npm - @apidiff/core - Versions diffs - 1.0.0 - Mend

@apidiff/core 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (249) hide show

package/dist/ast/hash.d.ts +2 -0
package/dist/ast/hash.d.ts.map +1 -0
package/dist/ast/index.d.ts +3 -0
package/dist/ast/index.d.ts.map +1 -0
package/dist/ast/traverse.d.ts +13 -0
package/dist/ast/traverse.d.ts.map +1 -0
package/dist/config/index.d.ts +9 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/diff/auth-differ.d.ts +4 -0
package/dist/diff/auth-differ.d.ts.map +1 -0
package/dist/diff/endpoint-differ.d.ts +3 -0
package/dist/diff/endpoint-differ.d.ts.map +1 -0
package/dist/diff/index.d.ts +3 -0
package/dist/diff/index.d.ts.map +1 -0
package/dist/diff/schema-differ.d.ts +3 -0
package/dist/diff/schema-differ.d.ts.map +1 -0
package/dist/diff/server-differ.d.ts +3 -0
package/dist/diff/server-differ.d.ts.map +1 -0
package/dist/index.cjs +2902 -0
package/dist/index.d.ts +15 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +2855 -0
package/dist/loader/file-loader.d.ts +5 -0
package/dist/loader/file-loader.d.ts.map +1 -0
package/dist/loader/git-loader.d.ts +5 -0
package/dist/loader/git-loader.d.ts.map +1 -0
package/dist/loader/index.d.ts +7 -0
package/dist/loader/index.d.ts.map +1 -0
package/dist/loader/url-loader.d.ts +5 -0
package/dist/loader/url-loader.d.ts.map +1 -0
package/dist/output/html.d.ts +3 -0
package/dist/output/html.d.ts.map +1 -0
package/dist/output/index.d.ts +3 -0
package/dist/output/index.d.ts.map +1 -0
package/dist/output/json.d.ts +3 -0
package/dist/output/json.d.ts.map +1 -0
package/dist/output/markdown.d.ts +3 -0
package/dist/output/markdown.d.ts.map +1 -0
package/dist/output/terminal.d.ts +3 -0
package/dist/output/terminal.d.ts.map +1 -0
package/dist/parsers/base.d.ts +8 -0
package/dist/parsers/base.d.ts.map +1 -0
package/dist/parsers/graphql/index.d.ts +13 -0
package/dist/parsers/graphql/index.d.ts.map +1 -0
package/dist/parsers/index.d.ts +7 -0
package/dist/parsers/index.d.ts.map +1 -0
package/dist/parsers/openapi2/index.d.ts +9 -0
package/dist/parsers/openapi2/index.d.ts.map +1 -0
package/dist/parsers/openapi3/index.d.ts +9 -0
package/dist/parsers/openapi3/index.d.ts.map +1 -0
package/dist/parsers/openapi3/ref-resolver.d.ts +2 -0
package/dist/parsers/openapi3/ref-resolver.d.ts.map +1 -0
package/dist/parsers/openapi3/schema-normalizer.d.ts +3 -0
package/dist/parsers/openapi3/schema-normalizer.d.ts.map +1 -0
package/dist/parsers/openapi3/security-normalizer.d.ts +3 -0
package/dist/parsers/openapi3/security-normalizer.d.ts.map +1 -0
package/dist/parsers/protobuf/index.d.ts +14 -0
package/dist/parsers/protobuf/index.d.ts.map +1 -0
package/dist/rules/auth/oauth-scope-removed.d.ts +9 -0
package/dist/rules/auth/oauth-scope-removed.d.ts.map +1 -0
package/dist/rules/auth/security-added.d.ts +9 -0
package/dist/rules/auth/security-added.d.ts.map +1 -0
package/dist/rules/auth/security-removed.d.ts +9 -0
package/dist/rules/auth/security-removed.d.ts.map +1 -0
package/dist/rules/auth/security-scheme-type-changed.d.ts +9 -0
package/dist/rules/auth/security-scheme-type-changed.d.ts.map +1 -0
package/dist/rules/base.d.ts +19 -0
package/dist/rules/base.d.ts.map +1 -0
package/dist/rules/endpoint/endpoint-added.d.ts +9 -0
package/dist/rules/endpoint/endpoint-added.d.ts.map +1 -0
package/dist/rules/endpoint/endpoint-deprecated.d.ts +9 -0
package/dist/rules/endpoint/endpoint-deprecated.d.ts.map +1 -0
package/dist/rules/endpoint/endpoint-removed.d.ts +9 -0
package/dist/rules/endpoint/endpoint-removed.d.ts.map +1 -0
