@scalar/types 0.7.2 → 0.7.4

package/dist/api-reference/source-configuration.js

@@ -1,100 +1,109 @@
-import z from "zod";
-const sourceConfigurationSchema = z.object({
-  default: z.boolean().default(false).optional().catch(false),
-  /**
-   * URL to an OpenAPI/Swagger document
-   * @example
-   * ```ts
-   * const oldConfiguration = {
-   *   spec: {
-   *     url: 'https://example.com/openapi.json',
-   *   },
-   * }
-   *
-   * const newConfiguration = {
-   *   url: 'https://example.com/openapi.json',
-   * }
-   * ```
-   **/
-  url: z.string().optional(),
-  /**
-   * Directly embed the OpenAPI document.
-   * Can be a string, object, function returning an object, or null.
-   *
-   * @remarks It's recommended to pass a URL instead of content.
-   * @example
-   * ```ts
-   * const oldConfiguration = {
-   *   spec: {
-   *     content: '…',
-   *   },
-   * }
-   *
-   * const newConfiguration = {
-   *   content: '…',
-   * }
-   * ```
-   **/
-  content: z.union([
-    z.string(),
-    z.null(),
-    z.record(z.string(), z.any()),
-    z.function({
-      input: [],
-      output: z.record(z.string(), z.any())
-    })
-  ]).optional(),
-  /**
-   * The title of the OpenAPI document.
-   *
-   * @example 'Scalar Galaxy'
-   *
-   * @deprecated Please move `title` to the top level and remove the `spec` prefix.
-   */
-  title: z.string().optional(),
-  /**
-   * The slug of the OpenAPI document used in the URL.
-   *
-   * If none is passed, the title will be used.
-   *
-   * If no title is used, it'll just use the index.
-   *
-   * @example 'scalar-galaxy'
-   *
-   * @deprecated Please move `slug` to the top level and remove the `spec` prefix.
-   */
-  slug: z.string().optional(),
-  /**
-   * The OpenAPI/Swagger document to render
-   *
-   * @deprecated Use `url` and `content` on the top level instead.
-   **/
-  spec: z.object({
+import z from 'zod';
+/**
+ * A source is any potential document input used for API Reference
+ * and API Client integrations. Sources may be specified in the configuration
+ * or used independently. Some configurations may have multiple sources.
+ */
+export const sourceConfigurationSchema = z.object({
+    default: z.boolean().default(false).optional().catch(false),
+    /**
+     * URL to an OpenAPI/Swagger document
+     * @example
+     * ```ts
+     * const oldConfiguration = {
+     *   spec: {
+     *     url: 'https://example.com/openapi.json',
+     *   },
+     * }
+     *
+     * const newConfiguration = {
+     *   url: 'https://example.com/openapi.json',
+     * }
+     * ```
+     **/
     url: z.string().optional(),
-    content: z.union([
-      z.string(),
-      z.null(),
-      z.record(z.string(), z.any()),
-      z.function({
-        input: [],
-        output: z.record(z.string(), z.any())
-      })
-    ]).optional()
-  }).optional(),
-  /**
-   * Agent Scalar configuration
-   **/
-  agent: z.object({
-    key: z.string().optional(),
-    disabled: z.boolean().optional(),
     /**
-     * When true, hide the control to add more APIs in the agent chat.
-     * Only preloaded/registry documents are shown; the public API list is not offered.
+     * Directly embed the OpenAPI document.
+     * Can be a string, object, function returning an object, or null.
+     *
+     * @remarks It's recommended to pass a URL instead of content.
+     * @example
+     * ```ts
+     * const oldConfiguration = {
+     *   spec: {
+     *     content: '…',
+     *   },
+     * }
+     *
+     * const newConfiguration = {
+     *   content: '…',
+     * }
+     * ```
+     **/
+    content: z
+        .union([
+        z.string(),
+        z.null(),
+        z.record(z.string(), z.any()),
+        z.function({
+            input: [],
+            output: z.record(z.string(), z.any()),
+        }),
+    ])
+        .optional(),
+    /**
+     * The title of the OpenAPI document.
+     *
+     * @example 'Scalar Galaxy'
+     *
+     * @deprecated Please move `title` to the top level and remove the `spec` prefix.
+     */
+    title: z.string().optional(),
+    /**
+     * The slug of the OpenAPI document used in the URL.
+     *
+     * If none is passed, the title will be used.
+     *
+     * If no title is used, it'll just use the index.
+     *
+     * @example 'scalar-galaxy'
+     *
+     * @deprecated Please move `slug` to the top level and remove the `spec` prefix.
      */
-    hideAddApi: z.boolean().optional()
-  }).optional()
+    slug: z.string().optional(),
+    /**
+     * The OpenAPI/Swagger document to render
+     *
+     * @deprecated Use `url` and `content` on the top level instead.
+     **/
+    spec: z
+        .object({
+        url: z.string().optional(),
+        content: z
+            .union([
+            z.string(),
+            z.null(),
+            z.record(z.string(), z.any()),
+            z.function({
+                input: [],
+                output: z.record(z.string(), z.any()),
+            }),
+        ])
+            .optional(),
+    })
+        .optional(),
+    /**
+     * Agent Scalar configuration
+     **/
+    agent: z
+        .object({
+        key: z.string().optional(),
+        disabled: z.boolean().optional(),
+        /**
+         * When true, hide the control to add more APIs in the agent chat.
+         * Only preloaded/registry documents are shown; the public API list is not offered.
+         */
+        hideAddApi: z.boolean().optional(),
+    })
+        .optional(),
 });
-export {
-  sourceConfigurationSchema
-};
-//# sourceMappingURL=source-configuration.js.map

