@redocly/openapi-core 1.0.0-beta.108 → 1.0.0-beta.109

package/src/config/minimal.ts

@@ -24,7 +24,7 @@ export default {
     'operation-operationId-unique': 'warn',
     'operation-parameters-unique': 'warn',
     'operation-tag-defined': 'off',
-    'operation-security-defined': 'warn',
+    'security-defined': 'warn',
     'operation-operationId-url-safe': 'warn',
     'operation-singular-tag': 'off',
     'no-unresolved-refs': 'error',
@@ -45,6 +45,7 @@ export default {
     'no-unused-components': 'warn',
     'no-undefined-server-variable': 'warn',
     'no-server-variables-empty-enum': 'error',
+    'spec-components-invalid-map-name': 'warn',
   },
   oas3_1Rules: {
     'no-invalid-media-type-examples': 'warn',
@@ -55,5 +56,6 @@ export default {
     'no-unused-components': 'warn',
     'no-undefined-server-variable': 'warn',
     'no-server-variables-empty-enum': 'error',
+    'spec-components-invalid-map-name': 'warn',
   },
 } as PluginStyleguideConfig;

package/src/config/recommended.ts

@@ -25,7 +25,7 @@ export default {
     'operation-operationId-url-safe': 'error',
     'operation-parameters-unique': 'error',
     'operation-tag-defined': 'off',
-    'operation-security-defined': 'error',
+    'security-defined': 'error',
     'operation-singular-tag': 'off',
     'no-unresolved-refs': 'error',
     'no-enum-type-mismatch': 'error',
@@ -45,6 +45,7 @@ export default {
     'no-unused-components': 'warn',
     'no-undefined-server-variable': 'error',
     'no-server-variables-empty-enum': 'error',
+    'spec-components-invalid-map-name': 'error',
   },
   oas3_1Rules: {
     'no-invalid-media-type-examples': 'warn',
@@ -55,5 +56,6 @@ export default {
     'no-unused-components': 'warn',
     'no-undefined-server-variable': 'error',
     'no-server-variables-empty-enum': 'error',
+    'spec-components-invalid-map-name': 'error',
   },
 } as PluginStyleguideConfig;

package/src/config/rules.ts

@@ -1,6 +1,6 @@
 import { RuleSet, OasVersion } from '../oas-types';
 import { StyleguideConfig } from './config';
-import { notUndefined } from '../utils';
+import { isDefined } from '../utils';
 
 export function initRules<T extends Function, P extends RuleSet<T>>(
   rules: P[],
@@ -42,5 +42,5 @@ export function initRules<T extends Function, P extends RuleSet<T>>(
       })
     )
     .flatMap((visitor) => visitor)
-    .filter(notUndefined);
+    .filter(isDefined);
 }

package/src/config/types.ts

@@ -110,6 +110,7 @@ export type ResolveHeader =
 
 export type RawResolveConfig = {
   http?: Partial<HttpResolveConfig>;
+  doNotResolveExamples?: boolean;
 };
 
 export type HttpResolveConfig = {
@@ -128,6 +129,7 @@ export type AccessTokens = { [region in Region]?: string };
 export type DeprecatedInRawConfig = {
   apiDefinitions?: Record<string, string>;
   lint?: StyleguideRawConfig;
+  styleguide?: StyleguideRawConfig;
   referenceDocs?: Record<string, any>;
   apis?: Record<string, Api & DeprecatedInApi>;
 };
@@ -153,6 +155,15 @@ export type RawConfig = {
   organization?: string;
 } & FeaturesConfig;
 