package/dist/rules/endpoint/http-method-changed.d.ts +9 -0
package/dist/rules/endpoint/http-method-changed.d.ts.map +1 -0
package/dist/rules/endpoint/path-changed.d.ts +9 -0
package/dist/rules/endpoint/path-changed.d.ts.map +1 -0
package/dist/rules/index.d.ts +4 -0
package/dist/rules/index.d.ts.map +1 -0
package/dist/rules/meta/server-removed.d.ts +9 -0
package/dist/rules/meta/server-removed.d.ts.map +1 -0
package/dist/rules/param/param-added.d.ts +9 -0
package/dist/rules/param/param-added.d.ts.map +1 -0
package/dist/rules/param/param-deprecated.d.ts +9 -0
package/dist/rules/param/param-deprecated.d.ts.map +1 -0
package/dist/rules/param/param-enum-value-added.d.ts +9 -0
package/dist/rules/param/param-enum-value-added.d.ts.map +1 -0
package/dist/rules/param/param-enum-value-removed.d.ts +9 -0
package/dist/rules/param/param-enum-value-removed.d.ts.map +1 -0
package/dist/rules/param/param-location-changed.d.ts +9 -0
package/dist/rules/param/param-location-changed.d.ts.map +1 -0
package/dist/rules/param/param-removed.d.ts +9 -0
package/dist/rules/param/param-removed.d.ts.map +1 -0
package/dist/rules/param/param-required-added.d.ts +9 -0
package/dist/rules/param/param-required-added.d.ts.map +1 -0
package/dist/rules/param/param-required-true-to-false.d.ts +9 -0
package/dist/rules/param/param-required-true-to-false.d.ts.map +1 -0
package/dist/rules/param/param-type-changed.d.ts +9 -0
package/dist/rules/param/param-type-changed.d.ts.map +1 -0
package/dist/rules/request/request-body-added-required.d.ts +9 -0
package/dist/rules/request/request-body-added-required.d.ts.map +1 -0
package/dist/rules/request/request-body-removed.d.ts +9 -0
package/dist/rules/request/request-body-removed.d.ts.map +1 -0
package/dist/rules/request/request-content-type-added.d.ts +9 -0
package/dist/rules/request/request-content-type-added.d.ts.map +1 -0
package/dist/rules/request/request-content-type-removed.d.ts +9 -0
package/dist/rules/request/request-content-type-removed.d.ts.map +1 -0
package/dist/rules/request/request-field-added-required.d.ts +9 -0
package/dist/rules/request/request-field-added-required.d.ts.map +1 -0
package/dist/rules/request/request-field-removed.d.ts +9 -0
package/dist/rules/request/request-field-removed.d.ts.map +1 -0
package/dist/rules/request/request-field-type-changed.d.ts +9 -0
package/dist/rules/request/request-field-type-changed.d.ts.map +1 -0
package/dist/rules/request/request-required-false-to-true.d.ts +9 -0
package/dist/rules/request/request-required-false-to-true.d.ts.map +1 -0
package/dist/rules/response/response-field-added.d.ts +9 -0
package/dist/rules/response/response-field-added.d.ts.map +1 -0
package/dist/rules/response/response-field-removed.d.ts +9 -0
package/dist/rules/response/response-field-removed.d.ts.map +1 -0
package/dist/rules/response/response-field-type-changed.d.ts +9 -0
package/dist/rules/response/response-field-type-changed.d.ts.map +1 -0
package/dist/rules/response/response-header-added-required.d.ts +9 -0
package/dist/rules/response/response-header-added-required.d.ts.map +1 -0
package/dist/rules/response/response-header-removed.d.ts +9 -0
package/dist/rules/response/response-header-removed.d.ts.map +1 -0
package/dist/rules/response/response-media-type-added.d.ts +9 -0
package/dist/rules/response/response-media-type-added.d.ts.map +1 -0
package/dist/rules/response/response-media-type-removed.d.ts +9 -0
package/dist/rules/response/response-media-type-removed.d.ts.map +1 -0