package/dist/entities/index.js

@@ -1,21 +1 @@
-import {
-  oasSecurityRequirementSchema,
-  oasSecuritySchemeSchema,
-  pkceOptions,
-  securityApiKeySchema,
-  securityHttpSchema,
-  securityOauthSchema,
-  securityOpenIdSchema,
-  securitySchemeSchema
-} from "./security-scheme.js";
-export {
-  oasSecurityRequirementSchema,
-  oasSecuritySchemeSchema,
-  pkceOptions,
-  securityApiKeySchema,
-  securityHttpSchema,
-  securityOauthSchema,
-  securityOpenIdSchema,
-  securitySchemeSchema
-};
-//# sourceMappingURL=index.js.map
+export { oasSecurityRequirementSchema, oasSecuritySchemeSchema, pkceOptions, securityApiKeySchema, securityHttpSchema, securityOauthSchema, securityOpenIdSchema, securitySchemeSchema, } from './security-scheme.js';

package/dist/entities/security-scheme.js

@@ -1,161 +1,200 @@
-import { z } from "zod";
-import { nanoidSchema } from "../utils/nanoid.js";
+import { z } from 'zod';
+import { nanoidSchema } from '../utils/nanoid.js';
+// ---------------------------------------------------------------------------
+// COMMON PROPS FOR ALL SECURITY SCHEMES
+/** Some common properties used in all security schemes */
 const commonProps = z.object({
-  /* A description for security scheme. CommonMark syntax MAY be used for rich text representation. */
-  description: z.string().optional()
+    /* A description for security scheme. CommonMark syntax MAY be used for rich text representation. */
+    description: z.string().optional(),
 });
 const extendedSecuritySchema = z.object({
-  uid: nanoidSchema.brand(),
-  /** The name key that links a security requirement to a security object */
-  nameKey: z.string().optional().default("")
+    uid: nanoidSchema.brand(),
+    /** The name key that links a security requirement to a security object */
+    nameKey: z.string().optional().default(''),
 });
-const securitySchemeApiKeyIn = ["query", "header", "cookie"];
+// ---------------------------------------------------------------------------
+// API KEY
+const securitySchemeApiKeyIn = ['query', 'header', 'cookie'];
 const oasSecuritySchemeApiKey = commonProps.extend({
-  type: z.literal("apiKey"),
-  /** REQUIRED. The name of the header, query or cookie parameter to be used. */
-  name: z.string().optional().default(""),
-  /** REQUIRED. The location of the API key. Valid values are "query", "header" or "cookie". */
-  in: z.enum(securitySchemeApiKeyIn).optional().default("header").catch("header")
+    type: z.literal('apiKey'),
+    /** REQUIRED. The name of the header, query or cookie parameter to be used. */
+    name: z.string().optional().default(''),
+    /** REQUIRED. The location of the API key. Valid values are "query", "header" or "cookie". */
+    in: z.enum(securitySchemeApiKeyIn).optional().default('header').catch('header'),
 });
 const apiKeyValueSchema = z.object({
-  value: z.string().default("")
+    value: z.string().default(''),
 });
-const securityApiKeySchema = oasSecuritySchemeApiKey.merge(extendedSecuritySchema).merge(apiKeyValueSchema);
+export const securityApiKeySchema = oasSecuritySchemeApiKey.merge(extendedSecuritySchema).merge(apiKeyValueSchema);
+// ---------------------------------------------------------------------------
+// HTTP
 const oasSecuritySchemeHttp = commonProps.extend({
-  type: z.literal("http"),
-  /**
-   * REQUIRED. The name of the HTTP Authorization scheme to be used in the Authorization header as defined in
-   * [RFC7235]. The values used SHOULD be registered in the IANA Authentication Scheme registry.
-   */
-  scheme: z.string().toLowerCase().pipe(z.enum(["basic", "bearer"])).optional().default("basic"),
-  /**
-   * A hint to the client to identify how the bearer token is formatted.
-   * Bearer tokens are usually generated by an authorization server, so
-   * this information is primarily for documentation purposes.
-   */
-  bearerFormat: z.union([z.literal("JWT"), z.string()]).optional().default("JWT")
+    type: z.literal('http'),
+    /**
+     * REQUIRED. The name of the HTTP Authorization scheme to be used in the Authorization header as defined in
+     * [RFC7235]. The values used SHOULD be registered in the IANA Authentication Scheme registry.
+     */
+    scheme: z
+        .string()
+        .toLowerCase()