+export type FlatApi = Omit<Api, 'styleguide'> &
+  Omit<ApiStyleguideRawConfig, 'doNotResolveExamples'>;
+
+export type FlatRawConfig = Omit<RawConfig, 'styleguide' | 'resolve' | 'apis'> &
+  Omit<StyleguideRawConfig, 'doNotResolveExamples'> & {
+    resolve?: RawResolveConfig;
+    apis?: Record<string, FlatApi>;
+  };
+
 export type ResolvedConfig = Omit<RawConfig, 'apis' | 'styleguide'> & {
   apis: Record<string, ResolvedApi>;
   styleguide: ResolvedStyleguideConfig;

package/src/config/utils.ts

@@ -1,21 +1,24 @@
 import {
   assignExisting,
+  isDefined,
   isTruthy,
   showErrorForDeprecatedField,
   showWarningForDeprecatedField,
 } from '../utils';
 import { Config } from './config';
-
 import type {
   Api,
   DeprecatedInApi,
   DeprecatedInRawConfig,
+  FlatApi,
+  FlatRawConfig,
   Plugin,
   RawConfig,
   RawResolveConfig,
   ResolveConfig,
   ResolvedStyleguideConfig,
   RulesFields,
+  StyleguideRawConfig,
 } from './types';
 import { logger, colorize } from '../logger';
 
@@ -39,13 +42,86 @@ export function transformApiDefinitionsToApis(
   return apis;
 }
 
+function extractFlatConfig<
+  T extends Partial<
+    (Api & DeprecatedInApi & FlatApi) & (DeprecatedInRawConfig & RawConfig & FlatRawConfig)
+  >
+>({
+  plugins,
+  extends: _extends,
+
+  rules,
+  oas2Rules,
+  oas3_0Rules,
+  oas3_1Rules,
+
+  preprocessors,
+  oas2Preprocessors,
+  oas3_0Preprocessors,
+  oas3_1Preprocessors,
+
+  decorators,
+  oas2Decorators,
+  oas3_0Decorators,
+  oas3_1Decorators,
+
+  ...rawConfigRest
+}: T): {
+  styleguideConfig?: StyleguideRawConfig;
+  rawConfigRest: Omit<T, 'plugins' | 'extends' | RulesFields>;
+} {
+  const styleguideConfig = {
+    plugins,
+    extends: _extends,
+
+    rules,
+    oas2Rules,
+    oas3_0Rules,
+    oas3_1Rules,
+
+    preprocessors,
+    oas2Preprocessors,
+    oas3_0Preprocessors,
+    oas3_1Preprocessors,
+
+    decorators,
+    oas2Decorators,
+    oas3_0Decorators,
+    oas3_1Decorators,
+
+    doNotResolveExamples: (rawConfigRest as FlatRawConfig).resolve?.doNotResolveExamples,
+  };
+
+  if (
+    (rawConfigRest.lint && rawConfigRest.styleguide) ||
+    (Object.values(styleguideConfig).some(isDefined) &&
+      (rawConfigRest.lint || rawConfigRest.styleguide))
+  ) {
+    throw new Error(
+      `Do not use 'lint', 'styleguide' and flat syntax together. \nSee more about the configuration in the docs: https://redocly.com/docs/cli/configuration/ \n`
+    );
+  }
+
+  return {
+    styleguideConfig: Object.values(styleguideConfig).some(isDefined)
+      ? styleguideConfig
+      : undefined,
+
+    rawConfigRest,
+  };
+}
+
 function transformApis(
-  legacyApis?: Record<string, Api & DeprecatedInApi>
+  legacyApis?: Record<string, Api & DeprecatedInApi & FlatApi>
 ): Record<string, Api> | undefined {
   if (!legacyApis) return undefined;
   const apis: Record<string, Api> = {};
   for (const [apiName, { lint, ...apiContent }] of Object.entries(legacyApis)) {
-    apis[apiName] = { styleguide: lint, ...apiContent };
+    const { styleguideConfig, rawConfigRest } = extractFlatConfig(apiContent);
+    apis[apiName] = {
+      styleguide: styleguideConfig || lint,
+      ...rawConfigRest,
+    };
   }
   return apis;
 }
@@ -165,17 +241,22 @@ export function getMergedConfig(config: Config, apiName?: string): Config {
 }
 
