add cookies to examples 1 and 2 #891
Merged
+5
−0
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Owner
cdimascio
commented
Jan 27, 2024
cdimascio
commented
- add cookies to example 1 and 2
This was referenced Jun 24, 2024
This was referenced Aug 26, 2024
This was referenced Sep 13, 2024
This was referenced Sep 15, 2024
This was referenced Nov 5, 2024
cdimascio
added a commit
that referenced
this pull request
Mar 2, 2025
* remove examples from schema * add cookies to example 1 and 2
cdimascio
added a commit
that referenced
this pull request
Mar 2, 2025
* change log * deps + change log * docs: add robertjustjones as a contributor for code, test (#659) * docs: update README.md [skip ci] * docs: update .all-contributorsrc [skip ci] Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com> Co-authored-by: Carmine DiMascio <[email protected]> * if requestBody required is false, allow empty requests (#665) * if requestBody required is false, allow empty requests * add test * v4.13.2 * update examples deps * audit fix lock * audit fix lock * update examples * (doc) describe detailed coercion behaviors * (chore) upgrade deps * Update openapi.validator.ts * chore(deps): bump normalize-url in /examples/8-top-level-discriminator (#673) Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/sindresorhus/normalize-url/releases) - [Commits](https://github.com/sindresorhus/normalize-url/commits) --- updated-dependencies: - dependency-name: normalize-url dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump glob-parent in /examples/8-top-level-discriminator (#674) Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: glob-parent dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * default export in handler #671 (#675) * v.4.13.4 * (doc) change history * fix json syntax in allcontributors file (#676) * docs: add zzgab as a contributor for code, test (#680) * docs: update README.md [skip ci] * docs: update .all-contributorsrc [skip ci] Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com> * Fixes on SerDes (#682) * Try catch serdes serialize and deserialize in order to avoid Internal Server Error and return BadRequest errors #601 * Fix incorrect serDes example #569 * Patch on serdes test and allow to use generated AJV out of Express usage (#684) * Try catch serdes serialize and deserialize in order to avoid Internal Server Error and return BadRequest errors #601 * Fix incorrect serDes example #569 * fix the unit test and change message to a more human friendly description of the error #601 * Allow to get the generated request AJV object in order to use it out of an OpenAPI and express usage (websocket...) #683 * Add documentation for OpenApiValidator.ajv function initialization usage #683 * ResponseValidator's Ajv can be useful too. So we return an object that contains both request ajv and response ajv : ```javascript ajvs = { req : 'Ajv object' res : 'Ajv object' } ``` #683 * fix the unit test and change message to a more human friendly description of the error #601 * Allow to get the generated request AJV object in order to use it out of an OpenAPI and express usage (websocket...) #683 * Add documentation for OpenApiValidator.ajv function initialization usage #683 * ResponseValidator's Ajv can be useful too. So we return an object that contains both request ajv and response ajv : ```javascript ajvs = { req : 'Ajv object' res : 'Ajv object' } ``` #683 * Revert commits in order to push only bug fixes #601 * Revert "ResponseValidator's Ajv can be useful too." This reverts commit 677cacfdde64eac870e54bdd3a07e2c2572e5daf. * Revert "Add documentation for OpenApiValidator.ajv function initialization usage" This reverts commit a727f2d20693601074c797a354bfb1f5bc7ed4ef. * Revert "Allow to get the generated request AJV object in order to use it out of an OpenAPI and express usage (websocket...)" This reverts commit ad3e785c9c1e441d13c589534a3a3c3cd33cfb18. * Revert "ResponseValidator's Ajv can be useful too. So we return an object that contains both request ajv and response ajv : ```javascript ajvs = { req : 'Ajv object' res : 'Ajv object' } ``` #683" This reverts commit 8fc7226e * Revert "Add documentation for OpenApiValidator.ajv function initialization usage" This reverts commit ecb8424da785f36e6910f160315c45f38d0cb64e. * Revert "Allow to get the generated request AJV object in order to use it out of an OpenAPI and express usage (websocket...)" This reverts commit 52429c529c844f523a3e28f4a13927344bdac8cc. Co-authored-by: Carmine DiMascio <[email protected]> * v4.13.5 * v4.13.6 * Update README migrate documentation to wiki * migrate README to wiki * chore(deps): bump follow-redirects in /examples/9-nestjs (#705) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.4 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.4...