json_schemer icon indicating copy to clipboard operation
json_schemer copied to clipboard

Published 20 hours ago verified publisher icon davishmcclurg

Uncaught parse errors during schema validation

Open eapache-opslevel opened this issue 1 year ago • 2 comments

json_schemer version 2.1.1

Trying to validate the following malformed schema:

JSONSchemer.validate_schema({"$schema"=>"https://json-schema.org/draft/2020-12/schema", "type"=>"object", "properties"=>""})

Results in an exception:

/Users/eapache/.rvm/gems/ruby-3.2.2@opslevel/gems/json_schemer-2.1.1/lib/json_schemer/draft202012/vocab/applicator.rb:224:in `parse': undefined method `each_with_object' for "":String (NoMethodError)

            value.each_with_object({}) do |(property, subschema), out|
                 ^^^^^^^^^^^^^^^^^

eapache-opslevel avatar Dec 22 '23 15:12 eapache-opslevel

Hi @eapache-opslevel! Thanks for opening this. You're right—it's broken when schema parsing fails. I think the solution is to not parse the schema fully (should only need $schema) when validation schemas. I need to think about it some more, though. I'm not sure about custom meta schemas.

davishmcclurg avatar Jan 12 '24 04:01 davishmcclurg

Another example from https://github.com/davishmcclurg/json_schemer/issues/174:

>> schemer = JSONSchemer.schema({ "$id" => 1 })
>> schemer.valid_schema?
/Users/dharsha/.asdf/installs/ruby/3.3.0/lib/ruby/3.3.0/uri/rfc3986_parser.rb:177:in `convert_to_uri': bad argument (expected URI object or URI string) (ArgumentError)
	from /Users/dharsha/.asdf/installs/ruby/3.3.0/lib/ruby/3.3.0/uri/generic.rb:1110:in `merge'
	from /Users/dharsha/.asdf/installs/ruby/3.3.0/lib/ruby/3.3.0/uri/rfc3986_parser.rb:141:in `inject'
	from /Users/dharsha/.asdf/installs/ruby/3.3.0/lib/ruby/3.3.0/uri/rfc3986_parser.rb:141:in `join'
	from /Users/dharsha/.asdf/installs/ruby/3.3.0/lib/ruby/3.3.0/uri/common.rb:212:in `join'
	from /Users/dharsha/repos/json_schemer/lib/json_schemer/draft202012/vocab/core.rb:38:in `parse'

davishmcclurg avatar Feb 25 '24 19:02 davishmcclurg

I merged a fix—it'll be released shortly in 2.2.0. Original example now returns an error:

>> JSONSchemer.validate_schema({"$schema"=>"https://json-schema.org/draft/2020-12/schema", "type"=>"object", "properties"=>""}).map { _1.fetch('error') }
=> ["value at `/properties` is not an object"]

JSONSchemer.schema still doesn't support invalid schemas (and likely won't). I don't want every schema object to have to take the hit of validating the provided schema before parsing. When working with schemas that are potentially invalid, it's best to check them with JSONSchemer.valid_schema? first.

Now that I think of it, JSONSchemer::Schema#valid_schema? and JSONSchemer::Schema#validate_schema were probably mistakes to begin with—may want to deprecate in the future.

davishmcclurg avatar Mar 02 '24 21:03 davishmcclurg