Closed mitcharene closed 2 years ago
Hello,
I had issues when trying to test this parameter: I was unable to set automatic tests on this subject.
I'll check all this again.
Or set a default max value to maxInt, as obviously, there would be not attack in the plugin's use case.
Étienne
I did several tests with the maxTokens parameter, including one with the same configuration as yours.
I could check the maxTokens parameter is properly managed.
My test was to put this parameter to 1. And I got the error saying that there are than 1 token.
But...
When I removed the maxTokens, gradle still remembered the 1 value. Which is very strange. And killing the daemon would correct the issue.
Can you check after killing the gradle daemon ? (after a reboot, for instance, to be sure)
Étienne
I have another question: what is your gradle version?
And can you provide the schema that generates this error?
Thanks @etienne-sf for looking at this. To answer your questions:
gradleVersion = 7.4.2
Can you check after killing the gradle daemon ? (after a reboot, for instance, to be sure)
I've tried this (with gradle --stop
and running gradle --no-daemon clean build
just make sure no old config setting gets reused), but I'm still facing the issue. I was able to build once and it did seem related to gradle not picking up my updated config but I am unable to repro a successful build.
And can you provide the schema that generates this error?
Unfortunately I cannot. It is proprietary
Or set a default max value to maxInt, as obviously, there would be not attack in the plugin's use case.
I think this is a reasonable approach to unblock me while we work to figure out the issue with the config. As a comparison, Netflix's DGS CodeGen uses maxInt
Let me know how I can further assist
Hi. I meet this problem on GitHub graphql scheme. https://docs.github.com/public/schema.docs.graphql
I tried all advice on the topic, and it didn't help. Maybe I can build a config object in gradle.build manually?
The limit of 15000 is not in the plugin's code, but in the graphql-java dependency.
As in all my tests, the value provided in the gradle conf is propagated into this dependency, I think there is an issue somewhere else.
I'll deliver a release, with the maxTokens default value set to the maximum integer value. As the schema parsing is done at compile time, the protection in graphql-java doesn't seem to be useful.
This should solve this issue.
Étienne
The correction is available in the new release (1.18.7)
Despite setting maxTokens to a very high number in
generateClientCodeConf
, my build still fails due to the 15000 token limitIDE = IntelliJ graphQLPluginVersion = 1.18.6