openapi_first 2.7.2 → 2.7.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 93e611196a63a7f9bf41d6ee90c25f22dbeaf49bc7c08ff00c26dd579c68a70d
-  data.tar.gz: dbe36e65d24186b0c3ac258508f4ae5ecbd7eea55a6679d6107c7b2d2dee6547
+  metadata.gz: 2d3e13bc24feccc8015701ca7360e77fbb8c44d8c7dad9e87310f52b04ddebe6
+  data.tar.gz: 8a5895ce7b3a5a7a2669e862f4821125538573a6e694db36e8d2687580c3e0c9
 SHA512:
-  metadata.gz: 2ef33d27a35ed67937026a735a35ee4934519b4463f09e95a4e0987f17c50c72d40990827a1f05f8bfad6b2e1ba4e79fea86d055d3b29d2e11b07810a7eba6fb
-  data.tar.gz: 5b7825b079722c7718f84b7ebb211a6201a03723077aac83947d654470b773ba389e95424a5038fab74370a521890c848cd0016381ef34104e1b4c2a3daa4fda
+  metadata.gz: 3420becb820a470942b12e39d7e59197f9a50696a0f63c2af601ce26cad4e95c6b6e9d915e5b3f4528da78bf1f012993af9401d1863578e8e64c2059896c71bb
+  data.tar.gz: fe61cf2f437b9a725b377b7dcc5917ac130639ca67514450bee3ba919f289f083fa232b9a94770d175232da2546b5b999c5e544abe20d0dba060adc6d4eb6f07

data/CHANGELOG.md

@@ -2,6 +2,17 @@
 
 ## Unreleased
 
+## 2.7.4
+
+- Return 400 if Rack cannot parse query string instead of raising an exception. Fixes https://github.com/ahx/openapi_first/issues/372
+
+## 2.7.3
+
+- Accept loading OAD documents with numeric status codes. Fixes "Unknown reference" error. https://github.com/ahx/openapi_first/issues/367
+
+- Support QUERY request method
+  OpenAPI 3.0, 3.1 does not support that, but this does
+
 ## 2.7.2
 
 - Fix $ref-resolving for referenced arrays.

data/README.md

@@ -2,18 +2,17 @@
 
 openapi_first is a Ruby gem for request / response validation and contract-testing against an [OpenAPI](https://www.openapis.org/) 3.0 or 3.1 API description. It makes an APIFirst workflow easy and reliable.
 
-You can use openapi_first on production for [request validation](#request-validation) and in your tests to avoid API drift with it's request/response validation and coverage features.
+You can use openapi_first on production for [request validation](#request-validation) and in your [tests](#contract-testing) to avoid API drift with it's request/response validation and coverage features.
 
 ## Contents
 
 <!-- TOC -->
 
+- [Contract testing](#contract-testing)
 - [Rack Middlewares](#rack-middlewares)
   - [Request validation](#request-validation)
   - [Response validation](#response-validation)
-- [Contract testing](#contract-testing)
-  - [Coverage](#coverage)
-  - [Test assertions](#test-assertions)
+- [Test assertions](#test-assertions)
 - [Manual use](#manual-use)
 - [Framework integration](#framework-integration)
 - [Configuration](#configuration)
@@ -26,6 +25,41 @@ You can use openapi_first on production for [request validation](#request-valida
 
