@checkstack/notification-common 1.0.2 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/CHANGELOG.md +58 -0
  2. package/package.json +4 -4
  3. package/src/rpc-contract.ts +5 -0
package/CHANGELOG.md CHANGED
@@ -1,5 +1,63 @@
1
1
  # @checkstack/notification-common
2
2
 
3
+ ## 1.1.0
4
+
5
+ ### Minor Changes
6
+
7
+ - 9016526: Add a `/rest/:pluginId/*` HTTP mount that serves every plugin's oRPC contract
8
+ through the REST/OpenAPI shape described by `/api/openapi.json`. Queries are
9
+ `GET` with query parameters, mutations are `POST` with the input as the raw
10
+ JSON body. The existing `/api/:pluginId/*` mount continues to serve oRPC's
11
+ native wire protocol unchanged, so existing clients are not affected.
12
+
13
+ The OpenAPI spec at `/api/openapi.json` now reflects the real mount: every
14
+ `paths` entry is prefixed with `/rest` instead of `/api`.
15
+
16
+ Also fixes a SPA-fallback bug: the backend's `/api-docs` route previously
17
+ returned 404 on production deployments because the static-file middleware
18
+ skipped any path starting with `/api`, capturing `/api-docs` along with real
19
+ API routes. The skip now requires a trailing slash (`/api/`, `/rest/`).
20
+
21
+ Required access rules are now visible in the API Docs UI. The OpenAPI spec
22
+ generator was reading a non-existent `accessRules` field on procedure
23
+ metadata; the real field is `access: AccessRule[]`. Each procedure's access
24
+ rules are now flattened to fully-qualified IDs (e.g. `catalog.system.read`)
25
+ and emitted under `x-orpc-meta.accessRules`, which the existing
26
+ `Required Access Rules` section in the docs UI already knew how to render.
27
+
28
+ The API Docs schema renderer now handles record types (zod `z.record`),
29
+ `$ref`s into `components.schemas`, `oneOf`/`anyOf`/`allOf`, nullable union
30
+ types (`type: ["string", "null"]`), and `format` qualifiers. Previously
31
+ record outputs like `{ statuses: object }` masked the actual value type;
32
+ they now render as `{ [key]: <ResolvedType> { ... } }` with the inner
33
+ schema expanded, capped at 12 levels with cycle detection.
34
+
35
+ **REST method conventions.** `proc()` now defaults to `GET` for queries and
36
+ `POST` for mutations on the `/rest` mount, using bracket-notation query
37
+ params (`?filter[status]=active&ids[0]=a`) for GET inputs. Existing
38
+ procedures were updated to follow REST semantics:
39
+
40
+ - `update*` mutations → `PATCH`
41
+ - `delete*` / `remove*` mutations → `DELETE`
42
+ - `getBulk*` queries and any query taking a large array input → `POST`
43
+ (because `@orpc/openapi@1.13.x` has no GET→POST URL-length fallback)
44
+
45
+ GET endpoints require an `object` input — bare scalars like
46
+ `.input(z.string())` are not valid on GET. `getSystemConfigurations` was
47
+ refactored from `.input(z.string())` to `.input(z.object({ systemId: ... }))`
48
+ to fit the GET shape; the only call-site update was the in-process router
49
+ unpacking `input.systemId` instead of passing `input` directly.
50
+
51
+ The API Docs UI now renders query parameters (path/query/header/cookie) in a
52
+ dedicated table for GET endpoints, and the fetch example shows them in the
53
+ URL with `<required>` / `<optional>` placeholders.
54
+
55
+ ### Patch Changes
56
+
57
+ - Updated dependencies [9016526]
58
+ - @checkstack/common@0.10.0
59
+ - @checkstack/signal-common@0.2.3
60
+
3
61
  ## 1.0.2
4
62
 
5
63
  ### Patch Changes
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@checkstack/notification-common",
3
- "version": "1.0.2",
3
+ "version": "1.1.0",
4
4
  "license": "Elastic-2.0",
5
5
  "type": "module",
6
6
  "exports": {
@@ -10,15 +10,15 @@
10
10
  }
11
11
  },
12
12
  "dependencies": {
13
- "@checkstack/common": "0.8.0",
14
- "@checkstack/signal-common": "0.2.1",
13
+ "@checkstack/common": "0.9.0",
14
+ "@checkstack/signal-common": "0.2.2",
15
15
  "@orpc/contract": "^1.13.14",
16
16
  "zod": "^4.0.0"
17
17
  },
18
18
  "devDependencies": {
19
19
  "@checkstack/tsconfig": "0.0.7",
20
20
  "typescript": "^5.7.2",
21
- "@checkstack/scripts": "0.3.0"
21
+ "@checkstack/scripts": "0.3.1"
22
22
  },
23
23
  "scripts": {
24
24
  "typecheck": "tsgo -b",
package/src/rpc-contract.ts CHANGED
@@ -112,6 +112,7 @@ export const notificationContract = {
112
112
  userType: "user",
113
113
  access: [],
114
114
  })
115
+ .route({ method: "DELETE" })
115
116
  .input(z.object({ notificationId: z.string().uuid() }))
116
117
  .output(z.void()),
117
118
 
@@ -164,6 +165,7 @@ export const notificationContract = {
164
165
  userType: "user",
165
166
  access: [],
166
167
  })
168
+ .route({ method: "POST" })
167
169
  .input(z.object({ groupIds: z.array(z.string()) }))
168
170
  .output(z.record(z.string(), z.boolean())),
169
171
 
@@ -226,6 +228,7 @@ export const notificationContract = {
226
228
  userType: "service",
227
229
  access: [],
228
230
  })
231
+ .route({ method: "DELETE" })
229
232
  .input(
230
233
  z.object({
231
234
  groupId: z.string().describe("Full namespaced group ID to delete"),
@@ -337,6 +340,7 @@ export const notificationContract = {
337
340
  userType: "service",
338
341
  access: [],
339
342
  })
343
+ .route({ method: "DELETE" })
340
344
  .input(
341
345
  z.object({
342
346
  targetTypeId: z.string(),
@@ -530,6 +534,7 @@ export const notificationContract = {
530
534
  userType: "user",
531
535
  access: [notificationAccess.admin],
532
536
  })
537
+ .route({ method: "PATCH" })
533
538
  .input(
534
539
  z.object({
535
540
  strategyId: z.string().describe("Qualified strategy ID"),