package/dist/rules/response/response-status-added.d.ts +9 -0
package/dist/rules/response/response-status-added.d.ts.map +1 -0
package/dist/rules/response/response-status-removed.d.ts +9 -0
package/dist/rules/response/response-status-removed.d.ts.map +1 -0
package/dist/types/ast.d.ts +140 -0
package/dist/types/ast.d.ts.map +1 -0
package/dist/types/config.d.ts +17 -0
package/dist/types/config.d.ts.map +1 -0
package/dist/types/diff.d.ts +43 -0
package/dist/types/diff.d.ts.map +1 -0
package/dist/types/errors.d.ts +21 -0
package/dist/types/errors.d.ts.map +1 -0
package/dist/types/index.d.ts +6 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/semantic.d.ts +45 -0
package/dist/types/semantic.d.ts.map +1 -0
package/package.json +31 -0
package/src/ast/hash.ts +26 -0
package/src/ast/index.ts +2 -0
package/src/ast/traverse.ts +59 -0
package/src/config/index.ts +44 -0
package/src/diff/auth-differ.ts +72 -0
package/src/diff/endpoint-differ.ts +144 -0
package/src/diff/index.ts +13 -0
package/src/diff/schema-differ.ts +70 -0
package/src/diff/server-differ.ts +22 -0
package/src/index.ts +92 -0
package/src/loader/file-loader.ts +19 -0
package/src/loader/git-loader.ts +22 -0
package/src/loader/index.ts +32 -0
package/src/loader/url-loader.ts +25 -0
package/src/output/html.ts +177 -0
package/src/output/index.ts +16 -0
package/src/output/json.ts +5 -0
package/src/output/markdown.ts +29 -0
package/src/output/terminal.ts +37 -0
package/src/parsers/base.ts +8 -0
package/src/parsers/graphql/index.ts +181 -0
package/src/parsers/index.ts +61 -0
package/src/parsers/openapi2/index.ts +218 -0
package/src/parsers/openapi3/index.ts +223 -0
package/src/parsers/openapi3/ref-resolver.ts +101 -0
package/src/parsers/openapi3/schema-normalizer.ts +52 -0
package/src/parsers/openapi3/security-normalizer.ts +18 -0
package/src/parsers/protobuf/index.ts +208 -0
package/src/rules/auth/oauth-scope-removed.ts +34 -0
package/src/rules/auth/security-added.ts +32 -0
package/src/rules/auth/security-removed.ts +47 -0
package/src/rules/auth/security-scheme-type-changed.ts +30 -0
package/src/rules/base.ts +29 -0
package/src/rules/endpoint/endpoint-added.ts +26 -0
package/src/rules/endpoint/endpoint-deprecated.ts +29 -0
package/src/rules/endpoint/endpoint-removed.ts +26 -0
package/src/rules/endpoint/http-method-changed.ts +29 -0
package/src/rules/endpoint/path-changed.ts +29 -0
package/src/rules/index.ts +83 -0
package/src/rules/meta/server-removed.ts +26 -0
package/src/rules/param/param-added.ts +52 -0
package/src/rules/param/param-deprecated.ts +34 -0
package/src/rules/param/param-enum-value-added.ts +32 -0
package/src/rules/param/param-enum-value-removed.ts +32 -0
package/src/rules/param/param-location-changed.ts +43 -0
package/src/rules/param/param-removed.ts +52 -0
package/src/rules/param/param-required-added.ts +34 -0
package/src/rules/param/param-required-true-to-false.ts +34 -0
package/src/rules/param/param-type-changed.ts +32 -0
package/src/rules/request/request-body-added-required.ts +33 -0
package/src/rules/request/request-body-removed.ts +30 -0
package/src/rules/request/request-content-type-added.ts +31 -0
package/src/rules/request/request-content-type-removed.ts +31 -0
package/src/rules/request/request-field-added-required.ts +41 -0
package/src/rules/request/request-field-removed.ts +35 -0
package/src/rules/request/request-field-type-changed.ts +37 -0
package/src/rules/request/request-required-false-to-true.ts +56 -0
package/src/rules/response/response-field-added.ts +34 -0
package/src/rules/response/response-field-removed.ts +34 -0
