apipie-rails 0.5.20 → 1.2.3

data/.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+  "rubyLsp.bundleGemfile": "gemfiles/Gemfile.tools"
+}

data/CHANGELOG.md

@@ -1,5 +1,149 @@
  Changelog
 ===========
+
+## [v1.2.3](https://github.com/Apipie/apipie-rails/tree/v1.2.3) (2023-10-11)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v1.2.2...v1.2.3)
+* Fix param: Consider default_value: nil as valid config ([#894](https://github.com/Apipie/apipie-rails/pull/894)) (davidwessman)
+
+## [v1.2.2](https://github.com/Apipie/apipie-rails/tree/v1.2.2) (2023-07-18)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v1.2.1...v1.2.2)
+* Fixed Swagger warnings for properties ([#892](https://github.com/Apipie/apipie-rails/pull/892)) (shev-vadim-net)
+* Improved support for multipart/form-data example recording ([#891](https://github.com/Apipie/apipie-rails/pull/891)) (Butiri Cristian & hossenlopp)
+* rubocop (1.54.2) fixes required with latest version ([#893](https://github.com/Apipie/apipie-rails/pull/893)) (Mathieu Jobin)
+
+## [v1.2.1](https://github.com/Apipie/apipie-rails/tree/v1.2.1) (2023-06-09)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v1.2.0...v1.2.1)
+* rspec: Fixes deprecated matcher ([#882](https://github.com/Apipie/apipie-rails/pull/882)) (David Wessman)
+* Fix streaming bug ([#677](https://github.com/Apipie/apipie-rails/pull/677)) (Hunter Braun)
+* Update README URLs based on HTTP redirects ([#448](https://github.com/Apipie/apipie-rails/pull/448)) (ReadmeCritic)
+* Swagger: Adds option to skip default tags ([#881](https://github.com/Apipie/apipie-rails/pull/881)) (David Wessman)
+* Parameter validation: Raises error for all missing ([#886](https://github.com/Apipie/apipie-rails/pull/886)) (David Wessman)
+
+## [v1.2.0](https://github.com/Apipie/apipie-rails/tree/v1.2.0) (2023-06-03)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v1.1.0...v1.2.0)
+* Allow resource_name to be inherited ([#872](https://github.com/Apipie/apipie-rails/pull/872)) (Eric Hankins)
+* Fix cache rendering with namespaced resources ([#874](https://github.com/Apipie/apipie-rails/pull/874)) (Eric Hankins)
+* Fix deprecated content_type on Rails >= 6 ([#879](https://github.com/Apipie/apipie-rails/pull/879)) (Eric Hankins)
+* Fix typo in Collector ([#877](https://github.com/Apipie/apipie-rails/pull/877)) (Eric Hankins)
+* Fix error climbing controller hierarchy ([#875](https://github.com/Apipie/apipie-rails/pull/875)) (Eric Hankins)
+* Add Gemfile.tools for IDE usage ([#876](https://github.com/Apipie/apipie-rails/pull/876)) (Eric Hankins)
+* Fix rubocop ([#883](https://github.com/Apipie/apipie-rails/pull/883)) (Mathieu Jobin)
+* Performance/InefficientHashSearch-20230602233137 ([#884](https://github.com/Apipie/apipie-rails/pull/884)) (RuboCop challenger)
+* Redo Github action script to not need individual gemfiles ([#885](https://github.com/Apipie/apipie-rails/pull/885)) (Mathieu Jobin)
+
+## [v1.1.0](https://github.com/Apipie/apipie-rails/tree/v1.1.0) (2023-05-16)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v1.0.0...v1.1.0)
+* Improve performance of route detection [#870](https://github.com/Apipie/apipie-rails/pull/870) (Eric Hankins)
+* Fix startup crash due to typo [#869](https://github.com/Apipie/apipie-rails/pull/869) (Eric Hankins)
+* Skip parse body for pdf responses [#871](https://github.com/Apipie/apipie-rails/pull/871) (Juan Gomez)
+* add missing 'returns' translation [#868](https://github.com/Apipie/apipie-rails/pull/868) (Anthony Robertson)
+
+## [v1.0.0](https://github.com/Apipie/apipie-rails/tree/v1.0.0) (2023-04-26)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.9.4...v1.0.0)
+* Refactor Swagger generator [#816](https://github.com/Apipie/apipie-rails/pull/816) (Panos Dalitsouris)