 function checkForDeprecatedFields(
-  deprecatedField: keyof DeprecatedInRawConfig,
-  updatedField: keyof RawConfig,
-  rawConfig: DeprecatedInRawConfig & RawConfig
+  deprecatedField: keyof (DeprecatedInRawConfig & RawConfig),
+  updatedField: keyof FlatRawConfig | undefined,
+  rawConfig: DeprecatedInRawConfig & RawConfig & FlatRawConfig
 ): void {
   const isDeprecatedFieldInApis =
     rawConfig.apis &&
     Object.values(rawConfig.apis).some(
-      (api: Api & DeprecatedInApi & DeprecatedInRawConfig) => api[deprecatedField]
+      (api: Api & FlatApi & DeprecatedInApi & DeprecatedInRawConfig & RawConfig & FlatRawConfig) =>
+        api[deprecatedField]
     );
 
-  if (rawConfig[deprecatedField] && rawConfig[updatedField]) {
+  if (rawConfig[deprecatedField] && updatedField === null) {
+    showWarningForDeprecatedField(deprecatedField);
+  }
+
+  if (rawConfig[deprecatedField] && updatedField && rawConfig[updatedField]) {
     showErrorForDeprecatedField(deprecatedField, updatedField);
   }
 
@@ -184,11 +265,17 @@ function checkForDeprecatedFields(
   }
 }
 
-export function transformConfig(rawConfig: DeprecatedInRawConfig & RawConfig): RawConfig {
-  const migratedFields: [keyof DeprecatedInRawConfig, keyof RawConfig][] = [
+export function transformConfig(
+  rawConfig: DeprecatedInRawConfig & RawConfig & FlatRawConfig
+): RawConfig {
+  const migratedFields: [
+    keyof (DeprecatedInRawConfig & RawConfig),
+    keyof FlatRawConfig | undefined
+  ][] = [
     ['apiDefinitions', 'apis'],
     ['referenceDocs', 'features.openapi'],
-    ['lint', 'styleguide'], // TODO: update docs
+    ['lint', undefined],
+    ['styleguide', undefined],
   ];
 
   for (const [deprecatedField, updatedField] of migratedFields) {
@@ -197,11 +284,13 @@ export function transformConfig(rawConfig: DeprecatedInRawConfig & RawConfig): R
 
   const { apis, apiDefinitions, referenceDocs, lint, ...rest } = rawConfig;
 
+  const { styleguideConfig, rawConfigRest } = extractFlatConfig(rest);
+
   return {
     'features.openapi': referenceDocs,
     apis: transformApis(apis) || transformApiDefinitionsToApis(apiDefinitions),
-    styleguide: lint,
-    ...rest,
+    styleguide: styleguideConfig || lint,
+    ...rawConfigRest,
   };
 }
 

package/src/decorators/common/registry-dependencies.ts

@@ -7,7 +7,7 @@ export const RegistryDependencies: Oas3Decorator | Oas2Decorator = () => {
   const registryDependencies = new Set<string>();
 
   return {
-    DefinitionRoot: {
+    Root: {
       leave(_: any, ctx: UserContext) {
         const data = ctx.getVisitorData();
         data.links = Array.from(registryDependencies);

package/src/format/format.ts

@@ -44,7 +44,13 @@ function severityToNumber(severity: ProblemSeverity) {
   return severity === 'error' ? 1 : 2;
 }
 
-export type OutputFormat = 'codeframe' | 'stylish' | 'json' | 'checkstyle' | 'codeclimate';
+export type OutputFormat =
+  | 'codeframe'
+  | 'stylish'
+  | 'json'
+  | 'checkstyle'
+  | 'codeclimate'
+  | 'summary';
 
 export function getTotals(problems: (NormalizedProblem & { ignored?: boolean })[]): Totals {
   let errors = 0;
@@ -143,6 +149,9 @@ export function formatProblems(
     case 'codeclimate':
       outputForCodeClimate();
       break;
+    case 'summary':
+      formatSummary(problems);
+      break;
   }
 
   if (totalProblems - ignoredProblems > maxProblems) {
@@ -257,13 +266,34 @@ export function formatProblems(
   }
 }
 
