Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Collect unknown keywords as annotations #987

Merged
merged 2 commits into from
Sep 26, 2020
Merged

Collect unknown keywords as annotations #987

merged 2 commits into from
Sep 26, 2020

Conversation

handrews
Copy link
Contributor

@handrews handrews commented Sep 6, 2020

And try to avoid memory exhaustion attacks, which were possible
even with out this change but potentially more likely to happen
by accident with it (e.g. unrecognized applicator with a very
large subschema).

Fixes #698.

@handrews handrews added this to the draft-08-patch1 milestone Sep 6, 2020
@karenetheridge
Copy link
Member

Thank you, this resolves an inconsistency in the 2019-09 specification document which indicates that the 'format' vocabulary should default to disabled, yet we should still collect the keyword value as an annotation (which requires implementations to special-case 'format' evaluation as "always evaluate this keyword, even if the vocabulary is false, but now the vocabulary boolean specifies only whether the validation check should be performed").

@handrews
Copy link
Contributor Author

@karenetheridge yeah, if format is "unknown" (and "vaguely known but not entirely supported" can be lumped in with "unknown", collecting it now matches the default behavior. There's still the awkward "best effort" validation support option but we're stuck with that for now as it's what is realistically implemented today and there aren't yet viable alternatives.

@handrews
Collect unknown keywords as annotations
cad29ac 
And try to avoid memory exhaustion attacks, which were possible
even with out this change but potentially more likely to happen
by accident with it (e.g. unrecognized applicator with a very
large subschema).
@handrews
More collect unknown keywords as annotations
b8dc783 
I seem to have missed the majority of references in the previous
commit.
@Relequestual Relequestual merged commit dc9e8a8 into json-schema-org:master Sep 26, 2020
@handrews handrews deleted the def-annot branch September 28, 2020 01:46
@karenetheridge karenetheridge mentioned this pull request Nov 10, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Relequestual Relequestual Relequestual approved these changes

Assignees
No one assigned
Labels
core Priority: Critical
Projects
None yet
Milestone
draft-08-patch1 (draft 2020-12)
Development

Successfully merging this pull request may close these issues.

Should unknown keywords be collected as annotations?
3 participants
@handrews @karenetheridge @Relequestual