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump node-fetch from 2.6.1 to 2.6.7 in /examples/9-nestjs (#711) Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7. - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.1...v2.6.7) --- updated-dependencies: - dependency-name: node-fetch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimist from 1.2.5 to 1.2.6 in /examples/1-standard (#714) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimist in /examples/3-eov-operations (#715) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimist in /examples/2-standard-multiple-api-specs (#716) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimist in /examples/4-eov-operations-babel (#717) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimist in /examples/5-custom-operation-resolver (#718) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansi-regex in /examples/8-top-level-discriminator (#719) Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: ansi-regex dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimist in /examples/8-top-level-discriminator (#720) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimist in /examples/7-response-date-serialization (#721) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansi-regex in /examples/7-response-date-serialization (#722) Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: ansi-regex dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansi-regex in /examples/6-multi-file-spec (#723) Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: ansi-regex dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimist in /examples/6-multi-file-spec (#724) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansi-regex in /examples/5-custom-operation-resolver (#725) Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: ansi-regex dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansi-regex in /examples/3-eov-operations (#726) Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: ansi-regex dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansi-regex in /examples/2-standard-multiple-api-specs (#727) Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: ansi-regex dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump AJV to v8 (#713) * try upgrading to OAPIv3.1 * Remove 3.1-support related files * Const typings on formats * Set _discriminator as non-enumerable hide it from AJV (unknown keyword) * Refactor `x-eov-serdes` to ensure order of validation * Update AJV options handling * Update read/write only keywords * Add noop keywords * Use AJV Draft 4 to validate OpenAPI doc * Use `must` keyword to match AJV validations * Expected validation errors prefer `must` over `should`, `/` over `.` * Update README to reflect expected validation errors * Explicitly pass formats to ignore * Serdes validation errors contain more errors * Update example with expected AJV errors * Drop noisy test logs * Restore previous `Format` version * Add failing tests for undeclared x-* keywords Schema declares these are valid (via `patternProperties`) but AJV rejects on any unknown keywords * Detect `x-*` prefixes and declare as noop for Ajv * Update README to declare reserved vendor extension prefix * readOnly+writeOnly do not modify, and do attach errors * Remove test enforcing `x-eov-*` usage README still "reserves" these keywords, but do not explicitly enforce it * Rely on strictSchema=false to handle unknown keywords Remove all NOOP keywords * Explicitly pass strict=false to response validator test Options are usually set internally * Add types to serdes validator, auto-true if missing method * Rework serdes schema processor _slightly_ simplify schema, and document why complexity is necessary. Use custom keywords to allow "redacting" of confusing errors during validation Remove `jsonType` from serdes options (unused) * Update serdes test to reflect simpler validation messages * Consistent usage of / over . for json path Mirroring format of AJV * Add `eov` prefix to unknown query parameters flag Deprecate old version with console.warn * Create "normalized options" type that has stricter format Omits deprecated types/attributes. Allows skipping redundant checks/transforms that were already performed * Set defaults in one place * Add warnings for deprecated usage of options * Move options handling to `normalizeOptions`, add `ajvFormats` option * Update README to reflect new options behavior * Consistent `/` over `.` Matching AJV's internal json path errors * Remove unnecessary serDesInternal check `xEovAnyOf` effectively hides internal schemas and prevents infinite loop * Add `anyOf` test with serdes, expose all relevant errors * Simplify format overriding by applying in order, remove constant * Move redactable error to common types file * Tweak error redacting to only expose most relevant If request is not a string, message should not expose string-centric validations like format (even those "format" is invalid via serialization). Was wrongly exposed in 992cde00b2add2f6b5f59ba83cfd3bbac658bb38 * Refactor serdes (again...) to use keyword execution order So apparently AJV _does_ have some ability to enforce keyword ordering via `before`/`post`! Using those options, serdes schema gets a lot simpler and has more trivial error redacting * v4.14.0-beta.1 Co-authored-by: Essential Randomness <[email protected]> Co-authored-by: Carmine DiMascio <[email protected]> * v4.14.0-beta.1 * Update README.md * Bump multer to version that removes dicer as sub-dependency (#739) * Bump multer to version that removes dicer as sub-dependency * use lockfile that gets us 1.4.4-lts.1 and not just 1.4.4 * Revert "use lockfile that gets us 1.4.4-lts.1 and