+* Take into account validator options for `required` ParamDescription [#863](https://github.com/Apipie/apipie-rails/pull/863) (Panos Dalitsouris)
+* Replace `get_resource_name` with `get_resource_id` [#864](https://github.com/Apipie/apipie-rails/pull/864) (Panos Dalitsouris)
+* Namespace swagger configuration [#862](https://github.com/Apipie/apipie-rails/pull/862) (Panos Dalitsouris)
+* Allow boolean array `[true, false]` to be a valid argument for BooleanValidator [#848](https://github.com/Apipie/apipie-rails/pull/848) (Panos Dalitsouris)
+* Fix swagger warnings [#865](https://github.com/Apipie/apipie-rails/pull/865) (Panos Dalitsouris)
+* Update README - Adds the new Integer option you added recently to the documentation here. [#866](https://github.com/Apipie/apipie-rails/pull/866) (Jeremy Lupoli)
+* [Rubocop] More Rubocop Auto corrections [#859](https://github.com/Apipie/apipie-rails/pull/859)
+
+## [v0.9.4](https://github.com/Apipie/apipie-rails/tree/v0.9.4) (2023-04-11)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.9.3...v0.9.4)
+* [Fix] Separate nested resource name [#855](https://github.com/Apipie/apipie-rails/pull/855), [#455](https://github.com/Apipie/apipie-rails/issues/455) (Panos Dalitsouris)
+* [Rubocop] Disable a few Rubocop Rules, run Rubocop with ruby 3.2 [#851](https://github.com/Apipie/apipie-rails/pull/851), [#853](https://github.com/Apipie/apipie-rails/pull/853), [#840](https://github.com/Apipie/apipie-rails/pull/840), [#841](https://github.com/Apipie/apipie-rails/pull/841) (Panos Dalitsouris)
+* [Rubocop] More Rubocop Auto corrections [#858](https://github.com/Apipie/apipie-rails/pull/858), [#849](https://github.com/Apipie/apipie-rails/pull/849), [#850](https://github.com/Apipie/apipie-rails/pull/850), [#844](https://github.com/Apipie/apipie-rails/pull/844), [#846](https://github.com/Apipie/apipie-rails/pull/846), [#834](https://github.com/Apipie/apipie-rails/pull/834), [#847](https://github.com/Apipie/apipie-rails/pull/847) (Rubocop Challenger)
+
+## [v0.9.3](https://github.com/Apipie/apipie-rails/tree/v0.9.3) (2023-03-08)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.9.2...v0.9.3)
+* [Feature] Allow Apipie::ParamDescription to be marked as deprecated [#819](https://github.com/Apipie/apipie-rails/pull/819), [#811](https://github.com/Apipie/apipie-rails/pull/811) (Panos Dalitsouris)
+* [Fix] Make html markup thread safe ([#822](https://github.com/Apipie/apipie-rails/issues/822)) (Adam Růžička)
+* [Feature] Allow action matcher strategy to be configured [#821](https://github.com/Apipie/apipie-rails/pull/821) (Panos Dalitsouris)
+* [CI] Run Rubocop when opening PR [#826](https://github.com/Apipie/apipie-rails/pull/826) (Panos Dalitsouris)
+* [CI] Green rubocop - Fix after rubocop challenger upgrade [#829](https://github.com/Apipie/apipie-rails/pull/829) (Mathieu Jobin)
+* [Rubocop] More Rubocop Auto corrections [#818](https://github.com/Apipie/apipie-rails/pull/818), [#825](https://github.com/Apipie/apipie-rails/pull/825), [#827](https://github.com/Apipie/apipie-rails/pull/827), [#837](https://github.com/Apipie/apipie-rails/pull/837), [#839](https://github.com/Apipie/apipie-rails/pull/839) (Rubocop Challenger)
+
+## [v0.9.2](https://github.com/Apipie/apipie-rails/tree/v0.9.2) (2023-02-07)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.9.1...v0.9.2)
+* [Rubocop] More Rubocop Auto corrections [#795](https://github.com/Apipie/apipie-rails/pull/795), [#781](https://github.com/Apipie/apipie-rails/pull/781), [#791](https://github.com/Apipie/apipie-rails/pull/791), [#788](https://github.com/Apipie/apipie-rails/pull/788) (Rubocop Challenger)
+* [Fix] Can't include translation in full description ([#446](https://github.com/Apipie/apipie-rails/issues/446)) [#808](https://github.com/Apipie/apipie-rails/pull/808) (Peter Nagy)
