Relax field-level meta validation constraints

[urmichm]

Description

Restrictions on the field-level meta have been relaxed:

• meta accepts any number of entries as long as the following restrictions are met
• meta's values must be Strings of any length
• meta's values can not be nulls
• meta's keys must be Strings of any length

Related Issues

Resolves #19884

Check List

• Functionality includes testing.
• API changes companion pull request created, if applicable.
• Public documentation issue/PR created, if applicable.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

These changes relax validation constraints for field-level _meta metadata in the mapper. The maximum entry count, key length, and value length restrictions are removed from TypeParsers.parseMeta, while null-value and non-string type checks remain enforced. The corresponding test is updated to reflect these relaxed validation rules.

Changes

Cohort / File(s)	Summary
Validation Logic Relaxation server/src/main/java/org/opensearch/index/mapper/TypeParsers.java	Removed max entry count (5), per-key length (20 chars), and per-value length (50 chars) constraints. Retained null-value prohibition and added explicit error messaging for non-String values.
Test Updates server/src/test/java/org/opensearch/index/mapper/TypeParsersTests.java	Replaced validation tests that expected MapperParsingException for excessive key length and max entries. New test constructs meta map with multiple long keys and asserts successful parsing with matching size.
Changelog CHANGELOG.md	Added changelog entry documenting the relaxation of field-level meta validation.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: relaxing validation constraints for field-level meta in OpenSearch mappings.
Description check	✅ Passed	The description clearly explains the relaxed restrictions, references the resolved issue #19884, confirms testing is included, and follows the required template format.
Linked Issues check	✅ Passed	The PR successfully implements the feature request from issue #19884 by allowing field-level _meta blocks with relaxed validation on entry count and string length constraints.
Out of Scope Changes check	✅ Passed	All changes are directly related to relaxing field-level meta validation: modifications to TypeParsers.parseMeta, updated tests, and CHANGELOG entry align with issue #19884 requirements.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

Warning

Review ran into problems

🔥 Problems

Git: Failed to clone repository. Please run the @coderabbitai full review command to re-trigger a full review. If the issue persists, set path_filters to include or exclude specific files.

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

❗ AI-powered Code-Diff-Analyzer found issues on commit 5f656fd.

Path	Line	Severity	Description
server/src/main/java/org/opensearch/index/mapper/TypeParsers.java	89	medium	Intentional removal of input validation limits on metadata fields (size limit of 5 entries, key length limit of 20 chars, value length limit of 50 chars). While documented as a feature change in CHANGELOG, this could enable resource exhaustion or DoS attacks through unbounded metadata. Without context from issue #19884, cannot definitively determine if this weakening of security controls is justified by legitimate requirements.

The table above displays the top 10 most important findings.

Total: 1 | Critical: 0 | High: 0 | Medium: 1 | Low: 0

---

Pull Requests Author(s): Please update your Pull Request according to the report above.

Repository Maintainer(s): You can bypass diff analyzer by adding label skip-diff-analyzer after reviewing the changes carefully, then re-run failed actions. To re-enable the analyzer, remove the label, then re-run all actions.

---

⚠️ Note: The Code-Diff-Analyzer helps protect against potentially harmful code patterns. Please ensure you have thoroughly reviewed the changes beforehand.

Thanks.

[github-actions]

❌ Gradle check result for 5f656fd: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

❌ Gradle check result for 5f656fd: null

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

❌ Gradle check result for e2080f7: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

❗ AI-powered Code-Diff-Analyzer found issues on commit 6ee1908.

Path	Line	Severity	Description
server/src/main/java/org/opensearch/index/mapper/TypeParsers.java	89	medium	Intentional removal of security validation limits: meta field entry count (was max 5), key length (was max 20 chars), and value length (was max 50 chars) protections removed. While documented in CHANGELOG, this enables potential DoS via resource exhaustion, unbounded data storage in meta fields, and possible covert channels. Change appears legitimate but creates exploitable attack surface.

The table above displays the top 10 most important findings.

Total: 1 | Critical: 0 | High: 0 | Medium: 1 | Low: 0

---

Pull Requests Author(s): Please update your Pull Request according to the report above.

Repository Maintainer(s): You can bypass diff analyzer by adding label skip-diff-analyzer after reviewing the changes carefully, then re-run failed actions. To re-enable the analyzer, remove the label, then re-run all actions.

---

⚠️ Note: The Code-Diff-Analyzer helps protect against potentially harmful code patterns. Please ensure you have thoroughly reviewed the changes beforehand.

Thanks.

[urmichm]

I shall add some more explanation on why relaxing the restrictions won't impact on the cluster stage.
Currently, we have _meta on the mappings level and meta on the field level. Since only the field level has the restriction, the data is simply migrated to the other place with extra characters.

We keep the meta strictly as Map<String,String>, but drop the restriction on how long the keys and values are and how many entries are in the map.

Example:

{
    "settings": {  ... },
    "mappings": {
        "properties": {
            "secret_text": {
                "type": "text",
                "meta": {
                       // this 'meta' block will be rejected due to field below
                       "description": "This text has already too many chars and will not be allowed."
                }
            }, ........
        },
        "_meta": {
            "fields_description": {
               // the whole '_meta' block will be allowed with this nested parameter
               "secret_text" : "This text has already too many chars and will not be allowed."
            },
            ...
        }
    }
}

@sandeshkr419 please share your feedback :)