feat (Repo): Raise an error on query-like keyword opts to Repo functions#4717
Merged
josevalim merged 2 commits intoelixir-ecto:masterfrom Apr 9, 2026
Merged
feat (Repo): Raise an error on query-like keyword opts to Repo functions#4717josevalim merged 2 commits intoelixir-ecto:masterfrom
josevalim merged 2 commits intoelixir-ecto:masterfrom
Conversation
Consider the following, written by a new-to-Elixir developer: ```elixir Repo.delete_all(User, where: [account_id: user.account_id]) ``` The developer mistakenly believed that the `opts` to the Repo function worked like the Ecto.Query DSL, when in fact these keyword options were entirely ignored (making this an unscoped deletion of all users). With this change, Ecto will raise a runtime error when given `opts` keys that seem to indicate the user was trying to modify the queryable passed in to: - Repo.all/2 - Repo.all_by/3 - Repo.delete_all/2 - Repo.exists?/2 - Repo.get/3 - Repo.get_by/3 - Repo.one/2 - Repo.stream/2
josevalim
reviewed
Apr 9, 2026
Member
|
💚 💙 💜 💛 ❤️ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Consider the following, written by a new-to-Elixir developer:
The developer mistakenly believed that the
optsto the Repo function worked like the Ecto.Query DSL, when in fact these keyword options were entirely ignored (making this an unscoped deletion of all users).With this change, Ecto will raise a runtime error when given
optskeys that seem to indicate the user was trying to modify the queryable passed in to:I've taken the simple approach to the validation (adding a
validate_query_opts!/2call at the top of each function). I had considered bottlenecking this to do the validation only inEcto.Repo.Queryable.execute/4, but doing so would have required passingexecute/4the name of the function that called it (since right now it only receives theoperation, one of:all,:update_all, or:delete_all, even for functions likegetorget_by). I'm happy to refactor it to go throughexecuteif that's a desirable tradeoff, though.