Skip to content

GitLab Next

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

Packages to use composition, not inheritance [RUN AS-IF-FOSS]

Review changes
Download
Patches
Plain diff

Alex Kalderimis requested to merge ajk-graphql-packages into master Jan 20, 2021

Overview 95
Commits 5
Pipelines 19
Changes 26

What does this MR do?

GraphQL does not have inheritance, so it is an anti-pattern to use it to model polymorphism in our models.

The correct approach is to model polymorphism as implementation of interfaces. Here there is a single PackageType interface, and then different implementations of that.

in the course of implementing this, https://gitlab.com/gitlab-org/gitlab/-/issues/299371 was discovered.

Changes

This MR makes the following changes to the GraphQL schema:

Query.package_composer_details is removed, and replaced by Query.package. (breaking change).

The old field was not type-safe, and was prone to runtime errors.
Package.versions.edges.node now has the type PackageWithoutVersions, which is identical to Package, except that it does not have a versions field. (breaking change).

The Package.versions.versions field was an example of cyclic mutual recursion that could have deleterious effects on server response time.
Package.metadata is added. This is a union, which currently has the single member ComposerMetadata.
The PackageComposerDetails type is removed. It should be replaced by references to Package. (potenially breaking change for systems that rely on code-generation).

Any queries that refer to PackageComposerDetails, Query.package_composer_details or Package.versions.versions will need to be updated.

Does this MR meet the acceptance criteria?

Conformity

Changelog entry
Documentation (if required)
Code review guidelines
Merge request performance guidelines
Style guides
Database guides
Separation of EE specific content

Availability and Testing

Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
Tested in all supported browsers
Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

Label as security and @ mention @gitlab-com/gl-security/appsec
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
Security reports checked/validated by a reviewer from the AppSec team

Edited Feb 01, 2021 by Alex Kalderimis

Merge request reports

Assignee Loading

Reviewers Loading

Request review from

Loading

Time tracking Loading

Loading