package/src/rules/response/response-field-type-changed.ts +37 -0
package/src/rules/response/response-header-added-required.ts +47 -0
package/src/rules/response/response-header-removed.ts +32 -0
package/src/rules/response/response-media-type-added.ts +32 -0
package/src/rules/response/response-media-type-removed.ts +32 -0
package/src/rules/response/response-status-added.ts +31 -0
package/src/rules/response/response-status-removed.ts +31 -0
package/src/types/ast.ts +164 -0
package/src/types/config.ts +31 -0
package/src/types/diff.ts +49 -0
package/src/types/errors.ts +26 -0
package/src/types/index.ts +5 -0
package/src/types/semantic.ts +60 -0
package/test/integration/stripe-v1.yaml +36 -0
package/test/integration/stripe-v2.yaml +35 -0
package/tests/ast.test.ts +60 -0
package/tests/config.test.ts +43 -0
package/tests/diff/auth-differ.test.ts +55 -0
package/tests/diff/endpoint-differ.test.ts +42 -0
package/tests/diff/schema-differ.test.ts +46 -0
package/tests/diff/server-differ.test.ts +23 -0
package/tests/diff.test.ts +116 -0
package/tests/fixtures/openapi3/auth-added/v1.yaml +11 -0
package/tests/fixtures/openapi3/auth-added/v2.yaml +18 -0
package/tests/integration.test.ts +21 -0
package/tests/loader-more.test.ts +75 -0
package/tests/loader.test.ts +61 -0
package/tests/output.test.ts +58 -0
package/tests/parsers/openapi3-coverage.test.ts +77 -0
package/tests/parsers/openapi3.test.ts +41 -0
package/tests/parsers/parsers-other.test.ts +135 -0
package/tests/parsers/ref-resolver.test.ts +78 -0
package/tests/parsers/schema-normalizer.test.ts +30 -0
package/tests/rules/auth-meta.test.ts +87 -0
package/tests/rules/base.test.ts +44 -0
package/tests/rules/endpoint.test.ts +122 -0
package/tests/rules/param.test.ts +242 -0
package/tests/rules/request.test.ts +147 -0
package/tests/rules/response.test.ts +161 -0
package/tests/rules/rules-coverage.test.ts +64 -0
package/tests/types-errors.test.ts +22 -0
package/tsconfig.json +8 -0
package/tsconfig.tsbuildinfo +1 -0

package/src/parsers/openapi2/index.ts ADDED Viewed

@@ -0,0 +1,218 @@
+import type { NormalizedAST, Endpoint, Parameter, RequestBody, ResponseDef, ComponentMap, HttpMethod, Server } from '../../types/index.js';
+import type { RawSpec } from '../../loader/index.js';
+import type { ISpecParser } from '../base.js';
+import { ParseError } from '../../types/errors.js';
+import { normalizeSchema } from '../openapi3/schema-normalizer.js';
+import yaml from 'js-yaml';
+export class OpenApi2Parser implements ISpecParser {
+  readonly format = 'openapi2';
+  canParse(raw: RawSpec): boolean {
+    return raw.format === 'openapi2';
+  }
+  async parse(raw: RawSpec): Promise<NormalizedAST> {
+    let parsed: any;
+    try {
+      parsed = JSON.parse(raw.content);
+    } catch {
+      try {
+        parsed = yaml.load(raw.content);
+      } catch (err: any) {
+        throw new ParseError('Failed to parse OpenAPI 2.x spec', undefined, undefined, raw.sourcePath, err);
+      }
+    }
+    if (!parsed || typeof parsed !== 'object' || !parsed.swagger || !parsed.swagger.startsWith('2.')) {
+      throw new ParseError('Not a valid OpenAPI 2.x spec', undefined, undefined, raw.sourcePath);
+    }
+    // In a real implementation we would resolve refs, but for now we'll assume they are resolved or handle them simply.
+    // We should use the same ref-resolver used in openapi3 if possible, but Swagger 2.0 has different structure.
+    // For this implementation, we will use the raw parsed object.
