Conversation
- same as json_schemer
- Fixes #4
- installs 0 byte cache
Updated security contact information and reporting process.
There was a problem hiding this comment.
Pull request overview
This PR represents a complete rewrite of the json-fuzz-generator gem, renaming it to json_schemer-fuzz and rebuilding it on top of the modern json_schemer library instead of the unmaintained json-schema gem. The rewrite changes the namespace from JSON::Fuzz::Generator to JSONSchemer::Fuzz and updates all implementation and test files accordingly.
Changes:
- Complete rewrite of the library using
json_schemeras the underlying JSON Schema validator - Namespace change from
JSON::Fuzz::GeneratortoJSONSchemer::Fuzz - Updated gem infrastructure including gemspec, CI/CD workflows, documentation, and tooling
Reviewed changes
Copilot reviewed 100 out of 119 changed files in this pull request and generated 15 comments.
Show a summary per file
| File | Description |
|---|---|
| lib/json_schemer/fuzz.rb | Main module with generate and default_param methods |
| lib/json_schemer/fuzz/version.rb | Version module for the gem |
| lib/json_schemer/fuzz/primitive_type/*.rb | Primitive type generators (array, boolean, integer, null, number, object, string) |
| lib/json_schemer/fuzz/keyword/*.rb | Keyword-specific generators (all_of, any_of, format, etc.) |
| spec/json_schemer-fuzz_spec.rb | Comprehensive test suite |
| spec/spec_helper.rb | Test configuration with json_schemer integration |
| json_schemer-fuzz.gemspec | Gem specification with dependencies |
| Various config files | CI/CD, linting, coverage, and development tooling |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| # Generate valid data | ||
| def default_param(schema) | ||
| schema = JSON.parse(open(schema).read) if schema.instance_of?(String) |
There was a problem hiding this comment.
Using Kernel#open is a serious security risk. Consider using File.read or URI.open with explicit handling instead.
| raise "No multipleOf keyword given: #{attributes}" unless multiple_of | ||
|
|
||
| string_num = multiple_of.to_s | ||
| demicals = (string_num.split(".").length == 2) ? string_num.split(".")[-1].length : 0 |
There was a problem hiding this comment.
The typo "demicals" should be corrected to "decimals".
| template = JSONSchemer::Fuzz.default_param(attributes) | ||
|
|
||
| while template.size > max_properties | ||
| requred_keys = attributes["required"] || [] |
There was a problem hiding this comment.
The typo "requred" should be corrected to "required".
| generated_params << invalid_param | ||
| end | ||
| elsif schema.key?("$ref") | ||
| raise "not impremented yet" |
There was a problem hiding this comment.
The typo "impremented" should be corrected to "implemented".
| elsif schema.key?("items") | ||
| generators("array").valid_param(schema) | ||
| elsif schema.key?("$ref") | ||
| raise "not impremented yet" |
There was a problem hiding this comment.
The typo "impremented" should be corrected to "implemented".
| raise "No minProperties keyword given: #{attributes}" unless min_properties | ||
|
|
||
| generated_params = [] | ||
| invalid_param = {} |
There was a problem hiding this comment.
This assignment to invalid_param is useless, since its value is never read.
| generated_params = [] | ||
|
|
||
| if type = attributes["type"] | ||
| valid_types = [type].flatten |
There was a problem hiding this comment.
This assignment to valid_types is useless, since its value is never read.
| def invalid_params(attributes) | ||
| generated_params = [] | ||
| if type = attributes["type"] | ||
| valid_types = [type].flatten |
There was a problem hiding this comment.
This assignment to valid_types is useless, since its value is never read.
2 participants
See voxpupuli/json-schema#423 (comment)
I'm mostly opening this for visibility, as I think it makes sense to use a piggy-backed namespace like
json_schemer-fuzzinstead of the one used here. Since this is a rewrite and changing the underlying core dependency I'm not sure if it makes sense to keep the new code under this old namespace.I also have no expectations that this will be merged, though I have already found and fixed several bugs.