+* [Refactor] Move swagger param description creation [#810](https://github.com/Apipie/apipie-rails/pull/810) (Panos Dalitsouris)
+* [Rubocop] Redo rubocop TODOs, set HashSyntax config to most used style [#814](https://github.com/Apipie/apipie-rails/pull/814) (Mathieu Jobin)
+* [Fix] Swagger missing i18n [#815](https://github.com/Apipie/apipie-rails/pull/815) (@jirubio)
+
+## [v0.9.1](https://github.com/Apipie/apipie-rails/tree/v0.9.1) (2023-01-16)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.9.0...v0.9.1)
+* [Refactor] Create test cache files under a not version controlled directory [#809](https://github.com/Apipie/apipie-rails/pull/809) (Panos Dalitsouris)
+* [Ruby] Support for Ruby 3.2 [#807](https://github.com/Apipie/apipie-rails/pull/807) (Mathieu Jobin)
+* [Fix] Reverted conditional assignment operators that caused #559 [#806](https://github.com/Apipie/apipie-rails/pull/806) (Nick L. Deltik)
+* [Rubocop] Autocorrect Style/SymbolProc [#793](https://github.com/Apipie/apipie-rails/pull/793) (Rubocop Challenger)
+
+## [v0.9.0](https://github.com/Apipie/apipie-rails/tree/v0.9.0) (2023-01-03)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.8.2...v0.9.0)
+* [Refactor] Move Swagger types and warnings under `/generator` namespace [#803](https://github.com/Apipie/apipie-rails/pull/803) (Panos Dalitsouris)
+* [Refactor] Creates `Apipie::MethodDescription::ApisService` [#805](https://github.com/Apipie/apipie-rails/pull/805) (Panos Dalitsouris)
+* [Refactor] Change output folder to `spec/dummy/tmp/` [#804](https://github.com/Apipie/apipie-rails/pull/804) (Panos Dalitsouris)
+* Fix tiny typo in docs [#798](https://github.com/Apipie/apipie-rails/pull/798) (Erik-B. Ernst)
+* Fix Generated docs.json output [#787](https://github.com/Apipie/apipie-rails/pull/787) (Jeremy Liberman)
+* Rubocop Fixes [#775](https://github.com/Apipie/apipie-rails/pull/775), [#778](https://github.com/Apipie/apipie-rails/pull/778), [#780](https://github.com/Apipie/apipie-rails/pull/780), [#790](https://github.com/Apipie/apipie-rails/pull/790), [#783](https://github.com/Apipie/apipie-rails/pull/783), [#785](https://github.com/Apipie/apipie-rails/pull/785) (RuboCop)
+* Remove/clean up dev dependencies and unused rake tasks [#777](https://github.com/Apipie/apipie-rails/pull/777) (Mathieu Jobin)
+    - remove unused rake task
+* Setup Rubocop Challenger [#776](https://github.com/Apipie/apipie-rails/pull/776) (Mathieu Jobin)
+
+## [v0.8.2](https://github.com/Apipie/apipie-rails/tree/v0.8.2) (2022-09-03)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.8.1...v0.8.2)
+* Allow custom validators to opt out of allow_blank behavior [#762](https://github.com/Apipie/apipie-rails/pull/762).  (Stephen Hanson)
+* Enforce test coverage, set current 89% as minimum [#764](https://github.com/Apipie/apipie-rails/pull/764). (Mathieu Jobin)
+* Add contributing instructions to readme [#763](https://github.com/Apipie/apipie-rails/pull/763).  (Stephen Hanson)
+* Fix readme formatting [#765](https://github.com/Apipie/apipie-rails/pull/765).  (Stephen Hanson)
+* Adds expected_type to IntegerValidator example [#769](https://github.com/Apipie/apipie-rails/pull/769).  (Jeremy Liberman)
+* Update readme with error handling example [#768](https://github.com/Apipie/apipie-rails/pull/768).  (Jesse Eisenberg)
+* Fix scope incorrectly set to nil when a param_group is used inside an array_of_hash and the param_group is in a different module / controller. [#693](https://github.com/Apipie/apipie-rails/pull/693) [#774](https://github.com/Apipie/apipie-rails/pull/774).  (Omkar Joshi / Oliver Iyer)
+
+## [v0.8.1](https://github.com/Apipie/apipie-rails/tree/v0.8.1) (2022-05-26)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.8.0...v0.8.1)