+    const resolved = parsed; // TODO: proper ref resolution
+    const meta = {
+      title: resolved.info?.title || 'Unknown API',
+      version: resolved.info?.version || '1.0.0',
+      format: 'openapi2' as const,
+      rawVersion: resolved.swagger
+    };
+    const servers: Server[] = [];
+    if (resolved.host) {
+      const schemes = Array.isArray(resolved.schemes) && resolved.schemes.length > 0 ? resolved.schemes : ['https'];
+      const basePath = resolved.basePath || '';
+      for (const scheme of schemes) {
+        servers.push({ url: `${scheme}://${resolved.host}${basePath}` });
+      }
+    }
+    const components: ComponentMap = {
+      schemas: {},
+      securitySchemes: {},
+      parameters: {},
+      responses: {},
+      headers: {},
+      requestBodies: {}
+    };
+    if (resolved.definitions) {
+      for (const [k, v] of Object.entries(resolved.definitions)) {
+        components.schemas[k] = normalizeSchema(v as any);
+      }
+    }
+    const securitySchemes = resolved.securityDefinitions || {};
+    for (const [k, v] of Object.entries(securitySchemes)) {
+      components.securitySchemes[k] = v as any;
+    }
+    const endpoints: Endpoint[] = [];
+    const paths = resolved.paths || {};
+    const globalSecurity = resolved.security || [];
+    const allowedMethods = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace'];
+    for (const [pathStr, pathItem] of Object.entries(paths)) {
+      if (!pathItem || typeof pathItem !== 'object') continue;
+      const pathParams = Array.isArray((pathItem as any).parameters) ? (pathItem as any).parameters : [];
+      for (const methodStr of Object.keys(pathItem)) {
+        if (!allowedMethods.includes(methodStr)) continue;
+        const op = (pathItem as any)[methodStr];
+        if (!op || typeof op !== 'object') continue;
+        const method = methodStr.toUpperCase() as HttpMethod;
+        const id = `${method}:${normalizePathForId(pathStr)}`;
+        const opParams = Array.isArray(op.parameters) ? op.parameters : [];
+        const { parameters, requestBody } = buildParametersAndBody(pathParams, opParams, resolved.consumes || op.consumes || ['application/json']);
+        const endpoint: Endpoint = {
+          id,
+          path: pathStr,
+          method,
+          summary: op.summary,
+          description: op.description,
+          operationId: op.operationId,
+          tags: Array.isArray(op.tags) ? op.tags : [],
+          deprecated: !!op.deprecated,
+          security: op.security || globalSecurity,
+          parameters,
+          requestBody,
+          responses: buildResponses(op.responses, resolved.produces || op.produces || ['application/json']),
+          extensions: extractExtensions(op)
+        };
+        endpoints.push(endpoint);
+      }
+    }
+    return {
+      meta,
+      servers,
+      endpoints,
+      components,
+      security: Object.values(components.securitySchemes)
+    } as unknown as NormalizedAST;
+  }
+}
+function normalizePathForId(path: string): string {
+  return path
+    .toLowerCase()
+    .replace(/\/$/, '')
+    .replace(/\{[^}]+\}/g, '{*}');
+}
+function buildParametersAndBody(pathParams: any[], opParams: any[], consumes: string[]): { parameters: Parameter[], requestBody?: RequestBody } {
+  const paramMap = new Map<string, Parameter>();
+  let requestBody: RequestBody | undefined = undefined;
+  const allParams = [...pathParams, ...opParams];
+  for (const p of allParams) {
+    if (p.in === 'body') {
+      const content: Record<string, any> = {};
+      for (const mime of consumes) {
+        content[mime] = { schema: normalizeSchema(p.schema || {}) };
+      }
+      requestBody = {
+        required: !!p.required,
+        description: p.description,
+        content
+      };
+    } else if (p.in === 'formData') {
+      // In OpenAPI 3, formData becomes requestBody with application/x-www-form-urlencoded or multipart/form-data
+      if (!requestBody) {
+        requestBody = { required: false, content: {} };
+      }
+      const mime = consumes.includes('multipart/form-data') ? 'multipart/form-data' : 'application/x-www-form-urlencoded';
+      if (!requestBody.content[mime]) {
+        requestBody.content[mime] = { schema: { type: 'object', properties: {} } };
+      }
+      const schema = requestBody.content[mime].schema;
+      if (!schema.properties) schema.properties = {};
+      schema.properties[p.name] = normalizeSchema(p);
+      if (p.required) {
+        if (!schema.required) schema.required = [];
+        schema.required.push(p.name);
+      }
+    } else {