+        .pipe(z.enum(['basic', 'bearer']))
+        .optional()
+        .default('basic'),
+    /**
+     * A hint to the client to identify how the bearer token is formatted.
+     * Bearer tokens are usually generated by an authorization server, so
+     * this information is primarily for documentation purposes.
+     */
+    bearerFormat: z
+        .union([z.literal('JWT'), z.string()])
+        .optional()
+        .default('JWT'),
 });
 const httpValueSchema = z.object({
-  username: z.string().default(""),
-  password: z.string().default(""),
-  token: z.string().default("")
+    username: z.string().default(''),
+    password: z.string().default(''),
+    token: z.string().default(''),
 });
-const securityHttpSchema = oasSecuritySchemeHttp.merge(extendedSecuritySchema).merge(httpValueSchema);
+export const securityHttpSchema = oasSecuritySchemeHttp.merge(extendedSecuritySchema).merge(httpValueSchema);
+// ---------------------------------------------------------------------------
+// OPENID CONNECT
 const oasSecuritySchemeOpenId = commonProps.extend({
-  type: z.literal("openIdConnect"),
-  /**
-   * REQUIRED. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the
-   * form of a URL. The OpenID Connect standard requires the use of TLS.
-   */
-  openIdConnectUrl: z.string().optional().default("")
+    type: z.literal('openIdConnect'),
+    /**
+     * REQUIRED. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the
+     * form of a URL. The OpenID Connect standard requires the use of TLS.
+     */
+    openIdConnectUrl: z.string().optional().default(''),
 });
-const securityOpenIdSchema = oasSecuritySchemeOpenId.merge(extendedSecuritySchema);
-const authorizationUrl = z.string().default("");
-const tokenUrl = z.string().default("");
+export const securityOpenIdSchema = oasSecuritySchemeOpenId.merge(extendedSecuritySchema);
+// ---------------------------------------------------------------------------
+/**
+ * REQUIRED. The authorization URL to be used for this flow. This MUST be in
+ * the form of a URL. The OAuth2 standard requires the use of TLS.
+ */
+const authorizationUrl = z.string().default('');
+/**
+ * REQUIRED. The token URL to be used for this flow. This MUST be in the
+ * form of a URL. The OAuth2 standard requires the use of TLS.
+ */
+const tokenUrl = z.string().default('');
+/** Common properties used across all oauth2 flows */
 const flowsCommon = z.object({
-  /**
-   * The URL to be used for obtaining refresh tokens. This MUST be in the form of a
-   * URL. The OAuth2 standard requires the use of TLS.
-   */
-  "refreshUrl": z.string().optional().default(""),
-  /**
-   * REQUIRED. The available scopes for the OAuth2 security scheme. A map
-   * between the scope name and a short description for it. The map MAY be empty.
-   */
-  "scopes": z.record(z.string(), z.string().optional().default("")).optional().default({}).catch({}),
-  "selectedScopes": z.array(z.string()).optional().default([]),
-  /** Extension to save the client Id associated with an oauth flow */
-  "x-scalar-client-id": z.string().optional().default(""),
-  /** The auth token */
-  "token": z.string().default(""),
-  /** Additional query parameters for the OAuth authorization request. Example: { prompt: 'consent', audience: 'scalar' }. */
-  "x-scalar-security-query": z.record(z.string(), z.string()).optional(),
-  /** Additional body parameters for the OAuth token request. Example: { audience: 'foo' }. */
-  "x-scalar-security-body": z.record(z.string(), z.string()).optional(),
-  /** Extension to specify custom token name in the response (defaults to 'access_token') */
-  "x-tokenName": z.string().optional()
+    /**
+     * The URL to be used for obtaining refresh tokens. This MUST be in the form of a
+     * URL. The OAuth2 standard requires the use of TLS.
+     */
+    'refreshUrl': z.string().optional().default(''),
+    /**
+     * REQUIRED. The available scopes for the OAuth2 security scheme. A map
+     * between the scope name and a short description for it. The map MAY be empty.
+     */
+    'scopes': z.record(z.string(), z.string().optional().default('')).optional().default({}).catch({}),
+    'selectedScopes': z.array(z.string()).optional().default([]),
+    /** Extension to save the client Id associated with an oauth flow */
