This repository has been archived by the owner on Sep 1, 2024. It is now read-only.
objectOf should not require hasOwnProperty to be a function
#183
Comments
|
This is a good fix; not because null objects are reasonable or because almost anyone would use them, but because |
|
I am getting the same warning when defining this prop-type validation: PropTypes.shape({
pathname: PropTypes.string.isRequired,
query: PropTypes.objectOf(PropTypes.string),
}),And when the passed value is: It results in this error: However, if I only use PropTypes.shape({
pathname: PropTypes.string.isRequired,
query: PropTypes.object,
})it works fine as pointed out in the issue description. Observed with |
|
Any updates on it? I also faced the same issue, when validating object, created with |
|
#187 is approved and solves this. It's waiting for a merge still. |
MichaelBuessemeyer
added a commit
to scalableminds/prop-types
that referenced
this issue
May 17, 2024
* Include CI for master branch and PR's In accordance with facebook#19, includes config for TravisCI to run test reports on the master branch and PR's to the master branch. - Includes .travis.yml config file - Includes current CI status badge in README Closes facebook#19. * Point readme to correct docs for production builds (facebook#153) After an update to the docs, the production build was pointing to an outdated link. This commit directs the link to the appropriate location in the React docs. * 15.6.1 * Add 15.6.1 to CHANGELOG * Updated vars with consts and lets in PropTypesProductionReact15-test.js * Updated vars to consts and lets in PropTypesDevelopmentReact15.js * Updated vars to consts and lets in PropTypesDevelopmentStandalone-test.js * Updated vars to consts and lets in PropTypesProductionStandalone-test.js * Add example for `PropTypes.exact` * Show that shapes can have required properties * Move explanation of `isRequired` and show it in `PropTypes.shape` * Remove trailing spaces * Remove fbjs dependency * Preserve "Invariant Violation" name * 15.6.2 * .com * Add support for objects with a null prototype in objectOf * Replace `hasOwnProperty` with the more robust "has" package * Revert "Replace `hasOwnProperty` with the more robust "has" package" This reverts commit e6a9b28. * Inline the `has` module * missed semicolon * [Tests] use componentName in getPropTypeWarningMessage instead of hard-coded testComponent * [Fix] Fix `oneOf` when used with Symbols - Fixes error due to an attempt to coerce a Symbol to a string - Improves formatting of the "expected" portion of the generated warning, outputting for example `["Symbol(A)","Symbol(B)"]` rather than `[null,null]` Fixes facebook#10 * Completely remove envify in favor of loose-envify Closes facebook#203. * [New] Add `.elementType` * Add license to readme * [Fix] Support validation when hasOwnProperty is not in prototype Closes facebook#183; relates to facebook#112. * [Docs] fix relative release date to be absolute * [Docs] Fix typo in example * [New] add `PropTypes.resetWarningCache` * [dev deps] update `loose-envify` * `oneOf`: improve warning when multiple arguments are supplied Adds a different warning message for multiple arguments supplied to oneOf. A common mistake is to write oneOf(x, y, z) instead of oneOf([x, y, z]) and this should help developers identifying the error. * [changelog] update repo links * v15.7.0 * [Fix] avoid template literal syntax Fixes facebook#255. Fixes facebook#254. * v15.7.1 * [Tests] add `eslint`; run more travis tests * [Tests] run tests with multiple react versions * [Fix] move `loose-envify` back to production deps, for browerify usage Fixes facebook#203 * [Tests] add additional passing tests * [Fix] ensure nullish values in `oneOf` do not crash Fixes facebook#256. * [dev deps] update `browserify` * v15.7.2 * [Docs] Improve wording for `checkPropTypes` * [Docs] `PropTypes.node`: add link to react docs Fixes facebook#154. * [meta] use `in-publish` to avoid running the build on install * `checkPropTypes`: Friendlier message when using a type checker that is not a function * [Tests] test the build process * [New] Add type check for validator for 'shape' and 'exact' Fixes facebook#220. * [Tests] fix broken tests * [Refactor] extract `has` * [Docs] Add instructions for intentional inclusion of validation in production. * [New] `oneOfType`: Add expected types to warning Adds data object to returned error in checker so that the expected types can be accessed from within oneOfType check. Also, updates the tests slightly. Fixes facebook#9. * [Tests] Fixed typo: 'Any type *should* accept any value' * [Dev Deps] update `eslint` * [Deps] update `react-is` * [Dev Deps] update `browserify`, `bundle-collapser`, `react`, `uglifyify`, `uglifyjs` * [Docs] Typo fix in example Reverts an incorrect typo fix made in facebook#248. Closes facebook#299 * [Tests] Fix spelling * doc: highlighted the func name (facebook#321) * [readme] Clarify usage of `elementType` Closes facebook#334. * [Dev Deps] update `bundle-collapser`, `eslint`, `in-publish`, `react` * [Deps] update `react-is` * Add a package `sideEffects` field. * Bump sshpk from 1.13.1 to 1.16.1 Bumps [sshpk](https://github.com/joyent/node-sshpk) from 1.13.1 to 1.16.1. - [Release notes](https://github.com/joyent/node-sshpk/releases) - [Commits](TritonDataCenter/node-sshpk@v1.13.1...v1.16.1) Signed-off-by: dependabot[bot] <support@github.com> * Use GH Actions This migrates to a more accessible platform * [eslint] enable some rules Additional ESLint rules: "no-multi-spaces": ["error"], "key-spacing": ["error"] "no-multi-spaces" - Disallow multiple spaces; "key-spacing" - Enforce