 <!-- /TOC -->
 
+## Contract Testing
+
+You can see your OpenAPI API description as a contract that your clients can rely on as how your API behaves. There are two aspects of contract testing: Validation and Coverage. By validating requests and responses, you can avoid that your API implementation processes requests or returns responses that don't match your API description. To make sure your _whole_ API description is implemented, openapi_first can check that all of your API description is covered when you test your API with [rack-test](https://github.com/rack/rack-test).
+
+Here is how to set it up:
+
+1. Register all OpenAPI documents to track coverage for.
+  This should go at the top of your test helper file before loading your application code.
+    ```ruby
+    require 'openapi_first'
+    OpenapiFirst::Test.setup do |test|
+      test.register('openapi/openapi.yaml')
+      # Optional: Make tests fail if coverage is below minimum
+      test.minimum_coverage = 100
+      # Optional: Skip certain responses, which are described in your API description, but need no test coverage
+      test.skip_response_coverage { it.status == '500' } #
+    end
+    ```
+2. Add an `app` method to your tests by including a Module. This `app` method wraps your application with silent request / response validation. This validates all requests/responses in your test run. (✷1)
+    ```ruby
+    RSpec.configure do |config|
+      config.include OpenapiFirst::Test::Methods[MyApp], type: :request
+    end
+    ```
+    Or add the `app` method yourself:
+
+    ```ruby
+    def app
+      OpenapiFirst::Test.app(MyApp)
+    end
+    ```
+3. Run your tests. The Coverage feature will tell you about missing or invalid requests/responses.
+
+(✷1): It does not matter what method of openapi_first you use to validate requests/responses. Instead of using `OpenapiFirstTest.app` to wrap your application, you could also use the [middlewares](#rack-middlewares) or [test assertion method](#test-assertions), but you would have to do that for all requests/responses defined in your API description to make coverage work.
+
 ## Rack Middlewares
 
 ### Request validation
@@ -135,51 +169,7 @@ use OpenapiFirst::Middlewares::ResponseValidation, 'openapi.yaml', raise_error:
 
 If you are adopting OpenAPI you can use these options together with [hooks](#hooks) to get notified about requests/responses that do match your API description.
 
-## Contract Testing
-
-Here are two aspects of contract testing: Validation and Coverage
-
-### Validation
-
-By validating requests and responses, you can avoid that your API implementation processes requests or returns responses that don't match your API description. You can use [test assertions](#test-assertions) or [rack middlewares](#rack-middlewares) or manual validation to validate requests and responses with openapi_first.
-
-### Coverage
-
-To make sure your _whole_ API description is implemented, openapi_first ships with a coverage feature.
-
-> [!NOTE]
-> This is a brand new feature. ✨ Your feedback is very welcome.
-
-This feature tracks all requests/responses that are validated via openapi_first and tells you about which request/responses are missing.
-Here is how to set it up with [rack-test](https://github.com/rack/rack-test):
-
-1. Register all OpenAPI documents to track coverage for. This should go at the top of your test helper file before loading your application code.
-  ```ruby
-  require 'openapi_first'
-  OpenapiFirst::Test.setup do |test|
-    test.register('openapi/openapi.yaml')
-    test.minimum_coverage = 100 # (Optional) Setting this will lead to an `exit 2` if coverage is below minimum
-    test.skip_response_coverage { it.status == '500' } # (Optional) Skip certain responses
-  end
-  ```
-2. Add an `app` method to your tests, which wraps your application with silent request / response validation. This validates all requests/responses in your test run. (✷1)
-
-  ```ruby
-  def app
-    OpenapiFirst::Test.app(MyApp)
-  end
-  ```
-3. Run your tests.  The Coverage feature will tell you about missing request/responses.
-
-  Or you can generate a Module and include it in your rspec spec_helper.rb:
-
-  ```ruby
-  config.include OpenapiFirst::Test::Methods[MyApp], type: :request
-  ```
-
-(✷1): It does not matter what method of openapi_first you use to validate requests/responses. Instead of using `OpenapiFirstTest.app` to wrap your application, you could also use the middlewares or [test assertion method](#test-assertions), but you would have to do that for all requests/responses defined in your API description to make coverage work.
-
-### Test assertions
+## Test assertions
 
 openapi_first ships with a simple but powerful Test method to run request and response validation in your tests without using the middlewares. This is designed to be used with rack-test or Ruby on Rails integration tests or request specs.
 

data/lib/openapi_first/builder.rb

@@ -14,7 +14,7 @@ module OpenapiFirst
   # Builds parts of a Definition
   # This knows how to read a resolved OpenAPI document and build {Request} and {Response} objects.
   class Builder # rubocop:disable Metrics/ClassLength
-    REQUEST_METHODS = %w[get head post put patch delete trace options].freeze
+    REQUEST_METHODS = %w[get head post put patch delete trace options query].freeze
 
