Skip to content

fix(audits/server): JSON parsing errors format shouldnt be audited #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jan 20, 2023
Merged

fix(audits/server): JSON parsing errors format shouldnt be audited #47

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9803cc5
data entry check is irrelevant
enisdenjo Jan 20, 2023
d266856
docs(implementations): audit report [skip ci]
github-actions[bot] Jan 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 2 additions & 26 deletions implementations/apollo-server/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ _* This report was auto-generated by graphql-http_

# GraphQL over HTTP audit report

- **79** audits in total
- **78** audits in total
- ✅ **53** pass
- ⚠️ **26** warnings (optional)
- ⚠️ **25** warnings (optional)

## Passing
1. SHOULD accept application/graphql-response+json and match the content-type
Expand Down Expand Up @@ -1108,28 +1108,4 @@ The server _SHOULD_ support these, but is not required.
```
</details>

26. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json<br />

<details>
<summary>Response body is not valid JSON</summary>

```json
{
"statusText": "Bad Request",
"status": 400,
"headers": {
"x-powered-by": "Express",
"x-content-type-options": "nosniff",
"date": "<timestamp>",
"content-type": "text/html; charset=utf-8",
"content-security-policy": "default-src 'none'",
"content-length": "1108",
"connection": "close",
"access-control-allow-origin": "*"
},
"body": null
}
```
</details>


4 changes: 2 additions & 2 deletions implementations/apollo-server/report.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"total": 79,
"total": 78,
"ok": 53,
"warn": 26,
"warn": 25,
"error": 0
}
36 changes: 8 additions & 28 deletions implementations/deno/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ _* This report was auto-generated by graphql-http_

# GraphQL over HTTP audit report

- **79** audits in total
- **78** audits in total
- ✅ **35** pass
- ⚠️ **44** warnings (optional)
- ⚠️ **43** warnings (optional)

## Passing
1. MUST accept application/json and match the content-type
Expand Down Expand Up @@ -796,27 +796,7 @@ The server _SHOULD_ support these, but is not required.
```
</details>

38. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json<br />

<details>
<summary>Response body is not valid JSON</summary>

```json
{
"statusText": "Not Acceptable",
"status": 406,
"headers": {
"vary": "Accept-Encoding",
"date": "<timestamp>",
"content-type": "text/plain;charset=UTF-8",
"content-length": "14"
},
"body": null
}
```
</details>

39. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json<br />
38. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json<br />

<details>
<summary>Response status code is not 400</summary>
Expand All @@ -836,7 +816,7 @@ The server _SHOULD_ support these, but is not required.
```
</details>

40. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json<br />
39. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json<br />

<details>
<summary>Response body is not valid JSON</summary>
Expand All @@ -856,7 +836,7 @@ The server _SHOULD_ support these, but is not required.
```
</details>

41. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json<br />
40. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json<br />

<details>
<summary>Response status code is not 400</summary>
Expand All @@ -876,7 +856,7 @@ The server _SHOULD_ support these, but is not required.
```
</details>

42. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json<br />
41. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json<br />

<details>
<summary>Response body is not valid JSON</summary>
Expand All @@ -896,7 +876,7 @@ The server _SHOULD_ support these, but is not required.
```
</details>

43. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json<br />
42. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json<br />

