Skip to content

chore(deps): update graphql-go-tools to fix SIGSEGV in extension filtering #2541

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jensneuse merged 5 commits into from
Feb 21, 2026
Merged

chore(deps): update graphql-go-tools to fix SIGSEGV in extension filtering #2541

Changes from 3 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
2f28966
chore(deps): update graphql-go-tools to c96ac9e6f088
jensneuse Feb 20, 2026
d5bbbb3
chore(deps): update graphql-go-tools to v2.0.0-rc.254
jensneuse Feb 21, 2026
10f8a97
test(router): add integration tests for extension field filtering SIG…
jensneuse Feb 21, 2026
62d5e2b
test(router): add extension filtering variants for no/partial/full fi…
jensneuse Feb 21, 2026
fb90827
chore(deps): update graphql-go-tools to v2.0.0-rc.255
jensneuse Feb 21, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
99 changes: 99 additions & 0 deletions router-tests/error_handling_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"net/http"
"slices"
"strings"
"sync"
"testing"

"github.com/stretchr/testify/require"
Expand Down Expand Up @@ -335,6 +336,104 @@ func TestAllowedExtensions(t *testing.T) {
})
})

t.Run("filtering multiple disallowed extension fields does not crash / wrapped mode", func(t *testing.T) {
testenv.Run(t, &testenv.Config{
ModifySubgraphErrorPropagation: func(cfg *config.SubgraphErrorPropagationConfiguration) {
cfg.Enabled = true
cfg.Mode = config.SubgraphErrorPropagationModeWrapped
cfg.AllowedExtensionFields = []string{"code"}
},
Subgraphs: testenv.SubgraphsConfig{
Employees: testenv.SubgraphConfig{
Middleware: func(handler http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusForbidden)
_, wErr := w.Write([]byte(`{"errors":[{"message":"Unauthorized","extensions":{"code":"UNAUTHORIZED","foo":"bar","baz":"qux","extra1":"val1","extra2":"val2"}}]}`))
require.NoError(t, wErr)
Comment thread
jensneuse marked this conversation as resolved.
Outdated
})
},
},
},
}, func(t *testing.T, xEnv *testenv.Environment) {
res := xEnv.MakeGraphQLRequestOK(testenv.GraphQLRequest{
Query: `{ employees { id } }`,
})
require.Equal(t, `{"errors":[{"message":"Failed to fetch from Subgraph 'employees'.","extensions":{"errors":[{"message":"Unauthorized","extensions":{"code":"UNAUTHORIZED"}}],"statusCode":403}}],"data":{"employees":null}}`, res.Body)
})
})

t.Run("filtering multiple disallowed extension fields does not crash / passthrough mode", func(t *testing.T) {
testenv.Run(t, &testenv.Config{
ModifySubgraphErrorPropagation: func(cfg *config.SubgraphErrorPropagationConfiguration) {
cfg.Enabled = true
cfg.Mode = config.SubgraphErrorPropagationModePassthrough
cfg.AllowedExtensionFields = []string{"code"}
},
Subgraphs: testenv.SubgraphsConfig{
Employees: testenv.SubgraphConfig{
Middleware: func(handler http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusForbidden)
_, wErr := w.Write([]byte(`{"errors":[{"message":"Unauthorized","extensions":{"code":"UNAUTHORIZED","foo":"bar","baz":"qux","extra1":"val1","extra2":"val2"}}]}`))
require.NoError(t, wErr)
})
},
},
},
}, func(t *testing.T, xEnv *testenv.Environment) {
res := xEnv.MakeGraphQLRequestOK(testenv.GraphQLRequest{
Query: `{ employees { id } }`,
})
require.Equal(t, `{"errors":[{"message":"Unauthorized","extensions":{"code":"UNAUTHORIZED","statusCode":403}}],"data":{"employees":null}}`, res.Body)
})
})

t.Run("concurrent requests with extension field filtering does not crash", func(t *testing.T) {
testenv.Run(t, &testenv.Config{
ModifySubgraphErrorPropagation: func(cfg *config.SubgraphErrorPropagationConfiguration) {
cfg.Enabled = true
cfg.Mode = config.SubgraphErrorPropagationModePassthrough
cfg.AllowedExtensionFields = []string{"code"}
},
Subgraphs: testenv.SubgraphsConfig{
Employees: testenv.SubgraphConfig{
Middleware: func(handler http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusForbidden)
_, wErr := w.Write([]byte(`{"errors":[{"message":"Unauthorized","extensions":{"code":"UNAUTHORIZED","foo":"bar","baz":"qux","extra1":"val1","extra2":"val2"}}]}`))
require.NoError(t, wErr)
})
},
},
},
}, func(t *testing.T, xEnv *testenv.Environment) {
var (
numOfOperations = 10
ready, done sync.WaitGroup
)
ready.Add(numOfOperations)
done.Add(numOfOperations)
trigger := make(chan struct{})
for i := 0; i < numOfOperations; i++ {
go func() {
ready.Done()
defer done.Done()
<-trigger
res := xEnv.MakeGraphQLRequestOK(testenv.GraphQLRequest{
Query: `{ employees { id } }`,
})
require.Equal(t, `{"errors":[{"message":"Unauthorized","extensions":{"code":"UNAUTHORIZED","statusCode":403}}],"data":{"employees":null}}`, res.Body)
}()
Comment thread
coderabbitai[bot] marked this conversation as resolved.
}
ready.Wait()
close(trigger)
done.Wait()
})
})

}

func TestErrorPropagation(t *testing.T) {
Expand Down
Loading