not just 1.4.4" This reverts commit 0f1934ea485684bdc292e35ca68b6431e378adeb. * Update lockfile without upgrading lockfileVersion * Bump multer to 1.4.5 * v4.14.0-beta.2 * update ansi-regex * fixed router parameters (#762) * Fix #699 serdes missed on items in a collection, with tests. (#704) Thanks @Fabiencdp. * v5.0.0 with ajv8 * Update README.md * Update README.md * chore(deps): bump minimatch in /examples/4-eov-operations-babel (#768) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimatch in /examples/6-multi-file-spec (#767) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimatch in /examples/3-eov-operations (#766) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimatch in /examples/5-custom-operation-resolver (#765) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimatch from 3.0.4 to 3.1.2 in /examples/1-standard (#764) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimatch in /examples/2-standard-multiple-api-specs (#763) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimatch in /examples/8-top-level-discriminator (#761) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimatch from 3.0.4 to 3.1.2 in /examples/9-nestjs (#760) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump minimatch in /examples/7-response-date-serialization (#759) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump terser from 5.7.2 to 5.14.2 in /examples/9-nestjs (#750) Bumps [terser](https://github.com/terser/terser) from 5.7.2 to 5.14.2. - [Release notes](https://github.com/terser/terser/releases) - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](https://github.com/terser/terser/commits) --- updated-dependencies: - dependency-name: terser dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansi-regex from 3.0.0 to 3.0.1 in /examples/9-nestjs (#738) Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 3.0.0 to 3.0.1. - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1) --- updated-dependencies: - dependency-name: ansi-regex dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: upgrade body-parser from 1.19.0 to 1.19.1 (#691) Snyk has created this PR to upgrade body-parser from 1.19.0 to 1.19.1. See this package in npm: https://www.npmjs.com/package/body-parser See this project in Snyk: https://app.snyk.io/org/cdimascio/project/dc56b04d-b132-445b-bde8-64211be844c7?utm_source=github&utm_medium=referral&page=upgrade-pr * fix: upgrade body-parser from 1.19.0 to 1.19.1 (#690) Snyk has created this PR to upgrade body-parser from 1.19.0 to 1.19.1. See this package in npm: https://www.npmjs.com/package/body-parser See this project in Snyk: https://app.snyk.io/org/cdimascio/project/0ac9a5bd-9a7f-4c0e-bf8b-51d0bd4c4448?utm_source=github&utm_medium=referral&page=upgrade-pr * fix: upgrade body-parser from 1.19.0 to 1.19.1 (#689) Snyk has created this PR to upgrade body-parser from 1.19.0 to 1.19.1. See this package in npm: https://www.npmjs.com/package/body-parser See this project in Snyk: https://app.snyk.io/org/cdimascio/project/53639b22-8ff0-4bd5-97c3-ae30b20a20f4?utm_source=github&utm_medium=referral&page=upgrade-pr * chore(deps): bump minimist and @nestjs/cli in /examples/9-nestjs (#769) Bumps [minimist](https://github.com/minimistjs/minimist) to 1.2.6 and updates ancestor dependency [@nestjs/cli](https://github.com/nestjs/nest-cli). These dependencies need to be updated together. Updates `minimist` from 1.2.5 to 1.2.6 - [Release notes](https://github.com/minimistjs/minimist/releases) - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](https://github.com/minimistjs/minimist/compare/v1.2.5...v1.2.6) Updates `@nestjs/cli` from 8.1.2 to 8.2.8 - [Release notes](https://github.com/nestjs/nest-cli/releases) - [Changelog](https://github.com/nestjs/nest-cli/blob/master/.release-it.json) - [Commits](https://github.com/nestjs/nest-cli/compare/8.1.2...8.2.8) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect - dependency-name: "@nestjs/cli" dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * implement github actions workflow (#793) * implement github actions workflow * fix target * enhance SchemaObject type (#697) - Composition types: allOf, anyOf, oneOf and not are valid SchemaObjects * v5.0.1 * fix: objects in form-data (#730) Co-authored-by: dj <> * v5.0.2 * v5.0.2 * Rename field `error_code` to `errorCode` in `ValidationErrorItem` (#819) * FIx serialization/deserialization in additionalProperties (#822) * chore(deps): bump http-cache-semantics (#817) Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: upgrade content-type from 1.0.4 to 1.0.5 (#818) Snyk has created this PR to upgrade content-type from 1.0.4 to 1.0.5. See this package in npm: https://www.npmjs.com/package/content-type See this project in Snyk: https://app.snyk.io/org/cdimascio/project/f63fb44e-f154-45ba-b1f0-20d49ea578ce?