Comments (14)
Can i work on this, if its not assigned to anyone else?
from concerto.
@rajatrawataku1 by all means.
What I expect to happen is that the outputs of execution (contract state, response and emits) should all be validated, and a runtime error thrown if validation fails. Perhaps @jeromesimeon has some pointers?
from concerto.
Thanks @rajatrawataku1 and @mttrbrts I would actually first look at this exact same issue in Concerto (https://github.com/accordproject/concerto). I wouldn't be surprised that serialising from a Concerto object with +/-Infinity
or NaN
yields a JSON with a null
. If so that would be the right place to fix this IMO.
from concerto.
A bit of a review of concerto about this. The internals seem sound, using parseFloat
and should round trip properly. It's possible that the best approach might be to delay the check all the way to JSON.stringify
.
This could be done along the lines of: https://stackoverflow.com/questions/21896792/force-json-stringify-to-emit-nan-infinity-or-js-json-lib-that-does-so
I would simply raise an error for NaN
Infinity
and -Infinity
, something like:
bash-3.2$ cat test.js
const json1 = {
'foo': 'hello!',
'bar': [ 1, 2, 3 ]
};
const json2 = {
'foo': 'hello!',
'bar': [ 1, 2, NaN ]
};
function safeStringify(input) {
return JSON.stringify(input, function (key, value) {
if (value !== value) {
throw new Error('Cannot export NaN to JSON')
}
if (value === Infinity) {
throw new Error('Cannot export Infinity to JSON');
}
if (value === -Infinity) {
throw new Error('Cannot export -Infinity to JSON');
}
return value;
});
}
console.log(JSON.stringify(json1));
console.log(safeStringify(json1));
console.log(JSON.stringify(json2));
console.log(safeStringify(json2));
bash-3.2$ node test.js
{"foo":"hello!","bar":[1,2,3]}
{"foo":"hello!","bar":[1,2,3]}
{"foo":"hello!","bar":[1,2,null]}
/Users/jeromesimeon/git/concerto/test.js:13
throw new Error('Cannot export NaN to JSON')
^
Error: Cannot export NaN to JSON
at Array.<anonymous> (/Users/jeromesimeon/git/concerto/test.js:13:19)
at JSON.stringify (<anonymous>)
at safeStringify (/Users/jeromesimeon/git/concerto/test.js:11:17)
at Object.<anonymous> (/Users/jeromesimeon/git/concerto/test.js:31:13)
at Module._compile (module.js:653:30)
at Object.Module._extensions..js (module.js:664:10)
at Module.load (module.js:566:32)
at tryModuleLoad (module.js:506:12)
at Function.Module._load (module.js:498:3)
at Function.Module.runMain (module.js:694:10)
The benefit of that approach (and delaying the check to JSON.stringify) is that applications using the API would be able to handle results or inputs that include the full range of IEEE 754 values.
from concerto.
@rajatrawataku1 would you still feel up to the task?
This should include a review of everywhere we use JSON.stringify
and maybe to put the variant above in a common utility file e.g., https://github.com/accordproject/ergo/blob/master/packages/ergo-compiler/lib/util.js
from concerto.
Moving this back to open after 7 days.
from concerto.
@mttrbrts Any thoughts on my alternative suggestion? Would you see any benefit in doing this at validation time rather than serialization time?
from concerto.
Could I take a shot at this? I'm new to this project, and would appreciate some guidance!
from concerto.
Could I take a shot at this? I'm new to this project, and would appreciate some guidance!
Sure @coderkalyan ! There is already quite a lot of details in this thread. Does it make sense to you, or which part is unclear?
from concerto.
@coderkalyan yes, please feel free to pick this up. @jeromesimeon's approach is correct.
IMO, the correct place to fix this is in the ResourceValidator in Concerto
If we raise validation errors for NaN
, +Infinity
, and -Infinity
, we can detect these elsewhere in the stack.
from concerto.
No activity on this for a while, I'm releasing the ownership for now.
from concerto.
A fix for this issue, by changing toJSON
call in the serializer to raise a validation error when the Double is NaN
, Infinity
or -Infinity
is available for review in PR #161.
from concerto.
A fix for this issue, by changing
toJSON
call in the serializer to raise a validation error when the Double isNaN
,Infinity
or-Infinity
is available for review in PR #161.
That fix has been refactored to be done in the resourcevalidator
rather than the jsongenerator
class, as suggested by @mttrbrts. This provides better and more consistent error messages.
from concerto.
Fixed based on proposal in #161 in the 1.0
branch
from concerto.
Related Issues (20)
- Declaration validation uniqueness check is O(n^2)
- > We should make this consistent with what we are doing for other type references, e.g. TypeIdentifier for super class. What does that look like?
- Need a method to resolve type inference for decorators with type references HOT 17
- Throw error on validation of model with decorators with type reference if type not present HOT 5
- Support for References in Map values HOT 10
- Refactor declaration uniqueness check
- Performance updates for uniqueness checks
- Namespaces vulnerable to ReDoS HOT 1
- Fix breaking chnages coming up from lerna
- Create a linter for Concerto HOT 14
- Semantic Validation Rules
- Type Utility Functions (e.g. `Partial`,`Omit`) HOT 2
- Add error codes to property validation errors HOT 2
- Fix `no such file or directory error` inside in decoratormanager.js Test File
- Standardize/localize error messaging
- Make `accept` methods of introspection classes public HOT 1
- Factory doesn't generate empty entities HOT 1
- Make serializer option `strictQualifiedDateTimes` default behaviour
- Extends support for enum declarations HOT 3
- LocalDateTime
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from concerto.