+function formatSummary(problems: NormalizedProblem[]): void {
+  const counts: Record<string, { count: number; severity: ProblemSeverity }> = {};
+  for (const problem of problems) {
+    counts[problem.ruleId] = counts[problem.ruleId] || { count: 0, severity: problem.severity };
+    counts[problem.ruleId].count++;
+  }
+  const sorted = Object.entries(counts).sort(([, a], [, b]) => {
+    const severityDiff = severityToNumber(a.severity) - severityToNumber(b.severity);
+    return severityDiff || b.count - a.count;
+  });
+
+  for (const [ruleId, info] of sorted) {
+    const color = COLORS[info.severity];
+    const severityName = color(SEVERITY_NAMES[info.severity].toLowerCase().padEnd(7));
+    logger.info(`${severityName} ${ruleId}: ${info.count}\n`);
+  }
+
+  logger.info('\n');
+}
+
 function formatFrom(cwd: string, location?: LocationObject) {
   if (!location) return '';
   const relativePath = path.relative(cwd, location.source.absoluteRef);
   const loc = getLineColLocation(location);
   const fileWithLoc = `${relativePath}:${loc.start.line}:${loc.start.col}`;
+  const atPointer = location.pointer ? colorize.gray(`at ${location.pointer}`) : '';
 
-  return `referenced from ${colorize.blue(fileWithLoc)}\n\n`;
+  return `referenced from ${colorize.blue(fileWithLoc)} ${atPointer} \n\n`;
 }
 
 function formatDidYouMean(problem: NormalizedProblem) {

package/src/lint.ts

@@ -80,13 +80,13 @@ export async function lintDocument(opts: {
   const normalizedVisitors = normalizeVisitors([...preprocessors, ...regularRules] as any, types);
   const resolvedRefMap = await resolveDocument({
     rootDocument: document,
-    rootType: types.DefinitionRoot,
+    rootType: types.Root,
     externalRefResolver,
   });
 
   walkDocument({
     document,
-    rootType: types.DefinitionRoot,
+    rootType: types.Root,
     normalizedVisitors,
     resolvedRefMap,
     ctx,

package/src/redocly/registry-api.ts

@@ -10,9 +10,6 @@ import { DEFAULT_REGION, DOMAINS } from '../config/config';
 import { isNotEmptyObject } from '../utils';
 const version = require('../../package.json').version;
 
-export const currentCommand =
-  typeof process !== 'undefined' ? process.env?.REDOCLY_CLI_COMMAND || '' : '';
-
 export class RegistryApi {
   constructor(private accessTokens: AccessTokens, private region: Region) {}
 
@@ -30,9 +27,13 @@ export class RegistryApi {
   }
 
   private async request(path = '', options: RequestInit = {}, region?: Region) {
+    const currentCommand =
+      typeof process !== 'undefined' ? process.env?.REDOCLY_CLI_COMMAND || '' : '';
+    const redoclyEnv = typeof process !== 'undefined' ? process.env?.REDOCLY_ENVIRONMENT || '' : '';
+
     const headers = Object.assign({}, options.headers || {}, {
       'x-redocly-cli-version': version,
-      'user-agent': `redocly-cli / ${version} ${currentCommand}`,
+      'user-agent': `redocly-cli / ${version} ${currentCommand} ${redoclyEnv}`,
     });
 
     if (!headers.hasOwnProperty('authorization')) {

package/src/resolve.ts

@@ -115,7 +115,9 @@ export class BaseResolver {
         const { body, mimeType } = await readFileFromUrl(absoluteRef, this.config.http);
         return new Source(absoluteRef, body, mimeType);
       } else {
-        return new Source(absoluteRef, await fs.promises.readFile(absoluteRef, 'utf-8'));
+        const content = await fs.promises.readFile(absoluteRef, 'utf-8');
+        // In some cases file have \r\n line delimeters like on windows, we should skip it.
+        return new Source(absoluteRef, content.replace(/\r\n/g, '\n'));
       }
     } catch (error) {
       throw new ResolveError(error);

