Skip to content

Test suite for email format is very weak #254

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
bvisness opened this issue Feb 19, 2019 · 3 comments
Closed

Test suite for email format is very weak #254

bvisness opened this issue Feb 19, 2019 · 3 comments
Labels
missing test A request to add a test to the suite that is currently not covered elsewhere.

Comments

@bvisness
Copy link

Today we started using a JSON schema library in production which passes all tests in this repo, including the optional ones. It blew up immediately on valid customer email addresses which contained numbers in the domain.

Wondering how this could have happened, I looked up these tests, only to find that you have provided exactly one test of a valid email address:

{
    "description": "a valid e-mail address",
    "data": "[email protected]",
    "valid": true
}

Suffice it to say that this is a very poor test of the email format.

I know that the email address spec is very...esoteric. But I think you should include a few extra test cases that will hopefully break naive implementations like the one I was using. Ideally you would include some email addresses with digits and other allowed symbols in the address part, and possibly some email addresses with quoted parts. You may also wish to add some tests with unconventional hostnames, like the ones I added in #253.
@Julian
Copy link
Member

Julian commented Feb 19, 2019

This essentially harkens back to the fact that I wrote these, and I don't recommend actually using the email format, and my implementation implements it as "anything with @ in it".

In 2019, and especially now that the spec is active again and has been for ~2 years again (hooray!) I've still always meant to bring that back up upstream in the spec repo ("let's remove the email format plz"), but yeah that's no excuse really for this suite anymore :), since it's not just used by me, not for a very long time.

So, especially if your tests are designed to ensure emails are accepted -- I'm all for those (I'll start to get a bit more fussy if you try to define invalid emails, but even then of course my representation as maintainer [or one of] for this suite isn't hopefully clouded by my desire as implementer of my library to not encourage bad habits).

So, long story short, sounds good to me!

@bvisness
Copy link
Author

Given what I've been learning about the state of format in JSON schema, I think it makes sense to focus only on valid emails. Better to have false positives than false negatives in this case.

I've updated #253 to add lots more examples of valid emails. With any luck, this will convince everyone to just look for an "@" and leave it at that. 😛

@bvisness bvisness mentioned this issue Feb 21, 2019
Closed
@Julian Julian added the missing test A request to add a test to the suite that is currently not covered elsewhere. label Sep 27, 2019
@Julian
Copy link
Member

Julian commented Jun 24, 2021

The PR here was merged, so gonna close this, but more tests are welcome if someone feels there's still a gap.

@Julian Julian closed this as completed Jun 24, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
missing test A request to add a test to the suite that is currently not covered elsewhere.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Julian @bvisness