+    'x-scalar-client-id': z.string().optional().default(''),
+    /** The auth token */
+    'token': z.string().default(''),
+    /** Additional query parameters for the OAuth authorization request. Example: { prompt: 'consent', audience: 'scalar' }. */
+    'x-scalar-security-query': z.record(z.string(), z.string()).optional(),
+    /** Additional body parameters for the OAuth token request. Example: { audience: 'foo' }. */
+    'x-scalar-security-body': z.record(z.string(), z.string()).optional(),
+    /** Extension to specify custom token name in the response (defaults to 'access_token') */
+    'x-tokenName': z.string().optional(),
 });
-const defaultRedirectUri = typeof window !== "undefined" ? window.location.origin + window.location.pathname : "";
-const pkceOptions = ["SHA-256", "plain", "no"];
-const credentialsLocationExtension = z.enum(["header", "body"]).optional();
+/** Setup a default redirect uri if we can */
+const defaultRedirectUri = typeof window !== 'undefined' ? window.location.origin + window.location.pathname : '';
+/** Options for the x-usePkce extension */
+export const pkceOptions = ['SHA-256', 'plain', 'no'];
+const credentialsLocationExtension = z.enum(['header', 'body']).optional();
+/** Oauth2 security scheme */
 const oasSecuritySchemeOauth2 = commonProps.extend({
-  type: z.literal("oauth2"),
-  /** The default scopes for the oauth flow */
-  "x-default-scopes": z.array(z.string()).optional(),
-  /** REQUIRED. An object containing configuration information for the flow types supported. */
-  flows: z.object({
-    /** Configuration for the OAuth Implicit flow */
-    implicit: flowsCommon.extend({
-      "type": z.literal("implicit").default("implicit"),
-      authorizationUrl,
-      "x-scalar-redirect-uri": z.string().optional().default(defaultRedirectUri)
-    }),
-    /** Configuration for the OAuth Resource Owner Password flow */
-    password: flowsCommon.extend({
-      type: z.literal("password").default("password"),
-      tokenUrl,
-      clientSecret: z.string().default(""),
-      username: z.string().default(""),
-      password: z.string().default(""),
-      "x-scalar-credentials-location": credentialsLocationExtension
-    }),
-    /** Configuration for the OAuth Client Credentials flow. Previously called application in OpenAPI 2.0. */
-    clientCredentials: flowsCommon.extend({
-      type: z.literal("clientCredentials").default("clientCredentials"),
-      tokenUrl,
-      clientSecret: z.string().default(""),
-      "x-scalar-credentials-location": credentialsLocationExtension
-    }),
-    /** Configuration for the OAuth Authorization Code flow. Previously called accessCode in OpenAPI 2.0.*/
-    authorizationCode: flowsCommon.extend({
-      "type": z.literal("authorizationCode").default("authorizationCode"),
-      authorizationUrl,
-      "x-usePkce": z.enum(pkceOptions).optional().default("no"),
-      "x-scalar-redirect-uri": z.string().optional().default(defaultRedirectUri),
-      tokenUrl,
-      clientSecret: z.string().default(""),
-      "x-scalar-credentials-location": credentialsLocationExtension
+    type: z.literal('oauth2'),
+    /** The default scopes for the oauth flow */
+    'x-default-scopes': z.array(z.string()).optional(),
+    /** REQUIRED. An object containing configuration information for the flow types supported. */
+    flows: z
+        .object({
+        /** Configuration for the OAuth Implicit flow */
+        implicit: flowsCommon.extend({
+            'type': z.literal('implicit').default('implicit'),
+            authorizationUrl,
+            'x-scalar-redirect-uri': z.string().optional().default(defaultRedirectUri),
+        }),
+        /** Configuration for the OAuth Resource Owner Password flow */
+        password: flowsCommon.extend({
+            type: z.literal('password').default('password'),
+            tokenUrl,
+            clientSecret: z.string().default(''),
+            username: z.string().default(''),
+            password: z.string().default(''),
+            'x-scalar-credentials-location': credentialsLocationExtension,
+        }),
+        /** Configuration for the OAuth Client Credentials flow. Previously called application in OpenAPI 2.0. */