+      paramMap.set(`${p.name}:${p.in}`, {
+        name: p.name,
+        in: p.in as any,
+        required: !!p.required,
+        deprecated: false,
+        description: p.description,
+        schema: normalizeSchema(p)
+      });
+    }
+  }
+  return { parameters: Array.from(paramMap.values()), requestBody };
+}
+function buildResponses(responses: any, produces: string[]): ResponseDef[] {
+  if (!responses || typeof responses !== 'object') return [];
+  const res: ResponseDef[] = [];
+  for (const [code, r] of Object.entries<any>(responses)) {
+    const content: Record<string, any> = {};
+    if (r.schema) {
+      for (const mime of produces) {
+        content[mime] = { schema: normalizeSchema(r.schema) };
+      }
+    }
+    const headers: Record<string, any> = {};
+    if (r.headers) {
+      for (const [k, v] of Object.entries<any>(r.headers)) {
+        headers[k] = {
+          schema: normalizeSchema(v as any),
+          description: (v as any).description
+        };
+      }
+    }
+    res.push({
+      statusCode: code,
+      description: r.description,
+      content,
+      headers
+    });
+  }
+  return res;
+}
+function extractExtensions(obj: any): Record<string, unknown> {
+  const ext: Record<string, unknown> = {};
+  if (obj && typeof obj === 'object') {
+    for (const k of Object.keys(obj)) {
+      if (k.startsWith('x-')) {
+        ext[k] = obj[k];
+      }
+    }
+  }
+  return ext;
+}

package/src/parsers/openapi3/index.ts ADDED Viewed

@@ -0,0 +1,223 @@
+import { resolveRefs } from './ref-resolver.js';
+import { normalizeSchema } from './schema-normalizer.js';
+import { normalizeSecurity } from './security-normalizer.js';
+import type { NormalizedAST, Endpoint, Parameter, RequestBody, ResponseDef, ComponentMap, HttpMethod } from '../../types/index.js';
+import type { RawSpec } from '../../loader/index.js';
+import type { ISpecParser } from '../base.js';
+import { ParseError } from '../../types/errors.js';
+import yaml from 'js-yaml';
+export class OpenApi3Parser implements ISpecParser {
+  readonly format = 'openapi3';
+  canParse(raw: RawSpec): boolean {
+    return raw.format === 'openapi3';
+  }
+  async parse(raw: RawSpec): Promise<NormalizedAST> {
+    let parsed: any;
+    try {
+      parsed = JSON.parse(raw.content);
+    } catch {
+      try {
+        parsed = yaml.load(raw.content);
+      } catch (err: any) {
+        throw new ParseError('Failed to parse OpenAPI 3.x spec', undefined, undefined, raw.sourcePath, err);
+      }
+    }
+    if (!parsed || typeof parsed !== 'object' || !parsed.openapi || !parsed.openapi.startsWith('3.')) {
+      throw new ParseError('Not a valid OpenAPI 3.x spec', undefined, undefined, raw.sourcePath);
+    }
+    const resolved = resolveRefs(parsed, parsed, raw.sourcePath);
+    const meta = {
+      title: resolved.info?.title || 'Unknown API',
+      version: resolved.info?.version || '1.0.0',
+      format: 'openapi3' as const,
+      rawVersion: resolved.openapi
+    };
+    const servers = (resolved.servers || []).map((s: any) => ({
+      url: s.url,
+      description: s.description,
+      variables: s.variables
+    }));
+    const components: ComponentMap = {
+      schemas: {},
+      securitySchemes: {},
+      parameters: {},
+      responses: {},
+      headers: {},
+      requestBodies: {}
+    };
+    if (resolved.components?.schemas) {
+      for (const [k, v] of Object.entries(resolved.components.schemas)) {
+        components.schemas[k] = normalizeSchema(v);
+      }
+    }
+    const securitySchemes = resolved.components?.securitySchemes || {};
+    for (const [k, v] of Object.entries(securitySchemes)) {
+      components.securitySchemes[k] = v as any;
+    }
+    const endpoints: Endpoint[] = [];
+    const paths = resolved.paths || {};
+    const globalSecurity = resolved.security;
+    const allowedMethods = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace'];
+    for (const [pathStr, pathItem] of Object.entries(paths)) {
+      if (!pathItem || typeof pathItem !== 'object') continue;
+      const pathParams = Array.isArray((pathItem as any).parameters) ? (pathItem as any).parameters : [];
+      for (const methodStr of Object.keys(pathItem)) {
+        if (!allowedMethods.includes(methodStr)) continue;
+        const op = pathItem[methodStr as keyof typeof pathItem] as any;
+        if (!op || typeof op !== 'object') continue;
+        const method = methodStr.toUpperCase() as HttpMethod;
+        const id = `${method}:${normalizePathForId(pathStr)}`;
+        const opParams = Array.isArray(op.parameters) ? op.parameters : [];