+* Remove warning that came back as of [#752](https://github.com/Apipie/apipie-rails/pull/752). [#761](https://github.com/Apipie/apipie-rails/pull/761) (Jorge Santos / Mathieu Jobin)
+
+## [v0.8.0](https://github.com/Apipie/apipie-rails/tree/v0.8.0) (2022-05-24)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.7.2...v0.8.0)
+* Add support for scheme definition in Swagger docs. [#710](https://github.com/Apipie/apipie-rails/pull/710) (Dan Leyden)
+* Add support for Rails 7 [#760](https://github.com/Apipie/apipie-rails/pull/760) (Mathieu Jobin)
+* Clean up code base, removing all trace of unsupported Rails 4.x [#752](https://github.com/Apipie/apipie-rails/pull/752) (Mathieu Jobin)
+* fix: Controller resource set before version [#744](https://github.com/Apipie/apipie-rails/pull/744) (LuukvH)
+* fix: enable swagger generator to add referenced schema for an array of hashes param [#689](https://github.com/Apipie/apipie-rails/pull/689) (Francis San Juan)
+
+## [v0.7.2](https://github.com/Apipie/apipie-rails/tree/v0.7.2) (2022-04-19)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.7.1...v0.7.2)
+* Added Korean locale. [#480](https://github.com/Apipie/apipie-rails/pull/480) (Jaehyun Shin ) [#757](https://github.com/Apipie/apipie-rails/pull/757) (Jorge Santos)
+* `Security` Upgraded Bootstrap from 2.0.2 to 2.3.2, JQuery from 1.11.3 to 1.12.4 [#708](https://github.com/Apipie/apipie-rails/pull/708) (Nicolas Waissbluth)
+* Fix ruby2 keyword argument warning [#756](https://github.com/Apipie/apipie-rails/pull/756) (Jorge Santos)
+
+## [v0.7.1](https://github.com/Apipie/apipie-rails/tree/v0.7.1) (2022-04-06)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.7.0...v0.7.1)
+* Skip extra parameters while validating the keys. [#690](https://github.com/Apipie/apipie-rails/pull/690) (Omkar Joshi)
+* Support defining security mechanisms for Swagger [#711](https://github.com/Apipie/apipie-rails/pull/711) (Dan Leyden)
+* Update boolean handling of false [#749](https://github.com/Apipie/apipie-rails/pull/749) (Colin Bruce)
+
+Note: Up until and including v0.6.x, apipie-rails was silently ignoring allow_blank == false on String validation.
+when allow_blank is not specified, it default to false. to allow blank strings, you must specify it as a parameter.
+
+Alternatively, if you want to revert to the previous behavior, you can set this configuration option:
+`Apipie.configuration.ignore_allow_blank_false = true`.
+
+## [v0.7.0](https://github.com/Apipie/apipie-rails/tree/v0.7.0) (2022-03-30)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.6.0...v0.7.0)
+* ArgumentError (invalid byte sequence in UTF-8) [#746](https://github.com/Apipie/apipie-rails/pull/746) (David Milanese)
+* Fix allow_blank does not work [#733](https://github.com/Apipie/apipie-rails/pull/733) (CHEN Song)
+* Fix schema generation for param descriptions using the array validator in option [#732](https://github.com/Apipie/apipie-rails/pull/732) (Frank Hock)
+* Remove support for Rails 4 and Ruby <= 2.5 [#747](https://github.com/Apipie/apipie-rails/pull/747) (Mathieu Jobin)
+
+## [v0.6.0](https://github.com/Apipie/apipie-rails/tree/v0.6.0) (2022-03-29)
+[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.5.20...v0.6.0)
+* Ruby 3.0 fixes [#716](https://github.com/Apipie/apipie-rails/pull/716) (hank-spokeo)
+* only depends on actionpack and activesupport [#741](https://github.com/Apipie/apipie-rails/pull/741) (Mathieu Jobin)
+* language fix, fallback to default locale [#726](https://github.com/Apipie/apipie-rails/pull/726) (Alex Coomans)
+
 ## [v0.5.20](https://github.com/Apipie/apipie-rails/tree/v0.5.20) (2022-03-16)
 [Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.5.19...v0.5.20)
 * Update rel-eng (Oleh Fedorenko)