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * chore(deps): bump http-cache-semantics (#816) Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump http-cache-semantics in /examples/6-multi-file-spec (#815) Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump http-cache-semantics (#814) Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump http-cache-semantics (#813) Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump http-cache-semantics in /examples/3-eov-operations (#812) Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump http-cache-semantics (#811) Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump http-cache-semantics in /examples/1-standard (#810) Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump cookiejar from 2.1.3 to 2.1.4 (#806) Bumps [cookiejar](https://github.com/bmeck/node-cookiejar) from 2.1.3 to 2.1.4. - [Release notes](https://github.com/bmeck/node-cookiejar/releases) - [Commits](https://github.com/bmeck/node-cookiejar/commits) --- updated-dependencies: - dependency-name: cookiejar dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump cookiejar from 2.1.2 to 2.1.4 in /examples/9-nestjs (#805) Bumps [cookiejar](https://github.com/bmeck/node-cookiejar) from 2.1.2 to 2.1.4. - [Release notes](https://github.com/bmeck/node-cookiejar/releases) - [Commits](https://github.com/bmeck/node-cookiejar/commits) --- updated-dependencies: - dependency-name: cookiejar dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump json5 in /examples/4-eov-operations-babel (#799) Bumps [json5](https://github.com/json5/json5) from 2.1.3 to 2.2.3. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](https://github.com/json5/json5/compare/v2.1.3...v2.2.3) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: upgrade body-parser from 1.19.0 to 1.20.1 (#798) Snyk has created this PR to upgrade body-parser from 1.19.0 to 1.20.1. See this package in npm: https://www.npmjs.com/package/body-parser See this project in Snyk: https://app.snyk.io/org/cdimascio/project/c52478e1-4b5f-464b-9b43-e11455d66bba?utm_source=github&utm_medium=referral&page=upgrade-pr * fix: upgrade ajv from 8.11.0 to 8.11.2 (#797) Snyk has created this PR to upgrade ajv from 8.11.0 to 8.11.2. See this package in npm: https://www.npmjs.com/package/ajv See this project in Snyk: https://app.snyk.io/org/cdimascio/project/f63fb44e-f154-45ba-b1f0-20d49ea578ce?utm_source=github&utm_medium=referral&page=upgrade-pr * chore(deps): bump json5 from 1.0.1 to 1.0.2 in /examples/9-nestjs (#801) Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * v5.0.3 * Switch json-schema-ref-parser to non-deprecated package (#829) * switch json-schema-ref-parser to new package @apidevtools/json-schema-ref-parser * revert lockfile version to 1 * fix: Deserialize custom types with inline schemas (#823) * v5.0.4 * fix documentation links * Remove examples from apiDoc when validating requests (#774) Co-authored-by: Michael Eller <[email protected]> * Resolve "reference resolves to more than one schema" errors when AJV processes OpenAPI document and encounters unknown properties whose values include an `id` parameter. (#853) * Fails to get past AJV error when schema includes `x-stoplight` property and is referenced. * Traverse the OpenAPI document, stripping all x-stoplight values. * fixing default export function issue (#846) Co-authored-by: Kesha Shah <[email protected]> * #841 return error thrown in serDes deserializer (#842) * Remove body-parser deps in example (#845) * chore: remove unused body-parser for examples/1-standard * chore: remove body-parser for examples/2-standard-multiple-api-specs * chore: remove unused body-parser for examples/3-eov-operations * chore: remove unused body-parser for examples/4-eov-operations-babel * chore: remove body-parser for examples/5-custom-operation-resolver * chore: remove body-parser for examples/6-multi-file-spec * chore: remove body-parser for examples/7-response-date-serialization * chore: remove body-parser for examples/8-top-level-discriminator * fix example schema removal and upgrade patch version * v5.0.5 change history * update version locks * Allow optional use of `req.url` (#857) * test: add test cases for new feature * feat: allow using req.url based on config --------- Co-authored-by: nikkegg <[email protected]> * Reorder upload and security middlewares (#866) - Move multipart middleware after security middleware so that security handlers can abort request pipeline before uploads are processed. Fixes #865 * Update build and packaging scripts (#872) - Add compile:release npm script to build the package without source maps. Decreases unpacked size from ~350KB to ~250KB. - Remove :windows variants of npm scripts - Add rimraf to handle cross-platform dir removal - Set "ts-node": { "files": true } in tsconfig.json so that it's not necessary to set env var TS_NODE_FILES - Remove unused assets/README.md (it does not appear to have been used for many years according to npmjs.com) - Use includes "files": [...] property in package.json to indicate dist/ should be included in the built npm package rather than maintaining a list of everything that should be excluded in .npmignore (which has been deleted) - Incorporate above mentioned updates into build.sh * v5.1.0 * v5.1.0 * Pass-through HttpError caught in multipart handler (#867) - Consumers of express-openapi-validator have access to the custom error types via exported object: error (e.g. error.BadRequest). - If the multipart handler throws, for example from the multer storage engine, check whether the err instance is already an HttpError. If so, it can be passed-through as is. This is mostly useful for setting the