+        const parameters = buildParameters(pathParams, opParams);
+        const security = op.security !== undefined
+          ? normalizeSecurity(op.security)
+          : normalizeSecurity(globalSecurity);
+        const endpoint: Endpoint = {
+          id,
+          path: pathStr,
+          method,
+          summary: op.summary,
+          description: op.description,
+          operationId: op.operationId,
+          tags: Array.isArray(op.tags) ? op.tags : [],
+          deprecated: !!op.deprecated,
+          security,
+          parameters,
+          requestBody: op.requestBody ? buildRequestBody(op.requestBody) : undefined,
+          responses: buildResponses(op.responses),
+          extensions: extractExtensions(op)
+        };
+        endpoints.push(endpoint);
+      }
+    }
+    return {
+      meta,
+      servers,
+      endpoints,
+      components,
+      security: Object.values(components.securitySchemes)
+    };
+  }
+}
+function normalizePathForId(path: string): string {
+  return path
+    .toLowerCase()
+    .replace(/\/$/, '')
+    .replace(/\{[^}]+\}/g, '{*}');
+}
+function buildParameters(pathParams: any[], opParams: any[]): Parameter[] {
+  const paramMap = new Map<string, Parameter>();
+  for (const p of pathParams) {
+    paramMap.set(`${p.name}:${p.in}`, {
+      name: p.name,
+      in: p.in,
+      required: !!p.required,
+      deprecated: !!p.deprecated,
+      description: p.description,
+      schema: normalizeSchema(p.schema || {}),
+      example: p.example
+    });
+  }
+  for (const p of opParams) {
+    paramMap.set(`${p.name}:${p.in}`, {
+      name: p.name,
+      in: p.in,
+      required: !!p.required,
+      deprecated: !!p.deprecated,
+      description: p.description,
+      schema: normalizeSchema(p.schema || {}),
+      example: p.example
+    });
+  }
+  return Array.from(paramMap.values());
+}
+function buildRequestBody(rb: any): RequestBody {
+  const content: Record<string, any> = {};
+  if (rb.content) {
+    for (const [k, v] of Object.entries<any>(rb.content)) {
+      content[k] = {
+        schema: normalizeSchema(v.schema || {}),
+        example: v.example
+      };
+    }
+  }
+  return {
+    required: !!rb.required,
+    description: rb.description,
+    content
+  };
+}
+function buildResponses(responses: any): ResponseDef[] {
+  if (!responses || typeof responses !== 'object') return [];
+  const res: ResponseDef[] = [];
+  for (const [code, r] of Object.entries<any>(responses)) {
+    const content: Record<string, any> = {};
+    if (r.content) {
+      for (const [k, v] of Object.entries<any>(r.content)) {
+        content[k] = {
+          schema: normalizeSchema(v.schema || {}),
+          example: v.example
+        };
+      }
+    }
+    const headers: Record<string, any> = {};
+    if (r.headers) {
+      for (const [k, v] of Object.entries<any>(r.headers)) {
+        headers[k] = {
+          required: !!v.required,
+          deprecated: !!v.deprecated,
+          schema: normalizeSchema(v.schema || {}),
+          description: v.description
+        };
+      }
+    }
+    res.push({
+      statusCode: code,
+      description: r.description,
+      content,
+      headers
+    });
+  }
+  return res;
+}
+function extractExtensions(obj: any): Record<string, unknown> {
+  const ext: Record<string, unknown> = {};
+  if (obj && typeof obj === 'object') {
+    for (const k of Object.keys(obj)) {
+      if (k.startsWith('x-')) {
+        ext[k] = obj[k];
+      }
+    }
+  }
+  return ext;
+}

package/src/parsers/openapi3/ref-resolver.ts ADDED Viewed

@@ -0,0 +1,101 @@
+import { readFileSync } from 'node:fs';
+import { resolve, dirname } from 'node:path';
+import yaml from 'js-yaml';
+import { RefError } from '../../types/errors.js';
+const fileCache = new Map<string, any>();
+export function resolveRefs(obj: any, root: any, sourcePath?: string): any {
+  if (!obj || typeof obj !== 'object') return obj;
+  const stack: Array<{ node: any; parent: any | null; key: string | null }> = [
+    { node: obj, parent: null, key: null }
+  ];
+  const visitedRefs = new Set<string>();
+  const visitedNodes = new WeakSet<any>();
+  while (stack.length > 0) {
+    const current = stack.pop()!;
+    const { node, parent, key } = current;
+    if (!node || typeof node !== 'object') continue;
+    if (visitedNodes.has(node)) continue;
+    visitedNodes.add(node);
+    if (Array.isArray(node)) {
+      for (let i = node.length - 1; i >= 0; i--) {
+        stack.push({ node: node[i], parent: node, key: i.toString() });
+      }
+      continue;
+    }
+    if ('$ref' in node && typeof node.$ref === 'string') {
