@checkstack/incident-common 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/CHANGELOG.md +61 -0
  2. package/package.json +7 -7
  3. package/src/rpc-contract.ts +4 -0
package/CHANGELOG.md CHANGED
@@ -1,5 +1,66 @@
1
1
  # @checkstack/incident-common
2
2
 
3
+ ## 1.2.0
4
+
5
+ ### Minor Changes
6
+
7
+ - 9016526: Add a `/rest/:pluginId/*` HTTP mount that serves every plugin's oRPC contract
8
+ through the REST/OpenAPI shape described by `/api/openapi.json`. Queries are
9
+ `GET` with query parameters, mutations are `POST` with the input as the raw
10
+ JSON body. The existing `/api/:pluginId/*` mount continues to serve oRPC's
11
+ native wire protocol unchanged, so existing clients are not affected.
12
+
13
+ The OpenAPI spec at `/api/openapi.json` now reflects the real mount: every
14
+ `paths` entry is prefixed with `/rest` instead of `/api`.
15
+
16
+ Also fixes a SPA-fallback bug: the backend's `/api-docs` route previously
17
+ returned 404 on production deployments because the static-file middleware
18
+ skipped any path starting with `/api`, capturing `/api-docs` along with real
19
+ API routes. The skip now requires a trailing slash (`/api/`, `/rest/`).
20
+
21
+ Required access rules are now visible in the API Docs UI. The OpenAPI spec
22
+ generator was reading a non-existent `accessRules` field on procedure
23
+ metadata; the real field is `access: AccessRule[]`. Each procedure's access
24
+ rules are now flattened to fully-qualified IDs (e.g. `catalog.system.read`)
25
+ and emitted under `x-orpc-meta.accessRules`, which the existing
26
+ `Required Access Rules` section in the docs UI already knew how to render.
27
+
28
+ The API Docs schema renderer now handles record types (zod `z.record`),
29
+ `$ref`s into `components.schemas`, `oneOf`/`anyOf`/`allOf`, nullable union
30
+ types (`type: ["string", "null"]`), and `format` qualifiers. Previously
31
+ record outputs like `{ statuses: object }` masked the actual value type;
32
+ they now render as `{ [key]: <ResolvedType> { ... } }` with the inner
33
+ schema expanded, capped at 12 levels with cycle detection.
34
+
35
+ **REST method conventions.** `proc()` now defaults to `GET` for queries and
36
+ `POST` for mutations on the `/rest` mount, using bracket-notation query
37
+ params (`?filter[status]=active&ids[0]=a`) for GET inputs. Existing
38
+ procedures were updated to follow REST semantics:
39
+
40
+ - `update*` mutations → `PATCH`
41
+ - `delete*` / `remove*` mutations → `DELETE`
42
+ - `getBulk*` queries and any query taking a large array input → `POST`
43
+ (because `@orpc/openapi@1.13.x` has no GET→POST URL-length fallback)
44
+
45
+ GET endpoints require an `object` input — bare scalars like
46
+ `.input(z.string())` are not valid on GET. `getSystemConfigurations` was
47
+ refactored from `.input(z.string())` to `.input(z.object({ systemId: ... }))`
48
+ to fit the GET shape; the only call-site update was the in-process router
49
+ unpacking `input.systemId` instead of passing `input` directly.
50
+
51
+ The API Docs UI now renders query parameters (path/query/header/cookie) in a
52
+ dedicated table for GET endpoints, and the fetch example shows them in the
53
+ URL with `<required>` / `<optional>` placeholders.
54
+
55
+ ### Patch Changes
56
+
57
+ - Updated dependencies [9016526]
58
+ - @checkstack/common@0.10.0
59
+ - @checkstack/catalog-common@2.2.0
60
+ - @checkstack/notification-common@1.1.0
61
+ - @checkstack/frontend-api@0.5.1
62
+ - @checkstack/signal-common@0.2.3
63
+
3
64
  ## 1.1.0
4
65
 
5
66
  ### Minor Changes
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@checkstack/incident-common",
3
- "version": "1.1.0",
3
+ "version": "1.2.0",
4
4
  "license": "Elastic-2.0",
5
5
  "type": "module",
6
6
  "exports": {
@@ -9,18 +9,18 @@
9
9
  }
10
10
  },
11
11
  "dependencies": {
12
- "@checkstack/common": "0.8.0",
13
- "@checkstack/catalog-common": "2.0.1",
14
- "@checkstack/frontend-api": "0.4.2",
15
- "@checkstack/notification-common": "1.0.1",
16
- "@checkstack/signal-common": "0.2.1",
12
+ "@checkstack/common": "0.9.0",
13
+ "@checkstack/catalog-common": "2.1.0",
14
+ "@checkstack/frontend-api": "0.5.0",
15
+ "@checkstack/notification-common": "1.0.2",
16
+ "@checkstack/signal-common": "0.2.2",
17
17
  "@orpc/contract": "^1.13.14",
18
18
  "zod": "^4.2.1"
19
19
  },
20
20
  "devDependencies": {
21
21
  "typescript": "^5.7.2",
22
22
  "@checkstack/tsconfig": "0.0.7",
23
- "@checkstack/scripts": "0.3.0"
23
+ "@checkstack/scripts": "0.3.1"
24
24
  },
25
25
  "scripts": {
26
26
  "typecheck": "tsgo -b",
package/src/rpc-contract.ts CHANGED
@@ -59,6 +59,7 @@ export const incidentContract = {
59
59
  access: [incidentAccess.incident.read],
60
60
  instanceAccess: { recordKey: "incidents" },
61
61
  })
62
+ .route({ method: "POST" })
62
63
  .input(z.object({ systemIds: z.array(z.string()) }))
63
64
  .output(
64
65
  z.object({
@@ -81,6 +82,7 @@ export const incidentContract = {
81
82
  userType: "authenticated",
82
83
  access: [incidentAccess.incident.manage],
83
84
  })
85
+ .route({ method: "PATCH" })
84
86
  .input(UpdateIncidentInputSchema)
85
87
  .output(IncidentWithSystemsSchema),
86
88
 
@@ -117,6 +119,7 @@ export const incidentContract = {
117
119
  userType: "authenticated",
118
120
  access: [incidentAccess.incident.manage],
119
121
  })
122
+ .route({ method: "DELETE" })
120
123
  .input(z.object({ id: z.string() }))
121
124
  .output(z.object({ success: z.boolean() })),
122
125
 
@@ -126,6 +129,7 @@ export const incidentContract = {
126
129
  userType: "authenticated",
127
130
  access: [incidentAccess.incident.manage],
128
131
  })
132
+ .route({ method: "DELETE" })
129
133
  .input(z.object({ id: z.string() }))
130
134
  .output(z.object({ success: z.boolean() })),
131
135