Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Should we allow unrecognized fields for the signatures dictionaries?
See original GitHub issueDescription of issue or feature request:
In ADR 8 we follow the Document formats section of the specification and allow unrecognized fields at each level of the metadata files.
The question is do we want to allow unrecognized fields inside the signatures dictionaries?
Are there possible security issues to that?
For context see the specification issue on the matter: https://github.com/theupdateframework/specification/issues/203
Issue Analytics
- State:
- Created 2 years ago
- Comments:9 (5 by maintainers)
Top Results From Across the Web
Managing objects with unknown structures in TypeScript using ...
We look into various options on how to handle an object that has a structure we don't know. We use index signatures and...
Read more >java - Jackson with JSON: Unrecognized field, not marked as ...
If you want to ignore any non declared property, you should write: ... I got the error "Unrecognized field.. not marked as ignorable.."....
Read more >JSON deserialization converts dots in field names to ... - GitHub
As a workaround I would suggest using fields.Dict if you can. ... This way the dots won't be converted when unknown=INCLUDE .
Read more >Index Signatures in TypeScript - Dmitri Pavlutin
Index signatures in TypeScript let's you annotate objects of unknown structure.
Read more >Building type-safe dictionaries in Typescript | by Dan Rumney
Generally, I would recommend that you use an indexed object or Record for a complete dictionary. The notation is a little more compact...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Metadata.signatures: this does not make sense. signatures is an array and the items are clearly defined as Signature objects (Signature objects are not named in the specification but the content is defined).To complete the options here: If we allow unrecognised_fields in Signature then there’s nothing preventing allowing them in Metadata itself as well.