HTTP status code. * v5.1.1 * Safer handling of multipart nested JSON body props (#878) If a multipart request body has schema oneOf, anyOf, or allOf, then automatic parsing of JSON properties throws. An object is expected. Fix the error today and add a TODO to add support for nested JSON props in multipart requests that utilize oneOf, anyOf, or allOf. * Normalize request body ContentTypes (#863) Co-authored-by: Ray Vincent <[email protected]> * v5.1.1 * CLS Context is lost after using multer middleware (#695) related issue: https://github.com/expressjs/multer/issues/814 Used the solution described in the above link to fix the issue Co-authored-by: Alan Wang <[email protected]> * remove examples from schema (#890) * v5.1.3 * v5.1.3 * add cookies to examples 1 and 2 (#891) * remove examples from schema * add cookies to example 1 and 2 * docs: fix doc typo in README.md (#885) * npm audit fix (#892) * remove examples from schema * add cookies to example 1 and 2 * audit-fix * removes lodash.uniq and lodash.zipobject dependencies (#893) * fixes badging for build and test * Remove read only and write only fields (#895) * Fix problems in current test read.only according to the schema * #627 Remove readonly fields in : - requests if ``validateRequest.removeAdditional`` configuration equals ``true`` or ```'all'`` or ``'failing'`` - responses if ``validateResponse.removeAdditional`` configuration equals ``true`` or ```'all'`` or ``'failing'`` No changes if ``validateRequest = true``, ``validateResponse = true``, ``validateRequest.removeAdditional : false``, ``validateResponse.removeAdditional : false`` Unit tests added to check the behaviour with removeAdditional : true. Fields removed and no error in response. * Update README.md (#896) * Update CONTRIBUTING.md * Update README.md * Update README.md * fix: #887 allow multiple params with wildcard (#898) * Add multiple path parameters with wildcard tests * Change regex to support multiple params when including file path params (#1) * Change regex to support multiple params when including URI path param * Update regex, remove unnecessary bracket --------- Co-authored-by: Guillermo Recalde <[email protected]> * Direct example broken link to the guide * v5.1.4 * v5.1.4 * Support writeOnly + required combination #149 (#756) * fixes write-only tests * v5.1.5 * Fixes for 881 - multiple specs w/validateRequests fail (#903) * v5.1.6 * fix: upgrade @types/multer from 1.4.7 to 1.4.11 (#897) Snyk has created this PR to upgrade @types/multer from 1.4.7 to 1.4.11. See this package in npm: https://www.npmjs.com/package/@types/multer See this project in Snyk: https://app.snyk.io/org/cdimascio/project/f63fb44e-f154-45ba-b1f0-20d49ea578ce?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * Add multipart fix when does not exist any body (#905) * fix: upgrade path-to-regexp from 6.2.0 to 6.2.2 (#914) * fix: examples/4-eov-operations-babel/package.json & examples/4-eov-operations-babel/package-lock.json to reduce vulnerabilities (#911) * Add `express` as peer dependency (#907) * Support async operation handler resolver (#921) - Let users define operationHandlers.resolver as a synchronous or asynchronous function that returns a request handler - Make installOperationHandlers and asynchronous function that awaits a resolver promise (automatically wraps resolver with promise if needed) - Update operation handlers middleware to handle an async installOperationHandlers. * fix: package.json & package-lock.json to reduce vulnerabilities (#920) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-EXPRESS-6474509 Co-authored-by: snyk-bot <[email protected]> * chore(deps): bump webpack and @nestjs/cli in /examples/9-nestjs (#831) Bumps [webpack](https://github.com/webpack/webpack) to 5.76.2 and updates ancestor dependency [@nestjs/cli](https://github.com/nestjs/nest-cli). These dependencies need to be updated together. Updates `webpack` from 5.73.0 to 5.76.2 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](https://github.com/webpack/webpack/compare/v5.73.0...v5.76.2) Updates `@nestjs/cli` from 8.2.8 to 9.3.0 - [Release notes](https://github.com/nestjs/nest-cli/releases) - [Changelog](https://github.com/nestjs/nest-cli/blob/master/.release-it.json) - [Commits](https://github.com/nestjs/nest-cli/compare/8.2.8...9.3.0) --- updated-dependencies: - dependency-name: webpack dependency-type: indirect - dependency-name: "@nestjs/cli" dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependencies): bump @apidevtools/json-schema-ref-parser to 11.6.2 to prevent vulnerability (#918) * chore(deps): bump axios, @nestjs/common, @nestjs/core, @nestjs/platform-express and @nestjs/testing (#925) Removes [axios](https://github.com/axios/axios). It's no longer used after updating ancestor dependencies [axios](https://github.com/axios/axios), [@nestjs/common](https://github.com/nestjs/nest/tree/HEAD/packages/common), [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core), [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express) and [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing). These dependencies need to be updated together. Removes `axios` Updates `@nestjs/common` from 8.0.11 to 10.3.8 