<details>
<summary>Response status code is not 400</summary>
Expand All @@ -916,7 +896,7 @@ The server _SHOULD_ support these, but is not required.
```
</details>

44. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json<br />
43. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json<br />

<details>
<summary>Response body is not valid JSON</summary>
Expand Down
4 changes: 2 additions & 2 deletions implementations/deno/report.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"total": 79,
"total": 78,
"ok": 35,
"warn": 44,
"warn": 43,
"error": 0
}
23 changes: 11 additions & 12 deletions implementations/express-graphql/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ _* This report was auto-generated by graphql-http_

# GraphQL over HTTP audit report

- **79** audits in total
- ✅ **46** pass
- **78** audits in total
- ✅ **45** pass
- ⚠️ **33** warnings (optional)

## Passing
Expand Down Expand Up @@ -43,16 +43,15 @@ _* This report was auto-generated by graphql-http_
34. MUST allow map {extensions} parameter when accepting application/json
35. SHOULD use 4xx or 5xx status codes on JSON parsing failure when accepting application/graphql-response+json
36. SHOULD use 400 status code on JSON parsing failure when accepting application/graphql-response+json
37. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
38. SHOULD use 4xx or 5xx status codes if parameters are invalid when accepting application/graphql-response+json
39. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
40. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
41. SHOULD use 4xx or 5xx status codes on document parsing failure when accepting application/graphql-response+json
42. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
43. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
44. SHOULD use 4xx or 5xx status codes on document validation failure when accepting application/graphql-response+json
45. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
46. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json
37. SHOULD use 4xx or 5xx status codes if parameters are invalid when accepting application/graphql-response+json
38. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
39. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
40. SHOULD use 4xx or 5xx status codes on document parsing failure when accepting application/graphql-response+json
41. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
42. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
43. SHOULD use 4xx or 5xx status codes on document validation failure when accepting application/graphql-response+json
44. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
45. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json

## Warnings
The server _SHOULD_ support these, but is not required.
Expand Down
4 changes: 2 additions & 2 deletions implementations/express-graphql/report.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"total": 79,
"ok": 46,
"total": 78,
"ok": 45,
"warn": 33,
"error": 0
}
23 changes: 11 additions & 12 deletions implementations/graph-client/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ _* This report was auto-generated by graphql-http_

# GraphQL over HTTP audit report

- **79** audits in total
- ✅ **79** pass
- **78** audits in total
- ✅ **78** pass

## Passing
1. SHOULD accept application/graphql-response+json and match the content-type
Expand Down Expand Up @@ -75,14 +75,13 @@ _* This report was auto-generated by graphql-http_
67. SHOULD use 200 status code on document validation failure when accepting application/json
68. SHOULD use 4xx or 5xx status codes on JSON parsing failure when accepting application/graphql-response+json
69. SHOULD use 400 status code on JSON parsing failure when accepting application/graphql-response+json
70. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
71. SHOULD use 4xx or 5xx status codes if parameters are invalid when accepting application/graphql-response+json
72. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
73. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
74. SHOULD use 4xx or 5xx status codes on document parsing failure when accepting application/graphql-response+json
75. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
76. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
77. SHOULD use 4xx or 5xx status codes on document validation failure when accepting application/graphql-response+json
78. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
79. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json
70. SHOULD use 4xx or 5xx status codes if parameters are invalid when accepting application/graphql-response+json
71. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
72. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
73. SHOULD use 4xx or 5xx status codes on document parsing failure when accepting application/graphql-response+json
74. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
75. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
76. SHOULD use 4xx or 5xx status codes on document validation failure when accepting application/graphql-response+json
77. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
78. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json

4 changes: 2 additions & 2 deletions implementations/graph-client/report.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"total": 79,
"ok": 79,
"total": 78,
"ok": 78,
"warn": 0,
"error": 0
}
27 changes: 2 additions & 25 deletions implementations/graphql-helix/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ _* This report was auto-generated by graphql-http_

# GraphQL over HTTP audit report

- **79** audits in total
- **78** audits in total
- ✅ **49** pass
- ⚠️ **30** warnings (optional)
- ⚠️ **29** warnings (optional)

## Passing
1. MUST accept application/json and match the content-type
Expand Down Expand Up @@ -785,27 +785,4 @@ The server _SHOULD_ support these, but is not required.
```
</details>

30. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json<br />

<details>
<summary>Response body is not valid JSON</summary>

```json
{
"statusText": "Bad Request",
"status": 400,
"headers": {
"x-powered-by": "Express",
"x-content-type-options": "nosniff",
"date": "<timestamp>",
"content-type": "text/html; charset=utf-8",
"content-security-policy": "default-src 'none'",
"content-length": "1108",
"connection": "close"
},
"body": null
}
```
</details>


4 changes: 2 additions & 2 deletions implementations/graphql-helix/report.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"total": 79,
"total": 78,
"ok": 49,
"warn": 30,
"warn": 29,
"error": 0
}
23 changes: 11 additions & 12 deletions implementations/graphql-yoga/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ _* This report was auto-generated by graphql-http_

# GraphQL over HTTP audit report

- **79** audits in total
- ✅ **79** pass
- **78** audits in total
- ✅ **78** pass

## Passing
1. SHOULD accept application/graphql-response+json and match the content-type
Expand Down Expand Up @@ -75,14 +75,13 @@ _* This report was auto-generated by graphql-http_
67. SHOULD use 200 status code on document validation failure when accepting application/json
68. SHOULD use 4xx or 5xx status codes on JSON parsing failure when accepting application/graphql-response+json
69. SHOULD use 400 status code on JSON parsing failure when accepting application/graphql-response+json
70. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
71. SHOULD use 4xx or 5xx status codes if parameters are invalid when accepting application/graphql-response+json
72. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
73. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
74. SHOULD use 4xx or 5xx status codes on document parsing failure when accepting application/graphql-response+json
75. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
76. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
77. SHOULD use 4xx or 5xx status codes on document validation failure when accepting application/graphql-response+json
78. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
79. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json
70. SHOULD use 4xx or 5xx status codes if parameters are invalid when accepting application/graphql-response+json
71. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
72. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
73. SHOULD use 4xx or 5xx status codes on document parsing failure when accepting application/graphql-response+json
74. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
75. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
76. SHOULD use 4xx or 5xx status codes on document validation failure when accepting application/graphql-response+json
77. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
78. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json

4 changes: 2 additions & 2 deletions implementations/graphql-yoga/report.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"total": 79,
"ok": 79,
"total": 78,
"ok": 78,
"warn": 0,
"error": 0
}
23 changes: 11 additions & 12 deletions implementations/hotchocolate/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ _* This report was auto-generated by graphql-http_

# GraphQL over HTTP audit report

- **79** audits in total
- ✅ **77** pass
- **78** audits in total
- ✅ **76** pass
- ⚠️ **2** warnings (optional)

## Passing
Expand Down Expand Up @@ -74,16 +74,15 @@ _* This report was auto-generated by graphql-http_
65. SHOULD use 200 status code on document validation failure when accepting application/json
66. SHOULD use 4xx or 5xx status codes on JSON parsing failure when accepting application/graphql-response+json
67. SHOULD use 400 status code on JSON parsing failure when accepting application/graphql-response+json
68. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
69. SHOULD use 4xx or 5xx status codes if parameters are invalid when accepting application/graphql-response+json
70. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
71. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
72. SHOULD use 4xx or 5xx status codes on document parsing failure when accepting application/graphql-response+json
73. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
74. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
75. SHOULD use 4xx or 5xx status codes on document validation failure when accepting application/graphql-response+json
76. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
77. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json
68. SHOULD use 4xx or 5xx status codes if parameters are invalid when accepting application/graphql-response+json
69. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
70. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
71. SHOULD use 4xx or 5xx status codes on document parsing failure when accepting application/graphql-response+json
72. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
73. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
74. SHOULD use 4xx or 5xx status codes on document validation failure when accepting application/graphql-response+json
75. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
76. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json

## Warnings
The server _SHOULD_ support these, but is not required.
Expand Down
4 changes: 2 additions & 2 deletions implementations/hotchocolate/report.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"total": 79,
"ok": 77,
"total": 78,
"ok": 76,
"warn": 2,
"error": 0
}
Loading