[Security Solution][Alerts][Rules] Force optional fields to be accounted for in conversion to rule response schema #136910
Labels
8.5 candidate
Team:Detection Alerts
Security Detection Alerts Area Team
Team:Detection Rule Management
Security Detection Rule Management Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
technical debt
Improvement of the software architecture and operational architecture
Comments
marshallmain
added
technical debt
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
1 task
10 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
#136774 fixes a bug where an optional field was missed in the conversion between the internal rule schema and the HTTP API response schema. The internal schema defines all optional fields as
[field]: <type> | undefinedinstead of truly optional like[field]?: <type>, which causes a type error in the conversion function between HTTP request and internal schema if a field is not explicitly accounted for in the conversion function. (example: try removingsavedIdfrom the conversion function here - TS reports an error)However, the response schema uses
t.partialon the optional fields still, which means that when converting between internal schema and HTTP response, optional fields can be completely omitted from the conversion function. In this case when the optional field does actually have a value, it won't be included in the response.Ideally, we should have the response schema use a similar mechanism to the internal schema to enforce all fields being accounted for when converting from internal to response schema.
The text was updated successfully, but these errors were encountered: