.0'.freeze
 end

data/rack-graphql.gemspec

@@ -25,7 +25,7 @@ Gem::Specification.new do |spec|
 
   spec.required_ruby_version = '>= 2.6'
 
-  spec.add_dependency 'graphql', '~> 1.11'
+  spec.add_dependency 'graphql'
   spec.add_dependency 'oj'
   spec.add_dependency 'rack', '~> 2.2'
 
@@ -36,6 +36,6 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'rake'
   spec.add_development_dependency 'rspec'
   spec.add_development_dependency 'rubocop'
-  spec.add_development_dependency 'rubocop-performance'
+  spec.add_development_dependency 'rubocop-rake'
   spec.add_development_dependency 'rubocop-rspec'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rack-graphql
 version: !ruby/object:Gem::Version
-  version: 2.4.0
+  version: 2.7.0
 platform: ruby
 authors:
 - Krzysztof Knapik
@@ -9,22 +9,22 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-09-30 00:00:00.000000000 Z
+date: 2021-03-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: graphql
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.11'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.11'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: oj
   requirement: !ruby/object:Gem::Requirement
@@ -152,7 +152,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-performance
+  name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -187,12 +187,14 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".bundler-version"
 - ".dependabot/config.yml"
 - ".github/ISSUE_TEMPLATE/bug_report.md"
 - ".github/ISSUE_TEMPLATE/config.yml"
 - ".github/ISSUE_TEMPLATE/story.md"
 - ".github/PULL_REQUEST_TEMPLATE.md"
 - ".github/workflows/auto-approve.yml"
+- ".github/workflows/auto-merge.yml"
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
@@ -232,7 +234,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.2.15
 signing_key:
 specification_version: 4
 summary: Rack middleware implementing graphql endpoint.