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v10.3.8/packages/common) Updates `@nestjs/core` from 8.4.7 to 10.3.8 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v10.3.8/packages/core) Updates `@nestjs/platform-express` from 8.4.7 to 10.3.8 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v10.3.8/packages/platform-express) Updates `@nestjs/testing` from 8.4.7 to 10.3.8 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v10.3.8/packages/testing) --- updated-dependencies: - dependency-name: axios dependency-type: indirect - dependency-name: "@nestjs/common" dependency-type: direct:production - dependency-name: "@nestjs/core" dependency-type: direct:production - dependency-name: "@nestjs/platform-express" dependency-type: direct:production - dependency-name: "@nestjs/testing" dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump @babel/traverse (#924) Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.15.4 to 7.24.6. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.6/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * upgrade example 4 * upgrade example 3 * upgrade ajv * chore: apiSpec may be const literal (#854) Co-authored-by: Carmine DiMascio <[email protected]> * pass coerceTypes through (#809) Co-authored-by: Carmine DiMascio <[email protected]> * add reponse serializer tests for arrays * v5.2.0 * v5.2.0 * Update LICENSE * chore(deps-dev): bump braces from 3.0.2 to 3.0.3 (#928) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Stripped query params for req.url branch arm (#942) Co-authored-by: g-radam <[email protected]> * fix: upgrade ajv from 8.14.0 to 8.15.0 (#938) Snyk has created this PR to upgrade ajv from 8.14.0 to 8.15.0. See this package in npm: ajv See this project in Snyk: https://app.snyk.io/org/cdimascio/project/f63fb44e-f154-45ba-b1f0-20d49ea578ce?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * fix: upgrade @apidevtools/json-schema-ref-parser from 11.6.2 to 11.6.4 (#937) Snyk has created this PR to upgrade @apidevtools/json-schema-ref-parser from 11.6.2 to 11.6.4. See this package in npm: @apidevtools/json-schema-ref-parser See this project in Snyk: https://app.snyk.io/org/cdimascio/project/f63fb44e-f154-45ba-b1f0-20d49ea578ce?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * fix: upgrade express-openapi-validator from 5.1.6 to 5.2.0 (#936) Snyk has created this PR to upgrade express-openapi-validator from 5.1.6 to 5.2.0. See this package in npm: express-openapi-validator See this project in Snyk: https://app.snyk.io/org/cdimascio/project/0ac9a5bd-9a7f-4c0e-bf8b-51d0bd4c4448?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * FIX: issue #917 (#935) Co-authored-by: Dušan Miška <[email protected]> * version 5.2.1 * version 5.3.1 * fix: upgrade express-openapi-validator from 5.1.6 to 5.2.0 (#944) Snyk has created this PR to upgrade express-openapi-validator from 5.1.6 to 5.2.0. See this package in npm: express-openapi-validator See this project in Snyk: https://app.snyk.io/org/cdimascio/project/dc56b04d-b132-445b-bde8-64211be844c7?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * fix: correct security schema logic for OR verification (#946) * version 5.3.2 * fix: upgrade @apidevtools/json-schema-ref-parser from 11.6.4 to 11.7.0 (#947) Snyk has created this PR to upgrade @apidevtools/json-schema-ref-parser from 11.6.4 to 11.7.0. See this package in npm: @apidevtools/json-schema-ref-parser See this project in Snyk: https://app.snyk.io/org/cdimascio/project/f63fb44e-f154-45ba-b1f0-20d49ea578ce?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * chore(deps-dev): bump ws from 7.5.5 to 7.5.10 in /examples/9-nestjs (#930) Bumps [ws](https://github.com/websockets/ws) from 7.5.5 to 7.5.10. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/7.5.5...7.5.10) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump braces in /examples/8-top-level-discriminator (#929) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: upgrade ajv from 8.15.0 to 8.17.1 (#945) Snyk has created this PR to upgrade ajv from 8.15.0 to 8.17.1. See this package in npm: ajv See this project in Snyk: https://app.snyk.io/org/cdimascio/project/f63fb44e-f154-45ba-b1f0-20d49ea578ce?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * chore(deps-dev): bump @babel/traverse in /examples/9-nestjs (#948) Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.15.4 to 7.25.4. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.25.4/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * version 5.3.3 * Update README.md * Use lenient resolver type (#956) In #921, a stronger type applied to OperationHandlerOptions['resolver'] so that end users would have an idea of what the parameters are for their custom resolvers. It went too far in stipulating a return type. Set the return type to unknown and let users decide how much type safety they need in their resolver. Fixes #952 * Change AJV allErrors default and support user setting (#955) * Support setting allErrors for AJV validation AJV recommends setting option `allErrors` to `false` in production. pdate `createAjv()` to respect the user's setting. Avoid introducing a breaking change by defaulting to `true` when not defined by the user. Add tests: 1. Make sure `AjvOptions` sets the value appropriately based on