Skip to content

Error type inconsistency

Description

An error type inconsistency occurred.

Remediation

An error type inconsistency can be caused by a misconfiguration of the GraphQL server. To fix this issue, return a contextual error type for each error instead of an Internal Server Error.

For example, if the request fails during the validation phase, return a validation error. By default, it will return an Internal Server Error.

GraphQL Specific

Apollo Ensure consistent error type handling in the Apollo framework engine by defining a standardized error interface or class. This should encapsulate all necessary information about an error, such as the message, code, and any additional context. Use this error type across all resolvers and middleware to maintain consistency. Additionally, consider implementing error handling middleware that can intercept and format these errors before they are sent to the client, adhering to the GraphQL error specification.
Yoga Ensure consistent error type handling in the Yoga framework engine by implementing a standardized error interface or class. This should encapsulate all error information, providing a consistent structure for error objects. Additionally, use a centralized error handling mechanism to manage exceptions and errors uniformly across the framework.
Awsappsync Ensure that the error types returned by AWS AppSync resolvers are consistent across your GraphQL schema. Define a standard error object structure and use it throughout your resolvers. This can be achieved by creating custom error types in your schema and handling errors in resolver mapping templates to conform to these types. Additionally, consider implementing error handling logic in your Lambda functions or data sources to return errors that match your defined schema. Consistent error handling improves the client's ability to handle errors gracefully and debug issues more effectively.
Graphqlgo Ensure consistent error types by defining a custom error interface in the GraphQL Go framework. Implement this interface across all resolvers and use it to handle and return errors uniformly. This will help maintain consistency and improve error handling in your GraphQL API.
Graphqlruby Ensure consistent error handling by defining a custom error class inheriting from `GraphQL::ExecutionError` and use it across your resolvers. Implement a method to standardize error messages and types. Use this custom error class to capture and format exceptions, providing a consistent error structure in the GraphQL response.
Hasura Ensure that the error types returned by the Hasura engine are consistent across your GraphQL schema. This can be achieved by defining custom error types in your schema and using them uniformly in your resolvers. Additionally, make sure to handle exceptions properly and map them to the defined error types before sending the response to the client. Consistent error handling improves the client's ability to handle errors gracefully and debug issues more effectively.
Agoo Ensure consistent error type handling across the Agoo framework engine by standardizing error responses and using a unified error handling mechanism.
Ariadne Ensure consistent error type handling across all resolvers in the Ariadne framework engine.
Caliban Ensure consistent error type handling across all resolvers in the Caliban framework engine.
Dgraph Ensure consistent data types across all schema definitions in the Dgraph framework to prevent error type inconsistencies.
Dianajl Ensure consistent error type handling across the DianaJL framework engine by standardizing error codes and messages.
Directus Ensure consistent data types across fields and endpoints in the Directus framework to prevent type mismatches.
Flutter Ensure consistent error type handling by using a unified error class across the Flutter framework engine.
Graphene Ensure consistent error handling by defining a custom error class in the Graphene framework.
Graphqlapiforwp Ensure consistent error type handling across the GraphQL API for WP framework by standardizing error responses and implementing a unified error management strategy.
Graphqlgophergo Ensure consistent error type handling across GraphQL resolvers in the GopherGo framework.
Graphqljava Ensure consistent error type definitions across your GraphQL schema in the graphql-java framework.
Graphqlphp Ensure consistent error type handling by defining a standard error format in the GraphQLPHP framework.
Graphqlyoga Ensure consistent error type handling by defining a standard error format and using it across all resolvers in the GraphQL Yoga framework.
Hypergraphql Ensure consistent error type handling across all GraphQL resolvers in the HyperGraphQL engine.
Jaal Ensure consistent error type handling across the Jaal framework engine to prevent unexpected behavior.
Juniper Ensure consistent error type handling across all components of the Juniper framework engine.
Lacinia Ensure consistent error type handling across all resolvers in the Lacinia framework.
Lighthouse Ensure consistent error handling by standardizing error types across the Lighthouse framework engine.
Mercurius Ensure consistent error type handling by standardizing error responses across all resolvers in the Mercurius framework.
Morpheusgraphql Ensure consistent error type definitions across all resolvers in the MorpheusGraphQL engine to maintain uniform error handling.
Qglgen Ensure consistent error type handling by defining a standard error interface and implementing it across all resolvers in the gqlgen framework.
Sangria Ensure consistent error handling by using a unified error type across all resolvers in the Sangria framework.
Shopify Ensure consistent error handling by standardizing error types across the Shopify framework engine.
Stepzen Ensure consistent error type handling by standardizing error responses across all queries in the StepZen framework.
Strawberry Ensure consistent error type handling across all components of the Strawberry framework engine.
Tartiflette Ensure consistent error type handling in the Tartiflette engine by defining a standard error format and updating all error responses to adhere to this format.
Wpgraphql Ensure consistent error type handling across all resolvers in the WPGraphQL framework.

Configuration

Identifier: configuration/error_type_inconsistency

Examples

Ignore this check

checks:
  configuration/error_type_inconsistency:
    skip: true

Score

  • Escape Severity:

Compliance

  • OWASP: API8:2023
  • OWASP LLM: LLM02:2023
  • pci: 6.5.5
  • gdpr: Article-32
  • soc2: CC1
  • psd2: Article-95
  • iso27001: A.14.2
  • nist: SP800-53
  • fedramp: SI-11

Classification

  • CWE: 704

Score

  • CVSS_VECTOR: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:W/RC:C/CR:X/IR:X/AR:X/MAV:N/MAC:L/MPR:N/MUI:N/MS:U/MC:N/MI:N/MA:L
  • CVSS_SCORE: 4.7