data/Gemfile

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+gemspec path: '.'
+
+# use ENV vars, with default value as fallback for local setup
+ruby(ENV['RUBY_VERSION'] || '3.2.2')
+gem 'actionpack', "~> #{ENV['RAILS_VERSION'] || '7.0'}.0"
+gem 'activesupport', "~> #{ENV['RAILS_VERSION'] || '7.0'}.0"
+
+gem 'mime-types' # , '~> 3.0'
+gem 'rails-controller-testing'
+gem 'rspec-rails' # , '~> 5.0'
+
+# net-smtp not included by default in Ruby 3.1
+# Will be fixed by https://github.com/mikel/mail/pull/1439
+gem 'net-smtp', require: false if Gem.ruby_version >= Gem::Version.new('3.1.0')
+
+gem 'test_engine', path: './spec/dummy/components/test_engine', group: :test

data/README.rst

@@ -2,8 +2,8 @@
  API Documentation Tool
 ========================
 
-.. image:: https://travis-ci.org/Apipie/apipie-rails.svg?branch=master
-    :target: https://travis-ci.org/Apipie/apipie-rails
+.. image:: https://github.com/Apipie/apipie-rails/actions/workflows/build.yml/badge.svg
+    :target: https://github.com/Apipie/apipie-rails/actions/workflows/build.yml
 .. image:: https://codeclimate.com/github/Apipie/apipie-rails.svg
     :target: https://codeclimate.com/github/Apipie/apipie-rails
 .. image:: https://badges.gitter.im/Apipie/apipie-rails.svg
@@ -56,7 +56,7 @@ Run your application and see the result at
 use ``http://localhost:3000/apipie.json``.
 
 For a more comprehensive getting started guide, see
-`this demo <https://github.com/iNecas/apipie-demo>`_, which includes
+`this demo <https://github.com/Apipie/apipie-demo>`_, which includes
 features such as generating documentation from tests, recording examples etc.
 
 Screenshots
@@ -78,7 +78,7 @@ See `Contributors page  <https://github.com/Apipie/apipie-rails/graphs/contribut
 License
 -------
 
-Apipie-rails is released under the `MIT License <http://opensource.org/licenses/MIT>`_
+Apipie-rails is released under the `MIT License <https://opensource.org/licenses/MIT>`_
 
 ===============
  Documentation
@@ -108,6 +108,10 @@ resource_id
 name
   Human readable name of resource. By default ``class.name.humanize`` is used.
 
+  - Can be specified as a proc, which will receive the controller class as an argument.
+  - Can be a symbol, which will be sent to the controller class to get the name.
+  - Can be a string, which will be used as is.
+
 short (also short_description)
   Short description of the resource (it's shown on both the list of resources, and resource details)
 
@@ -150,7 +154,7 @@ Example:
    resource_description do
      short 'Site members'
      formats ['json']
-     param :id, Fixnum, :desc => "User ID", :required => false
+     param :id, Integer, :desc => "User ID", :required => false
      param :resource_param, Hash, :desc => 'Param description for all methods' do
        param :ausername, String, :desc => "Username for login", :required => true
        param :apassword, String, :desc => "Password for login", :required => true
@@ -355,6 +359,22 @@ Example:
      #...
    end
 
+deprecated
+  Indicates if the parameter is marked as deprecated.
+
+Example
+~~~~~~~~
+
+.. code:: ruby
+
+   param :pet_name, String, desc: "Name of pet", deprecated: true
+   param :pet_name, String, desc: "Name of pet", deprecated: 'Some deprecation info'
+   param :pet_name, String, desc: "Name of pet", deprecated: { in: "2.3", info: "Something", sunset: "3.0" }
+   def create
+     #...
+   end
+
+
 DRY with param_group
 --------------------
 
@@ -966,6 +986,9 @@ validate_presence
 validate_key
   Check the received params to ensure they are defined in the API. (false by default)
 
+action_on_non_validated_keys
+  Either `:raise` or `:skip`. If `validate_key` fails, raise error or delete the non-validated key from the params and log the key (`:raise` by default)
+
 process_params
   Process and extract the parameter defined from the params of the request
   to the api_params variable
@@ -979,6 +1002,9 @@ reload_controllers
 api_controllers_matcher
   For reloading to work properly you need to specify where your API controllers are. Can be an array if multiple paths are needed
 
+api_action_matcher
+  Determines the strategy to identity the correct controller action. Needs to be a class that implements a `.call(controller)` method
+
 api_routes
   Set if your application uses a custom API router, different from the Rails
   default
@@ -1021,6 +1047,10 @@ authorize
 show_all_examples
   Set this to true to set show_in_doc=1 in all recorded examples
 