whether the end user defined `allErrors` or not. 2. When validating requests, make sure the number of errors reported (when multiple occur) is 1 when `allErrors` is `false`. The `allErrors` configuration for OpenAPISchemaValidator is not changed by this commit since that validation is for trusted content. Fixes #954 * (Revisions) Support setting allErrors for AJV validation - Do not set allErrors by default **breaking change** * (Revisions) Support setting allErrors for AJV validation - Allow allErrors to be set on requests and responses independently * v5.3.4 * update README * [StepSecurity] ci: Harden GitHub Actions (#959) Signed-off-by: StepSecurity Bot <[email protected]> * chore(deps): bump webpack and @nestjs/cli in /examples/9-nestjs (#953) Bumps [webpack](https://github.com/webpack/webpack) to 5.94.0 and updates ancestor dependency [@nestjs/cli](https://github.com/nestjs/nest-cli). These dependencies need to be updated together. Updates `webpack` from 5.76.2 to 5.94.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](https://github.com/webpack/webpack/compare/v5.76.2...v5.94.0) Updates `@nestjs/cli` from 9.3.0 to 10.4.5 - [Release notes](https://github.com/nestjs/nest-cli/releases) - [Changelog](https://github.com/nestjs/nest-cli/blob/master/.release-it.json) - [Commits](https://github.com/nestjs/nest-cli/compare/9.3.0...10.4.5) --- updated-dependencies: - dependency-name: webpack dependency-type: indirect - dependency-name: "@nestjs/cli" dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump braces in /examples/4-eov-operations-babel (#957) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump braces in /examples/5-custom-operation-resolver (#958) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: upgrade express-openapi-validator from 5.2.0 to 5.3.1 (#951) Snyk has created this PR to upgrade express-openapi-validator from 5.2.0 to 5.3.1. See this package in npm: express-openapi-validator See this project in Snyk: https://app.snyk.io/org/cdimascio/project/0ac9a5bd-9a7f-4c0e-bf8b-51d0bd4c4448?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * Fix changelog breaking changes notice (#961) The breaking change included in entry (2024-08-31) was not added correctly. Fix it. * fix: Dereference path parameters (#962) The OpenAPI spec loader has a `discoverRoutes` method which explores an OpenAPI document and gathers information about the paths and parameters used. The list of discovered path parameters is used to install parameter-specific middleware in `src/openapi.validator.ts#installPathParams` Path parameters declared with `$ref` were not detected in the `discoverRoutes` implementation, leading to the un-coerced values being used. By dereferencing each path parameter when building this list, we should see the same behavior for referenced path parameters and for inline path parameters. Closes https://github.com/cdimascio/express-openapi-validator/issues/803 * v5.3.5 * chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /examples/9-nestjs (#964) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump braces in /examples/7-response-date-serialization (#963) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: upgrade express-openapi-validator from 5.2.0 to 5.3.1 (#960) Snyk has created this PR to upgrade express-openapi-validator from 5.2.0 to 5.3.1. See this package in npm: express-openapi-validator See this project in Snyk: https://app.snyk.io/org/cdimascio/project/dc56b04d-b132-445b-bde8-64211be844c7?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * Update README.md * Update README.md * bodyParsers is deprecated so update with expess bodyParsers (#974) * Change path-to-regexp 6.2.2 to 6.3.0 * express version update * bodyParsers is deprecated so update with expess bodyParsers * update express to 4.21.0 * v5.3.6 * feat(path-to-regexp): path-to-regexp 8.1.0 update (#976) * feat(path-to-regexp): path-to-regexp update to 8.1.0 * feat(path-to-regexp): cleanup notes for PR * feat(path-to-regexp): potential version bump if approved * feat(path-to-regexp): pr change request + added notes for changes --------- Co-authored-by: fkeefer <[email protected]> Co-authored-by: Carmine DiMascio <[email protected]> * fix: upgrade @types/multer from 1.4.11 to 1.4.12 (#983) Snyk has created this PR to upgrade @types/multer from 1.4.11 to 1.4.12. See this package in npm: @types/multer See this project in Snyk: https://app.snyk.io/org/cdimascio/project/f63fb44e-f154-45ba-b1f0-20d49ea578ce?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * v5.3.7 * fix: examples/3-eov-operations/package.json & examples/3-eov-operations/package-lock.json to reduce vulnerabilities (#989) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106 Co-authored-by: snyk-bot <[email protected]> * fix: examples/4-eov-operations-babel/package.json & examples/4-eov-operations-babel/package-lock.json to reduce vulnerabilities (#988) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106 Co-authored-by: snyk-bot <[email protected]> * fix: examples/2-standard-multiple-api-specs/package.json & examples/2-standard-multiple-api-specs/package-lock.json to reduce vulnerabilities (#987) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106 Co-authored-by: snyk-bot <[email protected]> * fix: examples/1-standard/package.json & examples/1-standard/package-lock.json to reduce vulnerabilities (#986) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106 Co-authored-by: snyk-bot <[email protected]> * Update README.md * Update README.md * chore(deps): bump body-parser and @nestjs/platform-express (#990) Bumps [body-parser](https://github.com/expressjs/body-parser) to 1.20.3 and updates ancestor dependency [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express). These dependencies need to be updated together. Updates `body-parser` from 1.20.