extended validation modifies null-results to array if an errors occurs

[VilleViktor]

Describe the bug

Given the following graphql schema:

type Something {
   field: AType @auth(roles: ["my-role"]
}

type Query {
  something(id: Int!) : Something
}

When querying for a id a user do not have access to the something is expected to return null. But when the generic-auth detects that the user do not have access to field since the user do not have role my-role it will generate an error.

Looking into the extended-validation

console.log(newResult.data);
errors.forEach(e => {
   if (e.path?.length) {
     console.log("Before",e.path?.length,e.path, newResult.data)
     newResult.data = visitPath(e.path, newResult.data);
     console.log("After",e.path?.length, newResult.data)
  }
});

We get the following sequence:

   { data: [Object: null prototype] { something: null } } 

      at Object.onResult (../../node_modules/@envelop/extended-validation/cjs/plugin.js:78:37)

  console.log
    Before  [ 'something', 'field' ] [Object: null prototype] { something: null }
      at ../../node_modules/@envelop/extended-validation/cjs/plugin.js:117:45
          at Array.forEach (<anonymous>)

  console.log
    After 2 [Object: null prototype] { something: [] }

Im expecting it to still be {something: null}.

Environment:

• OS: Ubuntu 24.04.2 LTS
• NodeJS: v22.14.0
• @envelop/core: 5.2.3
• @envelop/extended-validation 5.1.3
• @envelop/generic-auth 9.1.3

Running graphql-yoga server with typegraphql.

[VilleViktor]

What resolves my issue adding another check at here

if(currentData[path.at(0)] === null) {
  return data;
}

ensuring we do not modify my resulting data.