Comments (2)
Briefly looked into this now, and it's really the use of the unification operator (=
) that's the culprit here. Unification is neat, but really hard to work with when using the AST alone. It is so because we'll need to determine whether a var is an input var or an output var, and if it's defined anywhere else in the scope, and not necessarily in order.
To provide an example, this would be a valid rule:
weird if {
x == 5
y == 1
y = 1
x = 5
}
While this is a compile time error:
weird if {
x == 5
y == 1
y := 1
x := 5
}
So rather than doing some unverified_header, unverified_payload
, I'd recommend using the assignment operator (:=
) to avoid this.
[unverified_header, unverified_payload] = decode_jwt(jwt)
->
[unverified_header, unverified_payload] := decode_jwt(jwt)
That will come with the additional benefit of having strict mode flag unverified_payload
as unused:
1 error occurred: policy.rego:26: rego_compile_error: assigned var unverified_payload unused
I'd like to one day make a larger effort to have Regal deal with unification, in whatever way that may be... and that's even one of the first issues created in #4
But that'll be something much larger, and I don't think we can do this as a bugfix. So I'll close this for now provided there's a good workaround, and we'll tackle this in #4 when we get there. Perhaps a custom (and optional) rule to avoid the unification operator altogether could be an interesting first step towards something more nuanced 🙂
Either way, thanks for reporting this! And keep filing issues when you encounter them. Much appreciated!
from regal.
Thanks @Od1nB 👍 I'll try to get a fix in for the next release.
from regal.
Related Issues (20)
- Rule: `argument-always-wildcard`
- Rule: `annotation-without-metadata`
- Rule: `simplify-iteration`
- Add `--var-values` flag to `regal test`
- Editing an ignored file shows completion errors
- Add `regal new project` command
- Moving back to edit before accepted suggestion results in error
- Submit Regal to be featured in GitHub's workflows
- Same icon used for rules and functions in completion list HOT 1
- style/prefer-snake-case inconsistent HOT 3
- `prefer-some-in-iteration` no longer reporting violation as expected
- bug: pointless reassignment should ignore with
- bug: false positives in messy incremental rule with general rule head refs
- lsp/completions: Snippet completions are not shown for complete prefixes.
- rule/argument-always-wildcard: End location is always the end of the line HOT 5
- lsp/completions: Snippets for built-in functions HOT 1
- 100% test coverage
- lint/output: SARIF output is incorrect when a parse error is encountered
- lint: Show parse error locations in JSON output format
- Add function name ignore filter for `argument-always-wildcard`
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from regal.