Fork me on GitHub

what would be a better default for malli-based coercion with open/closed schemas: 1. fail if extra keys exist (both request & response) 2. just strip extra keys 3. mixture of both (fail on extra input on request, just strip extra stuff on response)


currently would do 2+1: strip extra keys on both ways, and fail if that fails for some reason.


that sounds reasonable

馃憣 4

also, all schemas will be closed by default, unless explicitly marked as open.


e.g. schemas can be defined open, but will be validated as closed on api-boundary.


That could be problematic with forward evolution


deos closed mean I get a bad request response?


ie. If I have service A which talks to service B. If I want to do a deploy which sends extra information to a service which will be later used I have to do an extra deploy for service B if extra input params cause a bad request


if you want evolution over apis, you can either mark schemas explictely as open [:map {:closed false} [:x int?]] or configure coercion not to strip away extra keys.


I think the question is: do you want security (closed) or evolution (open) by default.


tough call, clojure devs seem to favor openness over security (spec vs schema, open maps vs structs, etc.). Your call, as long as it鈥檚 a one-liner to change it won鈥檛 be a dealbreaker


I think the more mature you are as a dev the more you tends towards to openness vs. security of impl.


whatever you choose, writing a few lines in the README/docs explaining the trade-offs would be nice to folks to decide for themselves


Hi everyone, is it good practice to add get ajax call to objects in my app every time i navigate to that page ? for example if i app has concept of books per user, and all books data is fetched from the server via GET call, is it better to re-fetch all books from the server each time i visit books page, or only refresh when i add new books ? what are you guys doing in that situation ?