Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[RFC] Default to unknown=EXCLUDE?

See original GitHub issue

Question raised in #480.

unknown=RAISE may be a nice default in marshmallow but it can be cumbersome to change in webargs.

In practice it is mostly useful in body payload.

I wouldn’t use it in query args, for instance, because by construction of the framewok, there may be several layers of decorators adding different fields to parse.

In flask-smorest, I added a doc section to explain it but it is still surprising for the user (see https://github.com/marshmallow-code/flask-smorest/issues/145).

While the base schema is the way to go in marshmallow and is convenient once you are familiar with this logic, it is not practical to with arguments defined with dict2schema.

I guess in practice, dict2schema is used mostly for arguments with a few fields (typically query args) while the schema form is adapted to huge schemas (typically json body). Using EXCLUDE as default would make the dict2field form work while the user could easily opt-in to RAISE when using the schema form.

Should we change the default to EXCLUDE in a major release and let the user opt-in to RAISE?

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:10 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
sirosencommented, Sep 11, 2020

This is done in dev and will be part of the 7.0.0 release. It’s available in the current beta.

For anyone reading this thread: we went with a per-location approach after all. Parsers have DEFAULT_UNKNOWN_BY_LOCATION with per-location defaults. You can read about it in the changelog or this new section of the advanced usage docs.

1reaction
sirosencommented, Apr 29, 2020

I think the simplest solution is to just add unknown=None (as the default) to Parser.parse, and then pass any non-None value when we do the schema load.

https://github.com/marshmallow-code/webargs/blob/68f8d83b128b199e6795583d5c4bc279a64d0cb1/src/webargs/core.py#L260

becomes

load_kwargs = {}
if unknown is not None:
    load_kwargs["unknown"] = unknown
result = schema.load(location_data, **load_kwargs)

With no change in defaults for dict2schema.

That solves it because you can specify unknown and we don’t have to worry about what kind of schema was used. It’s only important for dict2schema, but it would work fine for full schemas as well.

If webargs itself adds a default for unknown in dict2schema built-in, that’s fine – we could default to EXCLUDE and I’d be okay with that – but I think we then need to be able to specify non-default values somehow. I think the above might be the best way to do it because it’s easy on us (to maintain) and provides a pretty good experience for developers.

I keep on thinking up “clever” ideas, like having a location_to_default_unknown_value_map to tell us headers => EXCLUDE, body => RAISE, .... But then we run into trouble trying to make a nice interface for applying any fancy logic like that. I’d rather just skip it and make dict2schema always do the same thing and let users pass unknown in their parse and use_args calls.

Read more comments on GitHub >

github_iconTop Results From Across the Web

RFC 6020: YANG - A Data Modeling Language for the ...
1. The leaf's default value The default value of a leaf is the value that the server uses if the leaf does not...
Read more >
Advanced Usage - webargs 8.2.0 documentation
Default unknown #. By default, webargs will pass unknown=marshmallow.EXCLUDE except when the location is json , form , json_or_form , or path ....
Read more >
RFC-0033: Handling of unknown fields and strictness - Fuchsia
This guarantees that messages will be received with no unknown fields, by rejecting them during validation. Default extensible messages to be flexible, ...
Read more >
Authoritative Server Settings - PowerDNS Documentation
ignore -unknown-settings ¶. New in version 4.5.0. Setting names, separated by commas; Default: empty. Names of settings ...
Read more >
Excluding signatures in application control profiles
In an application control list, the exclusion option allows users to specify a list of applications they wish to exclude from an entry...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Passing array in query via axios

Next page

'Not a valid tuple.' when trying to use marshmallow fields.Tuple for argument validation