+        clientCredentials: flowsCommon.extend({
+            type: z.literal('clientCredentials').default('clientCredentials'),
+            tokenUrl,
+            clientSecret: z.string().default(''),
+            'x-scalar-credentials-location': credentialsLocationExtension,
+        }),
+        /** Configuration for the OAuth Authorization Code flow. Previously called accessCode in OpenAPI 2.0.*/
+        authorizationCode: flowsCommon.extend({
+            'type': z.literal('authorizationCode').default('authorizationCode'),
+            authorizationUrl,
+            'x-usePkce': z.enum(pkceOptions).optional().default('no'),
+            'x-scalar-redirect-uri': z.string().optional().default(defaultRedirectUri),
+            tokenUrl,
+            clientSecret: z.string().default(''),
+            'x-scalar-credentials-location': credentialsLocationExtension,
+        }),
     })
-  }).partial().default({
-    implicit: {
-      selectedScopes: [],
-      scopes: {},
-      "x-scalar-client-id": "",
-      refreshUrl: "",
-      token: "",
-      type: "implicit",
-      authorizationUrl: "http://localhost:8080",
-      "x-scalar-redirect-uri": defaultRedirectUri
-    }
-  })
+        .partial()
+        .default({
+        implicit: {
+            selectedScopes: [],
+            scopes: {},
+            'x-scalar-client-id': '',
+            refreshUrl: '',
+            token: '',
+            type: 'implicit',
+            authorizationUrl: 'http://localhost:8080',
+            'x-scalar-redirect-uri': defaultRedirectUri,
+        },
+    }),
 });
-const securityOauthSchema = oasSecuritySchemeOauth2.merge(extendedSecuritySchema);
-const oasSecurityRequirementSchema = z.record(z.string(), z.array(z.string()).optional().default([]));
-const oasSecuritySchemeSchema = z.union([
-  oasSecuritySchemeApiKey,
-  oasSecuritySchemeHttp,
-  oasSecuritySchemeOauth2,
-  oasSecuritySchemeOpenId
+export const securityOauthSchema = oasSecuritySchemeOauth2.merge(extendedSecuritySchema);
+// ---------------------------------------------------------------------------
+// Final Types
+/**
+ * Security Requirement
+ * Lists the required security schemes to execute this operation OR the whole collection/spec.
+ * The name used for each property MUST correspond to a security scheme declared in the Security
+ * Schemes under the Components Object.
+ *
+ * The key (name) here will be matched to the key of the securityScheme for linking
+ *
+ * @see https://spec.openapis.org/oas/latest.html#security-requirement-object
+ */
+export const oasSecurityRequirementSchema = z.record(z.string(), z.array(z.string()).optional().default([]));
+/** OAS Compliant security schemes */
+export const oasSecuritySchemeSchema = z.union([
+    oasSecuritySchemeApiKey,
+    oasSecuritySchemeHttp,
+    oasSecuritySchemeOauth2,
+    oasSecuritySchemeOpenId,
 ]);
-const securitySchemeSchema = z.discriminatedUnion("type", [securityApiKeySchema, securityHttpSchema, securityOpenIdSchema, securityOauthSchema]).transform((data) => {
-  if (data.type === "oauth2" && data["x-default-scopes"]?.length) {
-    const keys = Object.keys(data.flows);
-    keys.forEach((key) => {
-      if (data.flows[key]?.selectedScopes && data["x-default-scopes"]) {
-        data.flows[key].selectedScopes = [data["x-default-scopes"]].flat();
-      }
-    });
-  }
-  return data;
+/** Extended security schemes for workspace usage */
+export const securitySchemeSchema = z
+    .discriminatedUnion('type', [securityApiKeySchema, securityHttpSchema, securityOpenIdSchema, securityOauthSchema])
+    .transform((data) => {
+    // Set selected scopes from x-default-scopes
+    if (data.type === 'oauth2' && data['x-default-scopes']?.length) {
+        const keys = Object.keys(data.flows);
+        keys.forEach((key) => {
+            if (data.flows[key]?.selectedScopes && data['x-default-scopes']) {
+                data.flows[key].selectedScopes = [data['x-default-scopes']].flat();
+            }
+        });
+    }
+    return data;
 });
-export {
-  oasSecurityRequirementSchema,
-  oasSecuritySchemeSchema,
-  pkceOptions,
-  securityApiKeySchema,
-  securityHttpSchema,
-  securityOauthSchema,
-  securityOpenIdSchema,
-  securitySchemeSchema
-};
-//# sourceMappingURL=security-scheme.js.map

