wohali commented on issue #1554: Additional Mango-based update handler / VDU functionality URL: https://github.com/apache/couchdb/issues/1554#issuecomment-412977409 @mikerhodes asks: > * What would happen when replicating to older db versions that don't understand some part of the validation (e.g., didn't understand formats part of schema)? Be lenient (ignore bits not understood) or strict (fail validation when can't process the whole set of instructions)? Idea 1: Maybe we need a version field, regardless of what we do with this, if not specified we assume it's the version of whatever the current runtime is Idea 2: Maybe we need a `"fail": "closed|open"` setting per-VDU Idea 3: Maybe we need a server setting in `local.ini` to toggle the same thing The latter 2 come from electronic door locks that generally come with a user-configurable setting for this. > * There's an information leak possible: write-only users can discern document shape by observing error messages for schema. Perhaps an optional throw clause which would allow the user to override default error to prevent this leakage. Well, in Apache CouchDB, there are no such things as write-only users to my knowledge. Are you talking about a Cloudant-specific thing, or something that might come in with #1504 ? I was imagining that if any of the tests failed (pre-@janl's change) a generic response would be provided, along the lines of `document failed validation`, _maybe_ including the name of the whatever-we-call-this to point a finger, but not explictly including the precise reason for failure. I like the idea of a `$throw.default` to override that message if you want, but I'm not sure it does much? The other option would be to provide a `"debug": true/false` boolean toggle that would include precise info about the reason for a document's failure. We've done a poor job of helping users debug their JS functions in the past. Putting the control over debugging a Mango-VDU in the hands of the developer would be a big step up in my opinion. Thanks for the discussion!
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