package/src/rules/__tests__/utils.test.ts

@@ -153,7 +153,7 @@ describe('get-additional-properties-option', () => {
     } catch (error) {
       expect(error).toBeInstanceOf(Error);
       expect(error.message).toEqual(
-        "Do not use 'disallowAdditionalProperties' field. Use 'allowAdditionalProperties' instead.\n"
+        "Do not use 'disallowAdditionalProperties' field. Use 'allowAdditionalProperties' instead. \n"
       );
     }
   });

package/src/rules/common/__tests__/no-enum-type-mismatch.test.ts

@@ -191,6 +191,7 @@ describe('Oas3 typed enum', () => {
     expect(replaceSourceWithRef(results)).toMatchInlineSnapshot(`
       Array [
         Object {
+          "from": undefined,
           "location": Array [
             Object {
               "pointer": "#/paths/~1some/get/responses/200/content/application~1json/schema",

package/src/rules/common/__tests__/operation-2xx-response.test.ts

@@ -34,7 +34,7 @@ describe('Oas3 operation-2xx-response', () => {
               "source": "foobar.yaml",
             },
           ],
-          "message": "Operation must have at least one \`2xx\` response.",
+          "message": "Operation must have at least one \`2XX\` response.",
           "ruleId": "operation-2xx-response",
           "severity": "error",
           "suggest": Array [],

package/src/rules/common/__tests__/operation-4xx-response.test.ts

@@ -34,7 +34,7 @@ describe('Oas3 operation-4xx-response', () => {
               "source": "foobar.yaml",
             },
           ],
-          "message": "Operation must have at least one \`4xx\` response.",
+          "message": "Operation must have at least one \`4XX\` response.",
           "ruleId": "operation-4xx-response",
           "severity": "error",
           "suggest": Array [],
@@ -43,7 +43,7 @@ describe('Oas3 operation-4xx-response', () => {
     `);
   });
 
-  it('should not report for present 4xx response', async () => {
+  it('should not report for present 400 response', async () => {
     const document = parseYamlToDocument(
       outdent`
           openapi: 3.0.0
@@ -66,6 +66,29 @@ describe('Oas3 operation-4xx-response', () => {
     expect(replaceSourceWithRef(results)).toMatchInlineSnapshot(`Array []`);
   });
 
+  it('should not report for present 4XX response', async () => {
+    const document = parseYamlToDocument(
+      outdent`
+          openapi: 3.0.0
+          paths:
+            '/test/':
+              put:
+                responses:
+                  4XX:
+                    description: error response
+        `,
+      'foobar.yaml'
+    );
+
+    const results = await lintDocument({
+      externalRefResolver: new BaseResolver(),
+      document,
+      config: await makeConfig({ 'operation-4xx-response': 'error' }),
+    });
+
+    expect(replaceSourceWithRef(results)).toMatchInlineSnapshot(`Array []`);
+  });
+
   it('should report if default is present but missing 4xx response', async () => {
     const document = parseYamlToDocument(
       outdent`
@@ -96,7 +119,7 @@ describe('Oas3 operation-4xx-response', () => {
               "source": "foobar.yaml",
             },
           ],
-          "message": "Operation must have at least one \`4xx\` response.",
+          "message": "Operation must have at least one \`4XX\` response.",
           "ruleId": "operation-4xx-response",
           "severity": "error",
           "suggest": Array [],

