Fix dangerous destructuration in typescript-nestjs services #20157
Conversation
There was a problem hiding this comment.
Can we add an example resource that shows this behavior and ideally also fails the type check if this is ever broken again? I think this is quite fragile and from time to time people might destructure without thinking about reserved names, so it would be good to cover it with a resource that has some reserved words as parameters?
|
@joscha I've updated with a new sample that should break in case of destructuration. Let me know if there's more to add/change 😃 |
| * @type {string} | ||
| * @memberof DefaultServiceTestReservedParamNames | ||
| */ | ||
| readonly from: string |
There was a problem hiding this comment.
Are these not expected to be quoted? I think some other models also use a sanitized name prefixed with a _ - @macjohnny ?
There was a problem hiding this comment.
I'm not sure to understand what you mean by quoted here
There was a problem hiding this comment.
Sorry, like this: https://stackoverflow.com/questions/43124403/is-there-a-way-to-escape-and-use-reserved-words-in-typescript-class-definitions
And an example of the (automatically added) prefix: https://github.com/planet-a-ventures/affinity-node/blob/main/src%2Fv2%2Fgenerated%2Fmodels%2FEmail.ts#L33
You can see that the properties in the typescript generator are also all quoted by default.
There was a problem hiding this comment.
I've added the quotes.
I saw how sanitized names works with the reservedWords Set, I'm not sure from should be considered as a reserved word here as it's not a problem anymore after the modifications. But if you confirm you want it added to the reservedWords I can add it
There was a problem hiding this comment.
in general its better to add to the reserved keywords instead of the modifications you suggest, since there are many places where variables are used, so the code change is rather extensive and complicates the templates.
There was a problem hiding this comment.
once it is a reserved word, the destructure wouldn't be an issue anymore, would it? I am not 100% clear on how the resverved words work, yet, sorry.
There was a problem hiding this comment.
the reserved keyword would be instead of the quotes, which will prefix the variable with an underscore, e.g. _from. however, for the model this makes it differ from what the server actually sends, so probably for the model the quotes are fine. i would suggest to keep this PR as small as possible and only fix one thing at a time, to make it easier to review
There was a problem hiding this comment.
From what I understand if we add it to the reserved keywords it will be changed in the model too. Or there is a way to get a non-sanitized name in the model ?
There was a problem hiding this comment.
you are right, adding to the reserved keywords changes it for the model as well. you could apply the same as in
There was a problem hiding this comment.
Ok thank you ! I will adapt my changes as soon as possible
Closes #20156
PR checklist
Commit all changed files.
This is important, as CI jobs will verify all generator outputs of your HEAD commit as it would merge with master.
These must match the expectations made by your contribution.
You may regenerate an individual generator by passing the relevant config(s) as an argument to the script, for example
./bin/generate-samples.sh bin/configs/java*.IMPORTANT: Do NOT purge/delete any folders/files (e.g. tests) when regenerating the samples as manually written tests may be removed.
master(upcoming7.x.0minor release - breaking changes with fallbacks),8.0.x(breaking changes without fallbacks)TypeScript committee members: @TiFu (2017/07) @taxpon (2017/07) @sebastianhaas (2017/07) @kenisteward (2017/07) @Vrolijkx (2017/09) @macjohnny (2018/01) @topce (2018/10) @akehir (2019/07) @petejohansonxo (2019/11) @amakhrov (2020/02) @davidgamero (2022/03) @mkusaka (2022/04) @joscha (2024/10)