package/dist/index.js

@@ -1,6 +1,6 @@
-export * from "./api-reference/index.js";
-import { XScalarStability } from "./legacy/index.js";
-export {
-  XScalarStability
-};
-//# sourceMappingURL=index.js.map
+/**
+ * We should not use these exports anymore, but we need them for commonjs compatibility.
+ */
+// biome-ignore lint/performance/noReExportAll: leave this to avoid copy exports
+export * from './api-reference/index.js';
+export { XScalarStability } from './legacy/index.js';

package/dist/legacy/index.js

@@ -1,5 +1 @@
-import { XScalarStability } from "./reference-config.js";
-export {
-  XScalarStability
-};
-//# sourceMappingURL=index.js.map
+export { XScalarStability } from './reference-config.js';

package/dist/legacy/reference-config.js

@@ -1,10 +1,6 @@
-var XScalarStability = /* @__PURE__ */ ((XScalarStability2) => {
-  XScalarStability2["Deprecated"] = "deprecated";
-  XScalarStability2["Experimental"] = "experimental";
-  XScalarStability2["Stable"] = "stable";
-  return XScalarStability2;
-})(XScalarStability || {});
-export {
-  XScalarStability
-};
-//# sourceMappingURL=reference-config.js.map
+export var XScalarStability;
+(function (XScalarStability) {
+    XScalarStability["Deprecated"] = "deprecated";
+    XScalarStability["Experimental"] = "experimental";
+    XScalarStability["Stable"] = "stable";
+})(XScalarStability || (XScalarStability = {}));

package/dist/snippetz/index.js

@@ -1,6 +1 @@
-import { AVAILABLE_CLIENTS, GROUPED_CLIENTS } from "./snippetz.js";
-export {
-  AVAILABLE_CLIENTS,
-  GROUPED_CLIENTS
-};
-//# sourceMappingURL=index.js.map
+export { AVAILABLE_CLIENTS, GROUPED_CLIENTS } from './snippetz.js';