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3) Updates `@nestjs/platform-express` from 10.3.8 to 10.4.3 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v10.4.3/packages/platform-express) --- updated-dependencies: - dependency-name: body-parser dependency-type: indirect - dependency-name: "@nestjs/platform-express" dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: package.json & package-lock.json to reduce vulnerabilities (#993) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-COOKIE-8163060 Co-authored-by: snyk-bot <[email protected]> * fix: upgrade express-openapi-validator from 5.3.6 to 5.3.7 (#995) Snyk has created this PR to upgrade express-openapi-validator from 5.3.6 to 5.3.7. See this package in npm: https://www.npmjs.com/package/express-openapi-validator See this project in Snyk: https://app.snyk.io/org/cdimascio/project/dc56b04d-b132-445b-bde8-64211be844c7?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * chore(deps): bump cookie and cookie-parser (#996) Bumps [cookie](https://github.com/jshttp/cookie) to 0.7.1 and updates ancestor dependency [cookie-parser](https://github.com/expressjs/cookie-parser). These dependencies need to be updated together. Updates `cookie` from 0.4.1 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](https://github.com/jshttp/cookie/compare/v0.4.1...v0.7.1) Updates `cookie-parser` from 1.4.6 to 1.4.7 - [Release notes](https://github.com/expressjs/cookie-parser/releases) - [Changelog](https://github.com/expressjs/cookie-parser/blob/master/HISTORY.md) - [Commits](https://github.com/expressjs/cookie-parser/compare/1.4.6...1.4.7) --- updated-dependencies: - dependency-name: cookie dependency-type: indirect - dependency-name: cookie-parser dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump path-to-regexp (#997) Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) from 6.2.0 to 6.3.0. - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](https://github.com/pillarjs/path-to-regexp/compare/v6.2.0...v6.3.0) --- updated-dependencies: - dependency-name: path-to-regexp dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: examples/4-eov-operations-babel/package.json & examples/4-eov-operations-babel/package-lock.json to reduce vulnerabilities (#994) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-COOKIE-8163060 Co-authored-by: snyk-bot <[email protected]> * example 6 enhancements * Create SECURITY.md (#999) * fix: add cookie support for HTTP bearer authentication (#949) * fix: add cookie support for HTTP bearer authentication - Updated validateHttp() to handle bearer tokens in both authorization header and cookies. - Adapted logic to ensure flexibility for projects using HTTP-only cookies instead of headers for authentication. * fix: Refine HTTP authentication validation based on code review feedback - Maintain existing error for missing Authorization header - Add specific error for cookie authentication when specified in security scheme - Consider both Authorization header and cookie for bearer token validation * fix: Revert unintended code style changes made during previous commit * fix: Revert unintended code style changes made during previous commit * fix: fix: update validateHttp to handle missing auth headers properly - Restructure Basic auth validation to check header existence first - Maintain original error messages for non-cookie authentication - Add proper cookie authentication check when specified - Fix undefined.includes() error in Basic auth validation * v5.3.8 * chore(deps): bump cookie and express in /examples/3-eov-operations (#1002) Bumps [cookie](https://github.com/jshttp/cookie) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `cookie` from 0.6.0 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.1) Updates `express` from 4.19.2 to 4.21.1 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.1/History.md) - [Commits](https://github.com/expressjs/express/compare/4.19.2...4.21.1) --- updated-dependencies: - dependency-name: cookie dependency-type: indirect - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: fix authHeader without `cookie-parser` middleware (#1003) [express-openapi-validator v5.8.3][1] and 79424b2 (fix: add cookie support for HTTP bearer authentication (#949), 2024-10-27) breaks HTTP bearer authentication when the `cookie-parser` middleware is not present (and therefore `req.cookies` is not present). [1]: https://github.com/cdimascio/express-openapi-validator/releases/tag/v5.3.8 Fixes: 79424b26137fd0ad2e73f37b689e9ade2618bbc4 * v5.3.9 * fix: upgrade express-openapi-validator from 5.3.6 to 5.3.7 (#1001) …
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.