+ignore_allow_blank_false
+  `allow_blank: false` was incorrectly ignored up until version 0.6.0, this bug was fixed in 0.7.0
+  if you need the old behavior, set this to true
+
 link_extension
   The extension to use for API pages ('.html' by default). Link extensions
   in static API docs cannot be changed from '.html'.
@@ -1056,6 +1086,7 @@ Example:
      config.markup = Apipie::Markup::Markdown.new
      config.reload_controllers = Rails.env.development?
      config.api_controllers_matcher = File.join(Rails.root, "app", "controllers", "**","*.rb")
+     config.api_action_matcher = proc { |controller| controller.params[:action] }
      config.api_routes = Rails.application.routes
      config.app_info["1.0"] = "
        This is where you can inform user about your application and API
@@ -1149,6 +1180,21 @@ is raised and can be rescued and processed. It contains a description
 of the parameter value expectations. Validations can be turned off
 in the configuration file.
 
+Here is an example of how to rescue and process a +ParamMissing+ or
++ParamInvalid+ error from within the ApplicationController.
+
+.. code:: ruby
+
+  class ApplicationController < ActionController::Base
+
+    # ParamError is superclass of ParamMissing, ParamInvalid
+    rescue_from Apipie::ParamError do |e|
+      render text: e.message, status: :unprocessable_entity
+    end
+
+    # ...
+  end
+
 Parameter validation normally happens after before_actions, just before
 your controller method is invoked. If you prefer to control when parameter
 validation occurs, set the configuration parameter ``validate`` to ``:explicitly``.
@@ -1163,7 +1209,7 @@ after the ``apipie_validations`` before_action.
 
 TypeValidator
 -------------
-Check the parameter type. Only String, Hash and Array are supported
+Check the parameter type. Only String, Integer, Hash and Array are supported
 for the sake of simplicity. Read more to find out how to add
 your own validator.
 
@@ -1353,7 +1399,7 @@ So we create apipie_validators.rb initializer with this content:
      end
 
      def self.build(param_description, argument, options, block)
-       if argument == Integer || argument == Fixnum
+       if argument == Integer
          self.new(param_description, argument)
        end
      end
@@ -1361,6 +1407,10 @@ So we create apipie_validators.rb initializer with this content:
      def description
        "Must be #{@type}."
      end
+
+     def expected_type
+       'numeric'
+     end
    end
 
 Parameters of the build method:
@@ -1378,6 +1428,16 @@ options
 block
   Block converted into Proc, use it as you desire. In this example nil.
 
+If your validator includes valid values that respond true to `.blank?`, you
+should also define:
+
+.. code:: ruby
+
+   def ignore_allow_blank?
+     true
+   end
+
+so that the validation does not fail for valid values.
 
 ============
  Versioning
@@ -1608,7 +1668,7 @@ Swagger-Specific Configuration Parameters
 
 There are several configuration parameters that determine the structure of the generated swagger file:
 
-``config.swagger_content_type_input``
+``config.generator.swagger.content_type_input``
     If the value is ``:form_data`` - the swagger file will indicate that the server consumes the content types
     ``application/x-www-form-urlencoded`` and ``multipart/form-data``.  Non-path parameters will have the
     value ``"in": "formData"``.  Note that parameters of type Hash that do not have any fields in them will *be ommitted*
@@ -1621,38 +1681,58 @@ There are several configuration parameters that determine the structure of the g
     You can specify the value of this configuration parameter as an additional input to the rake command (e.g.,
     ``rake apipie:static_swagger_json[2.0,form_data]``).
 
-``config.swagger_json_input_uses_refs``
-    This parameter is only relevant if ``swagger_content_type_input`` is ``:json``.
+``config.generator.swagger.json_input_uses_refs``
+    This parameter is only relevant if ``swagger.content_type_input`` is ``:json``.
 
     If ``true``: the schema of the ``"in": "body"`` parameter of each method is given its own entry in the ``definitions``
     section, and is referenced using ``$ref`` from the method definition.
 
     If ``false``: the body parameter definitions are inlined within the method definitions.
 
-``config.swagger_include_warning_tags``
+``config.generator.swagger.include_warning_tags``
     If ``true``: in addition to tagging methods with the name of the resource they belong to, methods for which warnings
     have been issued will be tagged with.
 