package/src/rules/common/__tests__/security-defined.test.ts

@@ -0,0 +1,175 @@
+import { outdent } from 'outdent';
+import { lintDocument } from '../../../lint';
+import { parseYamlToDocument, replaceSourceWithRef, makeConfig } from '../../../../__tests__/utils';
+import { BaseResolver } from '../../../resolve';
+
+describe('Oas3 security-defined', () => {
+  it('should report on securityRequirements object if security scheme is not defined in components', async () => {
+    const document = parseYamlToDocument(
+      outdent`
+          openapi: 3.0.0
+          paths:
+            /pets:
+              get:
+                security:
+                  - some: []`,
+      'foobar.yaml'
+    );
+
+    const results = await lintDocument({
+      externalRefResolver: new BaseResolver(),
+      document,
+      config: await makeConfig({ 'security-defined': 'error' }),
+    });
+
+    expect(replaceSourceWithRef(results)).toMatchInlineSnapshot(`
+      Array [
+        Object {
+          "location": Array [
+            Object {
+              "pointer": "#/paths/~1pets/get/security/0/some",
+              "reportOnKey": true,
+              "source": "foobar.yaml",
+            },
+          ],
+          "message": "There is no \`some\` security scheme defined.",
+          "ruleId": "security-defined",
+          "severity": "error",
+          "suggest": Array [],
+        },
+      ]
+    `);
+  });
+
+  it('should not report if security defined with an empty array', async () => {
+    const document = parseYamlToDocument(
+      outdent`
+          openapi: 3.0.0
+          security: []
+          paths:`,
+      'foobar.yaml'
+    );
+
+    const results = await lintDocument({
+      externalRefResolver: new BaseResolver(),
+      document,
+      config: await makeConfig({ 'security-defined': 'error' }),
+    });
+
+    expect(replaceSourceWithRef(results)).toMatchInlineSnapshot(`Array []`);
+  });
+
+  it('should report if security not defined at all', async () => {
+    const document = parseYamlToDocument(
+      outdent`
+          openapi: 3.0.0
+          paths:
+            /pets:
+              get:
+                requestBody:`,
+      'foobar.yaml'
+    );
+
+    const results = await lintDocument({
+      externalRefResolver: new BaseResolver(),
+      document,
+      config: await makeConfig({ 'security-defined': 'error' }),
+    });
+
+    expect(replaceSourceWithRef(results)).toMatchInlineSnapshot(`
+      Array [
+        Object {
+          "location": Array [
+            Object {
+              "pointer": "#/",
+              "reportOnKey": false,
+              "source": "foobar.yaml",
+            },
+          ],
+          "message": "Every API should have security defined on the root level or for each operation.",
+          "ruleId": "security-defined",
+          "severity": "error",
+          "suggest": Array [],
+        },
+      ]
+    `);
+  });
+
+  it('should report if security not defined for each operation', async () => {
+    const document = parseYamlToDocument(
+      outdent`
+          openapi: 3.0.0
+          paths:
+            /pets:
+                get:
+                  security:
+                    - some: []
+            /cats:
+                get:`,
+      'foobar.yaml'
+    );
+
+    const results = await lintDocument({
+      externalRefResolver: new BaseResolver(),
+      document,
+      config: await makeConfig({ 'security-defined': 'error' }),
+    });
+
+    expect(replaceSourceWithRef(results)).toMatchInlineSnapshot(`
+      Array [
+        Object {
+          "location": Array [
+            Object {
+              "pointer": "#/paths/~1pets/get/security/0/some",
+              "reportOnKey": true,
+              "source": "foobar.yaml",
+            },
+          ],
+          "message": "There is no \`some\` security scheme defined.",
+          "ruleId": "security-defined",
+          "severity": "error",
+          "suggest": Array [],
+        },
+        Object {
+          "location": Array [
+            Object {
+              "pointer": "#/",
+              "reportOnKey": false,
+              "source": "foobar.yaml",
+            },
+          ],
+          "message": "Every API should have security defined on the root level or for each operation.",
+          "ruleId": "security-defined",
+          "severity": "error",
+          "suggest": Array [],
+        },
+      ]
+    `);
+  });
+
+  it('should not report on securityRequirements object if security scheme is defined in components', async () => {
+    const document = parseYamlToDocument(
+      outdent`
+      openapi: 3.0.0
+      paths:
+        /pets:
+          get:
+            security:
+              some: []
+      components:
+        securitySchemes:
+          some:
+            type: http
+            scheme: basic`,
+      'foobar.yaml'
+    );
+
+    const results = await lintDocument({
+      externalRefResolver: new BaseResolver(),
+      document,
+      config: await makeConfig({ 'security-defined': 'error' }),
+    });
+
+    expect(replaceSourceWithRef(results)).toMatchInlineSnapshot(`Array []`);
+  });
+});