+      const ref = node.$ref;
+      if (visitedRefs.has(ref)) {
+        if (parent && key !== null) {
+          parent[key] = { ...node, $circular: true };
+        }
+        continue;
+      }
+      visitedRefs.add(ref);
+      let resolved: any;
+      if (ref.startsWith('#')) {
+        resolved = resolveLocalRef(ref, root);
+      } else if (ref.startsWith('./') || ref.startsWith('../')) {
+        if (!sourcePath) {
+          throw new RefError(`Cannot resolve relative ref without sourcePath`, ref);
+        }
+        const refPath = resolve(dirname(sourcePath), ref.split('#')[0]);
+        try {
+          let parsed = fileCache.get(refPath);
+          if (!parsed) {
+            const content = readFileSync(refPath, 'utf8');
+            parsed = refPath.endsWith('.json') ? JSON.parse(content) : yaml.load(content);
+            fileCache.set(refPath, parsed);
+          }
+          resolved = ref.includes('#') ? resolveLocalRef('#' + ref.split('#')[1], parsed) : parsed;
+        } catch (err: any) {
+          throw new RefError(`Failed to load external ref`, ref, err);
+        }
+      } else if (ref.startsWith('http://') || ref.startsWith('https://')) {
+         throw new RefError(`URL refs not implemented synchronously`, ref);
+      } else {
+        throw new RefError(`Unsupported ref format`, ref);
+      }
+      if (parent && key !== null) {
+        parent[key] = resolved;
+        stack.push({ node: resolved, parent, key });
+      }
+      continue;
+    }
+    const keys = Object.keys(node);
+    for (let i = keys.length - 1; i >= 0; i--) {
+      const k = keys[i];
+      if (k !== '$ref' && typeof node[k] === 'object' && node[k] !== null) {
+        stack.push({ node: node[k], parent: node, key: k });
+      }
+    }
+  }
+  return obj;
+}
+function resolveLocalRef(ref: string, root: any): any {
+  const parts = ref.replace(/^#\/?/, '').split('/');
+  let current = root;
+  for (const part of parts) {
+    if (!part) continue;
+    const key = part.replace(/~1/g, '/').replace(/~0/g, '~');
+    if (current && typeof current === 'object' && key in current) {
+      current = current[key];
+    } else {
+      throw new RefError(`Local ref not found`, ref);
+    }
+  }
+  return current;
+}

package/src/parsers/openapi3/schema-normalizer.ts ADDED Viewed

@@ -0,0 +1,52 @@
+import type { Schema } from '../../types/index.js';
+export function normalizeSchema(schema: any): Schema {
+  if (!schema || typeof schema !== 'object') return schema;
+  if (Array.isArray(schema.allOf)) {
+    const merged = flattenAllOf(schema.allOf);
+    schema = { ...schema, ...merged };
+    delete schema.allOf;
+  }
+  if (schema.nullable === true) {
+    if (typeof schema.type === 'string') {
+      schema.type = [schema.type, 'null'];
+    } else if (Array.isArray(schema.type) && !schema.type.includes('null')) {
+      schema.type = [...schema.type, 'null'];
+    }
+    delete schema.nullable;
+  }
+  if (schema.properties) {
+    for (const key of Object.keys(schema.properties)) {
+      schema.properties[key] = normalizeSchema(schema.properties[key]);
+    }
+  }
+  if (schema.items) {
+    schema.items = normalizeSchema(schema.items);
+  }
+  if (schema.additionalProperties && typeof schema.additionalProperties === 'object') {
+    schema.additionalProperties = normalizeSchema(schema.additionalProperties);
+  }
+  if (Array.isArray(schema.oneOf)) {
+    schema.oneOf = schema.oneOf.map(normalizeSchema);
+  }
+  if (Array.isArray(schema.anyOf)) {
+    schema.anyOf = schema.anyOf.map(normalizeSchema);
+  }
+  return schema as Schema;
+}
+function flattenAllOf(schemas: any[]): any {
+  return schemas.reduce((merged, subSchema) => {
+    const normalized = normalizeSchema(subSchema);
+    return {
+      ...merged,
+      ...normalized,
+      properties: { ...(merged.properties || {}), ...(normalized.properties || {}) },
+      required: [...new Set([...(merged.required || []), ...(normalized.required || [])])]
+    };
+  }, {});
+}

package/src/parsers/openapi3/security-normalizer.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import type { SecurityRequirement } from '../../types/index.js';
+export function normalizeSecurity(securityArray?: any[]): SecurityRequirement[] {
+  if (!securityArray || !Array.isArray(securityArray)) {
+    return [];
+  }
+  const result: SecurityRequirement[] = [];
+  for (const req of securityArray) {
+    for (const [schemeId, scopes] of Object.entries(req)) {
+      result.push({
+        schemeId,
+        scopes: Array.isArray(scopes) ? scopes.map(String) : []
+      });
+    }
+  }
+  return result;
+}