-``config.swagger_suppress_warnings``
+``config.generator.swagger.suppress_warnings``
     If ``false``: no warnings will be suppressed
 
     If ``true``: all warnings will be suppressed
 
     If an array of values (e.g., ``[100,102,107]``), only the warnings identified by the numbers in the array will be suppressed.
 
-``config.swagger_api_host``
+``config.generator.swagger.api_host``
     The value to place in the swagger host field.
 
     Default is ``localhost:3000``
 
     If ``nil`` then then host field will not be included.
 
-``config.swagger_allow_additional_properties_in_response``
+``config.generator.swagger.allow_additional_properties_in_response``
     If ``false`` (default):  response descriptions in the generated swagger will include an ``additional-properties: false``
     field
 
     If ``true``:  the ``additional-properties: false`` field will not be included in response object descriptions
 
+``config.generator.swagger.schemes``
+    An array of transport schemes that the API supports.
+    This can include any combination of ``http``, ``https``, ``ws`` and ``wss``.
+    By default to encourage good security practices, ``['https']`` is specified.
+
+
+``config:swagger.security_definitions``
+    If the API requires authentication, you can specify details of the authentication mechanisms supported as a (Hash) value here.
+    See [https://swagger.io/docs/specification/2-0/authentication/] for details of what values can be specified
+    By default, no security is defined.
+
+``config.generator.swagger.global_security``
+    If the API requires authentication, you can specify which of the authentication mechanisms are supported by all API operations as an Array of hashes here.
+    This should be used in conjunction with the mechanisms defined by ``swagger.security_definitions``.
+    See [https://swagger.io/docs/specification/2-0/authentication/] for details of what values can be specified
+    By default, no security is defined.
+
+``config.generator.swagger.skip_default_tags``
+    By setting ``false`` (default): The resource name for e.g. ``/pets/{petId}`` will automatically be added as a tag ``pets``.
+    By setting ``true``: The tags needs to be explicitly added to the resource using the DSL.
 
 Known limitations of the current implementation
 -------------------------------------------------
@@ -1663,6 +1743,7 @@ Known limitations of the current implementation
 * It is not possible to leverage all of the parameter type/format capabilities of swagger
 * Only OpenAPI 2.0 is supported
 * Responses are defined inline and not as a $ref
+* It is not possible to specify per-operation security requirements (only global)
 
 ====================================
  Dynamic Swagger generation
@@ -1847,12 +1928,22 @@ provided it uses Apipie as a backend.
 
 And if you write one on your own, don't hesitate to share it with us!
 
+====================
+ Contributing
+====================
+
+Then, you can install dependencies and run the test suite:
+
+.. code:: shell
+
+   > bundle install
+   > bundle exec rspec
 
 ====================
  Disqus Integration
 ====================
 
-You can setup `Disqus <http://www.disqus.com>`_ discussion within
+You can setup `Disqus <https://disqus.com/>`_ discussion within
 your documentation. Just set the credentials in the Apipie
 configuration:
 

data/Rakefile

@@ -6,8 +6,3 @@ RSpec::Core::RakeTask.new(:spec)
 desc 'Default: run specs.'
 task :default => :spec
 
-desc "Generate code coverage"
-RSpec::Core::RakeTask.new(:coverage) do |t|
-  t.rcov = true
-  t.rcov_opts = ['--exclude', 'spec']
-end

data/apipie-rails.gemspec

@@ -1,5 +1,6 @@
 # -*- encoding: utf-8 -*-
-$:.push File.expand_path("../lib", __FILE__)
+
+$:.push File.expand_path('lib', __dir__)
 require "apipie/version"
 
 Gem::Specification.new do |s|
@@ -10,19 +11,27 @@ Gem::Specification.new do |s|
   s.homepage    = "http://github.com/Apipie/apipie-rails"
   s.summary     = %q{Rails REST API documentation tool}
   s.description = %q{Rails REST API documentation tool}
-  s.required_ruby_version = '>= 2.0.0'
+  s.required_ruby_version = '>= 2.6.0'
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.require_paths = ["lib"]
 
