An entity field with the machine name "links" causes JSON:API validation to fail

Failing test to show the issue.

The last submitted patch, 3: 3350525-3-failing-test.patch, failed testing. View results →

Thanks for reporting this issue. Is there any chance we can get a full stacktrace of the issue? That would help understand the issue better without running it locally.

@bbrala here's the full stack trace in the JSON:API response

AssertionError: A JSON:API response failed validation (see the logs for details). Please report this in the issue queue on drupal.org in /data/app/core/modules/jsonapi/src/EventSubscriber/ResourceResponseValidator.php:117
Stack trace:
#0 /data/app/core/modules/jsonapi/src/EventSubscriber/ResourceResponseValidator.php(117): assert()
#1 /data/app/core/modules/jsonapi/src/EventSubscriber/ResourceResponseValidator.php(108): Drupal\\jsonapi\\EventSubscriber\\ResourceResponseValidator->doValidateResponse()
#2 [internal function]: Drupal\\jsonapi\\EventSubscriber\\ResourceResponseValidator->onResponse()
#3 /data/app/core/lib/Drupal/Component/EventDispatcher/ContainerAwareEventDispatcher.php(111): call_user_func()
#4 /data/vendor/symfony/http-kernel/HttpKernel.php(196): Drupal\\Component\\EventDispatcher\\ContainerAwareEventDispatcher->dispatch()
#5 /data/vendor/symfony/http-kernel/HttpKernel.php(184): Symfony\\Component\\HttpKernel\\HttpKernel->filterResponse()
#6 /data/vendor/symfony/http-kernel/HttpKernel.php(74): Symfony\\Component\\HttpKernel\\HttpKernel->handleRaw()
#7 /data/app/core/lib/Drupal/Core/StackMiddleware/Session.php(58): Symfony\\Component\\HttpKernel\\HttpKernel->handle()
#8 /data/app/core/lib/Drupal/Core/StackMiddleware/KernelPreHandle.php(48): Drupal\\Core\\StackMiddleware\\Session->handle()
#9 /data/vendor/asm89/stack-cors/src/Cors.php(53): Drupal\\Core\\StackMiddleware\\KernelPreHandle->handle()
#10 /data/app/core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php(48): Asm89\\Stack\\Cors->handle()
#11 /data/app/core/lib/Drupal/Core/StackMiddleware/NegotiationMiddleware.php(51): Drupal\\Core\\StackMiddleware\\ReverseProxyMiddleware->handle()
#12 /data/app/core/lib/Drupal/Core/StackMiddleware/StackedHttpKernel.php(51): Drupal\\Core\\StackMiddleware\
egotiationMiddleware->handle()
#13 /data/app/core/lib/Drupal/Core/DrupalKernel.php(686): Drupal\\Core\\StackMiddleware\\StackedHttpKernel->handle()
#14 /data/app/index.php(19): Drupal\\Core\\DrupalKernel->handle()
#15 {main}

Next Symfony\\Component\\HttpKernel\\Exception\\HttpException: A JSON:API response failed validation (see the logs for details). Please report this in the issue queue on drupal.org in /data/app/core/modules/jsonapi/src/EventSubscriber/DefaultExceptionSubscriber.php:49
Stack trace:
#0 [internal function]: Drupal\\jsonapi\\EventSubscriber\\DefaultExceptionSubscriber->onException()
#1 /data/app/core/lib/Drupal/Component/EventDispatcher/ContainerAwareEventDispatcher.php(111): call_user_func()
#2 /data/vendor/symfony/http-kernel/HttpKernel.php(221): Drupal\\Component\\EventDispatcher\\ContainerAwareEventDispatcher->dispatch()
#3 /data/vendor/symfony/http-kernel/HttpKernel.php(89): Symfony\\Component\\HttpKernel\\HttpKernel->handleThrowable()
#4 /data/app/core/lib/Drupal/Core/StackMiddleware/Session.php(58): Symfony\\Component\\HttpKernel\\HttpKernel->handle()
#5 /data/app/core/lib/Drupal/Core/StackMiddleware/KernelPreHandle.php(48): Drupal\\Core\\StackMiddleware\\Session->handle()
#6 /data/vendor/asm89/stack-cors/src/Cors.php(53): Drupal\\Core\\StackMiddleware\\KernelPreHandle->handle()
#7 /data/app/core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php(48): Asm89\\Stack\\Cors->handle()
#8 /data/app/core/lib/Drupal/Core/StackMiddleware/NegotiationMiddleware.php(51): Drupal\\Core\\StackMiddleware\\ReverseProxyMiddleware->handle()
#9 /data/app/core/lib/Drupal/Core/StackMiddleware/StackedHttpKernel.php(51): Drupal\\Core\\StackMiddleware\
egotiationMiddleware->handle()
#10 /data/app/core/lib/Drupal/Core/DrupalKernel.php(686): Drupal\\Core\\StackMiddleware\\StackedHttpKernel->handle()
#11 /data/app/index.php(19): Drupal\\Core\\DrupalKernel->handle()
#12 {main}

The keyword "links" is considered as a json response property just like "meta". Because of that when the string is validated against the JSON Schema (jsonapi/schema.json), its getting failed. In a normal scenario (in D10+), we can't add a node field without "field_" prefix. So this won't be a problem unless we create node fields problematically.

we can't add a node field without "field_" prefix

Yes we can, if the field_ui prefix setting is emptied which is actually quite common.

In that case we can avoid this problem by removing "links" from patternProperties regex of "attributes" definition (jsonapi/schema.json > definitions > attributes > patternProperties). Thats the place this error is getting triggered. In case of "relationships" definition, just "id" and "type" are blacklisted in its regex (patternProperties).

In order to avoid changes to patternProperties, we can declare "links" as a field using hook_entity_base_field_info. By doing so we can make "links" a reserved one and could avoid making a field with that name. But the problem is that we can't do it in jsonapi.module. If we do so, someone can create the field by temporarily disabling jsonapi module.

The test case you provided is added to the current MR. Unfortunately the test case is not getting failed on running pipeline. I could generate the failing case in my local. Here is the passing pipeline details.

https://git.drupalcode.org/issue/drupal-3350525/-/jobs/824500

The status code (200) and response are printed in it. Any idea why its getting passed in the server only?

sijumpk → changed the visibility of the branch 3388358-setprefix-when-the to hidden.