Skip to content

Commit

Permalink
Defend against non-serializable params in invariantWrappers (#11861)
Browse files Browse the repository at this point in the history
  • Loading branch information
henryqdineen authored Jun 26, 2024
1 parent 29755da commit 1aed0e8
Show file tree
Hide file tree
Showing 4 changed files with 38 additions and 5 deletions.
5 changes: 5 additions & 0 deletions .changeset/little-weeks-join.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@apollo/client": patch
---

Defend against non-serializable params in `invariantWrappers`
4 changes: 2 additions & 2 deletions .size-limits.json
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{
"dist/apollo-client.min.cjs": 39581,
"import { ApolloClient, InMemoryCache, HttpLink } from \"dist/index.js\" (production)": 32830
"dist/apollo-client.min.cjs": 39604,
"import { ApolloClient, InMemoryCache, HttpLink } from \"dist/index.js\" (production)": 32852
}
22 changes: 22 additions & 0 deletions src/utilities/globals/__tests__/invariantWrappers.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -171,3 +171,25 @@ test("base invariant(false, 6, ...), raises fallback", async () => {
)
);
});

test("base invariant(false, 6, ...) with non-serializable param", async () => {
await using _ = mockErrorMessageHandler();

const obj: any = {};
obj.self = obj;

expect(() => {
invariant(false, 6, obj);
}).toThrow(
new InvariantError(
"An error occurred! For more details, see the full error text at https://go.apollo.dev/c/err#" +
encodeURIComponent(
JSON.stringify({
version: "local",
message: 6,
args: ["<non-serializable>"],
})
)
)
);
});
12 changes: 9 additions & 3 deletions src/utilities/globals/invariantWrappers.ts
Original file line number Diff line number Diff line change
Expand Up @@ -117,9 +117,15 @@ declare global {
}

function stringify(arg: any) {
return typeof arg == "string" ? arg : (
stringifyForDisplay(arg, 2).slice(0, 1000)
);
if (typeof arg == "string") {
return arg;
}

try {
return stringifyForDisplay(arg, 2).slice(0, 1000);
} catch {
return "<non-serializable>";
}
}

function getHandledErrorMsg(
Expand Down

0 comments on commit 1aed0e8

Please sign in to comment.