-  s.add_dependency "rails", ">= 4.1"
+  s.add_dependency "actionpack", ">= 5.0"
+  s.add_dependency "activesupport", ">= 5.0"
+
+  # Optional dependencies
+  s.add_development_dependency "maruku"   # for Markdown support
+  s.add_development_dependency "RedCloth" # for Textile support
+
+  # Dev/tests only dependencies
+  s.add_development_dependency "json-schema", "~> 2.8"
   s.add_development_dependency "rspec-rails", "~> 3.0"
-  s.add_development_dependency "sqlite3"
-  s.add_development_dependency "minitest"
-  s.add_development_dependency "maruku"
-  s.add_development_dependency "RedCloth"
   s.add_development_dependency "rake"
-  s.add_development_dependency "rdoc"
-  s.add_development_dependency "json-schema", "~> 2.8"
+  s.add_development_dependency 'rubocop_challenger'
+  s.add_development_dependency 'rubocop-rails'
+  s.add_development_dependency 'rubocop-rspec'
+  s.add_development_dependency 'rubocop-performance'
+  s.add_development_dependency "simplecov"
+  s.add_development_dependency "sqlite3"
 end

data/app/controllers/apipie/apipies_controller.rb

@@ -34,17 +34,17 @@ module Apipie
 
         @language = get_language
 
-        Apipie.load_documentation if Apipie.configuration.reload_controllers? || (Rails.version.to_i >= 4.0 && !Rails.application.config.eager_load)
+        Apipie.load_documentation if Apipie.configuration.reload_controllers? || !Rails.application.config.eager_load
 
         I18n.locale = @language
 
         if should_render_swagger
-          prev_warning_value = Apipie.configuration.swagger_suppress_warnings
+          prev_warning_value = Apipie.configuration.generator.swagger.suppress_warnings
           begin
-            Apipie.configuration.swagger_suppress_warnings = true
+            Apipie.configuration.generator.swagger.suppress_warnings = true
             @doc = Apipie.to_swagger_json(params[:version], params[:resource], params[:method], @language)
           ensure
-            Apipie.configuration.swagger_suppress_warnings = prev_warning_value
+            Apipie.configuration.generator.swagger.suppress_warnings = prev_warning_value
           end
         else
           @doc = Apipie.to_json(params[:version], params[:resource], params[:method], @language)
@@ -98,12 +98,11 @@ module Apipie
       return nil unless Apipie.configuration.translate
       lang = Apipie.configuration.default_locale
       [:resource, :method, :version].each do |par|
-        if params[par]
-          splitted = params[par].split('.')
-          if splitted.length > 1 && Apipie.configuration.languages.include?(splitted.last)
-            lang = splitted.last
-            params[par].sub!(".#{lang}", '')
-          end
+        next unless params[par]
+        splitted = params[par].split('.')
+        if splitted.length > 1 && (Apipie.configuration.languages.include?(splitted.last) || Apipie.configuration.default_locale == splitted.last)
+          lang = splitted.last
+          params[par].sub!(".#{lang}", '')
         end
       end
       lang
@@ -120,7 +119,7 @@ module Apipie
           authorize_resource(resource)
         end
       else
-        @doc[:docs][:resources].select do |_resource_name, resource|
+        @doc[:docs][:resources].select do |_resource_id, resource|
           authorize_resource(resource)
         end
       end
@@ -155,29 +154,15 @@ module Apipie
 
     def render_from_cache
       path = Apipie.configuration.doc_base_url.dup
-      # some params can contain dot, but only one in row
-      if [:resource, :method, :format, :version].any? { |p| params[p].to_s.gsub(".", "") =~ /\W/ || params[p].to_s =~ /\.\./ }
-        head :bad_request and return
-      end
-
       path << "/" << params[:version] if params[:version].present?
       path << "/" << params[:resource] if params[:resource].present?
       path << "/" << params[:method] if params[:method].present?
-      if params[:format].present?
-        path << ".#{params[:format]}"
-      else
-        path << ".html"
-      end
-
-      # we sanitize the params before so in ideal case, this condition
-      # will be never satisfied. It's here for cases somebody adds new
-      # param into the path later and forgets about sanitation.
-      if path =~ /\.\./
-        head :bad_request and return
-      end
+      # Sanitize path against directory traversal attacks (e.g. ../../foo)
+      # by turning path into an absolute path before appending it to the cache dir
+      path = File.expand_path("#{path}.#{request.format.symbol}", '/')
 
       cache_file = File.join(Apipie.configuration.cache_dir, path)
-      if File.exists?(cache_file)
+      if File.exist?(cache_file)
         content_type = case params[:format]
                        when "json" then "application/json"
                        else "text/html"

data/app/helpers/apipie_helper.rb

@@ -1,7 +1,7 @@
 module ApipieHelper
   include ActionView::Helpers::TagHelper
 
-  def heading(title, level=1)
+  def heading(title, level = 1)
     content_tag("h#{level}") do
       title
     end