Upgrade schemathesis to v3.0.0 and fix all test failures#370
Open
cmil wants to merge 7 commits into
Open
Conversation
Merging this PR will leave 6 of 35 operations untested. Please review.
❌ Untested (6)
🔴 Tested (29)
19 more
Powered by TraceCov v0.21.2 schemathesis 4.22.3 | http://localhost:8081/exist/restxq/v1/openapi.yaml |
efe2714 to
b605432
Compare
Upgrade schemathesis/action from v1.1.1 to v3.0.0 (pinned by SHA), using the new dedicated `authorization` input and dropping the obsolete `--workers` flag. Fix server errors exposed by schemathesis v2+ when duplicate query parameters (e.g. ?sex=null&sex=null) are sent: RESTXQ binds these as a sequence, causing XQuery runtime errors in boolean and string contexts. Normalize all affected query params to a single value with [1] at the start of each function body in api.xqm and dts.xqm. Closes #328
- Switch schemathesis to --mode positive to suppress QUERY-method fuzzing
that caused eXist-db 500 responses
- Add --request-timeout 30 to handle slow Wikidata SPARQL responses
- Constrain /character/{id} to pattern ^Q[0-9]+ to reject non-Wikidata IDs
- Validate ?include= param in /corpora, return 400 on unknown values
- Fix /dts/collection?nav=parents 500 by guarding against missing corpus
(returns 404) and restricting nav enum to [parents]
- Ignore incomplete ref/start/end combinations in DTS document and
navigation endpoints instead of returning 400
- Default DTS navigation to down=1 when no navigation param is supplied
- Add minLength: 1 to DTS resource param to prevent empty-string inputs
Since we may introduce other test suites (e.g. DTS) in the future a more specific name seems like a good idea.
7c1d061 to
eba8e16
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
v3.0.0(pinned by commit hash)--mode positive) to prevent HTTP method fuzzing (e.g. QUERY) that caused eXist-db 500 errorsAPI fixes
/character/{id}— constrains theidpath parameter to^Q[0-9]+so non-Wikidata IDs are rejected with 400 rather than passing schema validation/corpora?include=— validates theincludequery parameter server-side; unknown values return 400/dts/collection?nav=parents— fixes a 500 cardinality error when a play ID is not in the test corpus; returns 404 instead; restricts thenavparameter enum to[parents]/dts/navigationand/dts/document— makes cross-parameter handling more lenient:reftakes precedence overstart/end; incomplete ranges (one ofstart/endmissing) are silently ignored; bareresourcewithout any navigation parameter defaults todown=1/dts/documentand/dts/navigation— addsminLength: 1to theresourceparameter schema so schemathesis does not generate empty-string inputsTest infrastructure
test/test.json(missing corpus fixture used by CI)test/schemathesis.shto match CI flags🤖 Generated with Claude Code