     # Builds a router from a resolved OpenAPI document.
     # @param contents [Hash] The OpenAPI document Hash.

data/lib/openapi_first/file_loader.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require 'json'
 require 'yaml'
 
 module OpenapiFirst

data/lib/openapi_first/request_parser.rb

@@ -27,11 +27,19 @@ module OpenapiFirst
     def parse(request, route_params:)
       ParsedRequest.new(
         path: @path_parser&.unpack(route_params),
-        query: @query_parser&.unpack(request.env[Rack::QUERY_STRING]),
+        query: parse_query(request.env[Rack::QUERY_STRING]),
         headers: @headers_parser&.unpack_env(request.env),
         cookies: @cookies_parser&.unpack(request.env[Rack::HTTP_COOKIE]),
         body: @body_parsers&.call(request)
       )
     end
+
+    private
+
+    def parse_query(query_string)
+      @query_parser&.unpack(query_string)
+    rescue OpenapiParameters::InvalidParameterError
+      Failure.fail!(:invalid_query, message: 'Invalid query parameter.')
+    end
   end
 end

data/lib/openapi_first/schema/hash.rb

@@ -3,7 +3,7 @@
 require_relative 'validation_error'
 
 module OpenapiFirst
-  class Schema
+  module Schema
     # A hash of Schemas
     class Hash
       # @param schema Hash of schemas
@@ -29,11 +29,7 @@ module OpenapiFirst
             hook.call(root_value, key, schema.value, nil)
           end
           enum.chain(key_validation.map do |err|
-            data_pointer = "/#{key}"
-            err.merge(
-              'error' => JSONSchemer::Errors.pretty(err),
-              'data_pointer' => data_pointer
-            )
+            err.merge('data_pointer' => "/#{key}")
           end)
         end
         ValidationResult.new(validations)

data/lib/openapi_first/schema/validation_error.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module OpenapiFirst
-  class Schema
+  module Schema
     # One of multiple validation errors. Returned by Schema::ValidationResult#errors.
     ValidationError = Data.define(:value, :data_pointer, :schema_pointer, :type, :details, :schema) do
       # This returns an error message for this specific error.

data/lib/openapi_first/schema/validation_result.rb

@@ -3,7 +3,7 @@
 require_relative 'validation_error'
 
 module OpenapiFirst
-  class Schema
+  module Schema
     # Result of validating data against a schema. Return value of Schema#validate.
     class ValidationResult
       def initialize(validation)

data/lib/openapi_first/test.rb

@@ -54,6 +54,8 @@ module OpenapiFirst
       end
     end
 
+    # Sets up OpenAPI test coverage and OAD registration.
+    # @yieldparam [OpenapiFirst::Test::Setup] setup A setup for configuration
     def self.setup(&)
       unless block_given?
         raise ArgumentError, "Please provide a block to #{self.class}.setup to register you API descriptions"

data/lib/openapi_first/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module OpenapiFirst
-  VERSION = '2.7.2'
+  VERSION = '2.7.4'
 end

data/lib/openapi_first.rb

@@ -64,8 +64,9 @@ module OpenapiFirst
 
   # Parse a dereferenced Hash
   # @return [Definition]
+  # TODO: This needs to work with unresolved contents as well
   def self.parse(contents, only: nil, filepath: nil, &)
-    # TODO: This needs to work with unresolved contents as well
+    contents = JSON.parse(JSON.generate(contents)) # Deeply stringify keys, because of YAML. See https://github.com/ahx/openapi_first/issues/367
     contents['paths'].filter!(&->(key, _) { only.call(key) }) if only
     Definition.new(contents, filepath, &)
   end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: openapi_first
 version: !ruby/object:Gem::Version
-  version: 2.7.2
+  version: 2.7.4
 platform: ruby
 authors:
 - Andreas Haller
 bindir: bin
 cert_chain: []
-date: 2025-05-17 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: hana
@@ -49,7 +49,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.3.3
+        version: 0.5.1
     - - "<"
       - !ruby/object:Gem::Version
         version: '2.0'
@@ -59,7 +59,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.3.3
+        version: 0.5.1
     - - "<"
       - !ruby/object:Gem::Version
         version: '2.0'
@@ -162,7 +162,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.5
+rubygems_version: 3.6.7
 specification_version: 4
 summary: OpenAPI based request validation, response validation, contract-testing and
   coverage