consistent spacing between keys and values in object literal properties; * Bump path-parse from 1.0.6 to 1.0.7 Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/jbgutierrez/path-parse/releases) - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) --- updated-dependencies: - dependency-name: path-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump tmpl from 1.0.4 to 1.0.5 Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. - [Release notes](https://github.com/daaku/nodejs-tmpl/releases) - [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5) --- updated-dependencies: - dependency-name: tmpl dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * [deps] regenerate yarn.lock * [readme] Fix branch name (master -> main) * [Dev Deps] update `eslint` * [New] add `PropTypes.bigint` Closes facebook#355 * v15.8.0 * [Tests] do not fail fast; add react 17 * [meta] Fix formatting in CHANGELOG.md * [Tests] convert normal `it` functions to arrow functions * [Tests] add missing test coverage * [Fix] fix crash when a custom propType return lacks `.data`; call `hasOwnProperty` properly Fixes facebook#369 * [Dev Deps] update `eslint` * v15.8.1 * docs: add GH button in support of Ukraine (facebook#375) ## Summary Our mission at Meta Open Source is to empower communities through open source, and we believe that it means building a welcoming and safe environment for all. As a part of this work, we are adding this banner in support for Ukraine during this crisis. * [Deps] `yarn upgrade` * build: harden ci.yml permissions Signed-off-by: Alex <aleksandrosansan@gmail.com> * Bump semver from 5.7.1 to 5.7.2 Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) --- updated-dependencies: - dependency-name: semver dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump ua-parser-js from 0.7.32 to 0.7.33 Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.32 to 0.7.33. - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/changelog.md) - [Commits](faisalman/ua-parser-js@0.7.32...0.7.33) --- updated-dependencies: - dependency-name: ua-parser-js dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * remove production env tests as we do not have any production env tests * update --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Alex <aleksandrosansan@gmail.com> Co-authored-by: Joe Fraley <joefraley@protonmail.com> Co-authored-by: Quinn Stearns <quinn@datahost.com> Co-authored-by: Brandon Dail <brandondail@fb.com> Co-authored-by: Brandon Dail <aweary@users.noreply.github.com> Co-authored-by: Barry <barry@iplatform.co.za> Co-authored-by: Christian Paul <info@jaller.de> Co-authored-by: Dan Abramov <dan.abramov@gmail.com> Co-authored-by: Julien Mourer <getkey@getkey.eu> Co-authored-by: ksmolniy <k.smolniy@gmail.com> Co-authored-by: C. T. Lin <chentsulin@gmail.com> Co-authored-by: Jim Fitzpatrick <fitzpatrick.jim@gmail.com> Co-authored-by: Augustin Trancart <augustin.trancart@oslandia.com> Co-authored-by: Benoit Tremblay <trembl.ben@gmail.com> Co-authored-by: Dominik Ferber <dominik.ferber@gmail.com> Co-authored-by: Joseph A. Szczesniak <NukaPunk@users.noreply.github.com> Co-authored-by: Troy Rhinehart <troy.rhinehart@gmail.com> Co-authored-by: Patrick Way <patrick.way@intersection.com> Co-authored-by: Jordan Harband <ljharb@gmail.com> Co-authored-by: Wojciech Maj <kontakt@wojtekmaj.pl> Co-authored-by: NoScripter <noscripter@users.noreply.github.com> Co-authored-by: Gregory Desfour <gregory.desfour@accedo.tv> Co-authored-by: Asbjørn Hegdahl <asbjorn.hegdahl@creuna.no> Co-authored-by: NoScripter <mhz_xz_tc@126.com> Co-authored-by: rgraffbrd <31221247+rgraffbrd@users.noreply.github.com> Co-authored-by: Josh Alling <joshralling@gmail.com> Co-authored-by: weiluntong <weiluntong.inbox@gmail.com> Co-authored-by: Conrad Buck <conrad@plangrid.com> Co-authored-by: Mark McCann <mail@markmccann.me> Co-authored-by: John Bampton <jbampton@users.noreply.github.com> Co-authored-by: Haseeb Khan <haseebasif97@gmail.com> Co-authored-by: G Roques <groques360@gmail.com> Co-authored-by: Jayden Seric <me@jaydenseric.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Paul O’Shannessy <paul@oshannessy.com> Co-authored-by: Konstantin Popov <konst.hardy@gmail.com> Co-authored-by: Dmitry Vinnik <dmitryvinn@users.noreply.github.com> Co-authored-by: Alex <aleksandrosansan@gmail.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
When using objects as dictionaries, and to avoid littering code with
hasOwnPropertychecks, it can be useful to useobject = Object.create(null)instead ofobject = {}when creating the object.Unfortunately, this causes the
PropTypes.objectOfchecker to throw:as the code assumes that every value will have an
hasOwnPropertymethod in its prototype chain:prop-types/factoryWithTypeCheckers.js
Line 305 in 01634d9
In my case, I will have to work around it by using a regular object and refactor the rest of my own code to do the same
hasOwnPropertycheck.I would still argue that this is a bug and needs to be fixed. When checking that a value is an object where every own key maps to a value of a certain type, it is self-contradictory that the code simultaneously requires that one specific key is going to map to a function. What was supposed to check that the value is a dictionary of a specific type now risks crashing the app when that is the case.
Imagine the case where the object is truly being used as a dictionary, even with a regular
{}object, what's to stop the key"hasOwnProperty"to map to some other value? Malicious users might even cause a component to crash for other users by exploiting this.The text was updated successfully, but these errors were encountered: