@techspokes/typescript-wsdl-client 0.18.0 → 0.19.2

package/README.md

@@ -211,7 +211,7 @@ See [CLI Reference](docs/cli-reference.md) for all flags and examples.
 |-------|-------------|
 | [CLI Reference](docs/cli-reference.md) | All commands with flags and examples |
 | [Working With Generated Code](docs/generated-code.md) | Using clients, types, and operations |
-| [Configuration](docs/configuration.md) | Security schemes, tags, operation overrides |
+| [Configuration](docs/configuration.md) | Gateway security, upstream SOAP security, tags, operation overrides |
 | [Migration Playbook](docs/migration-playbook.md) | End-to-end SOAP modernization guide |
 
 ### Operate

package/dist/app/generateApp.d.ts

@@ -28,6 +28,7 @@ export interface GenerateAppOptions {
     logger?: boolean;
     openapiMode?: "copy" | "reference";
     force?: boolean;
+    securityConfigFile?: string;
 }
 /**
  * Generates a runnable Fastify application scaffold

package/dist/app/generateApp.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"generateApp.d.ts","sourceRoot":"","sources":["../../src/app/generateApp.ts"],"names":[],"mappings":"AA8BA;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,IAAI,GAAG,IAAI,GAAG,MAAM,CAAC;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,GAAG,WAAW,CAAC;IACnC,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AA6kBD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,WAAW,CAAC,IAAI,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC,CAiDzE"}
+{"version":3,"file":"generateApp.d.ts","sourceRoot":"","sources":["../../src/app/generateApp.ts"],"names":[],"mappings":"AAgCA;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,IAAI,GAAG,IAAI,GAAG,MAAM,CAAC;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,GAAG,WAAW,CAAC;IACnC,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAmpBD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,WAAW,CAAC,IAAI,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC,CAmDzE"}

package/dist/app/generateApp.js

@@ -26,6 +26,8 @@ import path from "node:path";
 import { deriveClientName } from "../util/tools.js";
 import { info, success } from "../util/cli.js";
 import { computeRelativeImport } from "../util/imports.js";
+import { loadRuntimeTemplate } from "../util/runtimeSource.js";
+import { hasUpstreamRuntimeSecurity, loadSecurityConfigFile } from "../util/securityConfig.js";
 /**
  * Validates that all required files and directories exist
  *
@@ -38,6 +40,7 @@ function validateRequiredFiles(opts) {
         { path: opts.gatewayDir, type: "directory", label: "Gateway directory" },
         { path: opts.catalogFile, type: "file", label: "Catalog file" },
         { path: opts.openapiFile, type: "file", label: "OpenAPI file" },
+        ...(opts.securityConfigFile ? [{ path: opts.securityConfigFile, type: "file", label: "Security config file" }] : []),
     ];
     for (const check of checks) {
         const exists = fs.existsSync(check.path);
@@ -160,6 +163,21 @@ function generateServerFile(appDir, opts, clientClassName, force) {
     const configImport = computeRelativeImport(appDir, path.join(appDir, "config"), imports);
     const gatewayPluginImport = computeRelativeImport(appDir, path.join(opts.gatewayDir, "plugin"), imports);
     const clientImport = computeRelativeImport(appDir, path.join(opts.clientDir, "client"), imports);
+    const securityCfg = loadOptionalSecurityConfig(opts.securityConfigFile);
+    const emitSecurity = hasUpstreamRuntimeSecurity(securityCfg);
+    const securityImport = emitSecurity
+        ? `import { buildSoapRuntimeConfig } from "${computeRelativeImport(appDir, path.join(appDir, "security"), imports)}";\n`
+        : "";
+    const clientConstruction = emitSecurity
+        ? `  const soapRuntime = buildSoapRuntimeConfig();
+  const client = new ${clientClassName}({
+    source: config.wsdlSource,
+    options: soapRuntime.options,
+    security: soapRuntime.security,
+  });`
+        : `  const client = new ${clientClassName}({
+    source: config.wsdlSource,
+  });`;
     // For OpenAPI serving, we need to read and parse the file at startup in ESM mode
     const openapiServeLogic = opts.openapiMode === "copy"
         ? `
@@ -209,6 +227,7 @@ import Fastify from "fastify";
 import { loadConfig } from "${configImport}";
 import gatewayPlugin from "${gatewayPluginImport}";
 import { ${clientClassName} } from "${clientImport}";
+${securityImport}
 
 // ES module dirname/filename helpers
 const __filename = fileURLToPath(import.meta.url);
@@ -227,9 +246,7 @@ async function main() {
   });
 
   // Instantiate SOAP client
-  const client = new ${clientClassName}({
-    source: config.wsdlSource,
-  });
+${clientConstruction}
 
   // Register gateway plugin
   await fastify.register(gatewayPlugin, {
@@ -366,6 +383,30 @@ export function loadConfig(): AppConfig {
 `;
     fs.writeFileSync(filePath, content, "utf-8");
 }
+function loadOptionalSecurityConfig(filePath) {
+    return filePath ? loadSecurityConfigFile(filePath) : undefined;
+}
+function collectSecurityEnvVars(cfg) {
+    const upstream = cfg?.upstream;
+    if (!upstream)
+        return [];
+    const names = [
+        upstream.usernameEnv,
+        upstream.passwordEnv,
+        upstream.tokenEnv,
+        upstream.domainEnv,
+        upstream.workstationEnv,
+        upstream.keyFileEnv,
+        upstream.certFileEnv,
+        upstream.caFileEnv,
+        upstream.pfxFileEnv,
+        upstream.passphraseEnv,
+        upstream.endpointEnv,
+        ...Object.values(upstream.wsdlHeaderEnv || {}),
+        ...Object.values(upstream.requestHeaderEnv || {}),
+    ].filter((v) => typeof v === "string" && v.length > 0);
+    return Array.from(new Set(names)).sort((a, b) => a.localeCompare(b));
+}
 /**
  * Generates .env.example file
  *
@@ -383,6 +424,8 @@ function generateEnvExample(appDir, opts, defaultWsdlSource, force) {
     const defaultPort = opts.port || 3000;
     const defaultPrefix = opts.prefix || "";
     const defaultLogger = opts.logger !== false;
+    const securityCfg = loadOptionalSecurityConfig(opts.securityConfigFile);
+    const securityEnv = collectSecurityEnvVars(securityCfg);
     // Resolve WSDL source relative to app directory
     const resolvedWsdlSource = defaultWsdlSource
         ? resolveWsdlSourceForApp(defaultWsdlSource, appDir)
@@ -425,13 +468,27 @@ LOGGER=${defaultLogger}
 # Override OpenAPI spec server URL at runtime (default: use generation-time value)
 #OPENAPI_SERVER_URL=http://localhost:${defaultPort}
 
-# Optional: SOAP security settings (configure based on your client requirements)
+${securityEnv.length
+        ? `# Upstream SOAP security values referenced by security.json
+${securityEnv.map(name => `${name}=`).join("\n")}`
+        : `# Optional: SOAP security settings (configure based on your client requirements)
 # SOAP_USERNAME=
 # SOAP_PASSWORD=
-# SOAP_ENDPOINT=
+# SOAP_ENDPOINT=`}
 `;
     fs.writeFileSync(filePath, content, "utf-8");
 }
+function generateSecurityFile(appDir, opts, force) {
+    const securityCfg = loadOptionalSecurityConfig(opts.securityConfigFile);
+    if (!hasUpstreamRuntimeSecurity(securityCfg))
+        return;
+    const filePath = path.join(appDir, `security${getAppFileExtension()}`);
+    if (!shouldWriteScaffoldFile(filePath, force))
+        return;
+    const upstreamJson = JSON.stringify(securityCfg?.upstream ?? {}, null, 2);
+    const content = loadRuntimeTemplate("appSecurity.tpl.txt").replace("__UPSTREAM_JSON__", upstreamJson);
+    fs.writeFileSync(filePath, content, "utf-8");
+}
 /**
  * Generates package.json file (skipped if already exists)
  *
@@ -510,6 +567,13 @@ function generateReadme(appDir, opts, force) {
     const filePath = path.join(appDir, "README.md");
     if (!shouldWriteScaffoldFile(filePath, force))
         return;
+    const securityCfg = loadOptionalSecurityConfig(opts.securityConfigFile);
+    const securityStructureRow = hasUpstreamRuntimeSecurity(securityCfg)
+        ? "- `security.ts` - Upstream SOAP security factory\n"
+        : "";
+    const securityConfigRows = collectSecurityEnvVars(securityCfg)
+        .map(name => `| \`${name}\` | (required when configured) | Upstream SOAP security value |`)
+        .join("\n");
     const content = `# Generated Fastify Application
 
 This application was scaffolded by \`wsdl-tsc\`. Customize freely.
@@ -527,7 +591,7 @@ npm start
 
 - \`server.ts\` - Main application entry point
 - \`config.ts\` - Configuration loader (environment-based)
-- \`package.json\` - Dependencies and scripts
+${securityStructureRow}- \`package.json\` - Dependencies and scripts
 - \`tsconfig.json\` - TypeScript configuration
 - \`.env.example\` - Example environment configuration
 - \`openapi.json\` - OpenAPI specification${opts.openapiMode === "copy" ? " (copied)" : " (referenced)"}
@@ -550,6 +614,7 @@ npm start
 | \`PREFIX\` | (empty) | Route prefix |
 | \`LOGGER\` | ${opts.logger !== false} | Enable Fastify logger |
 | \`OPENAPI_SERVER_URL\` | (empty) | Override OpenAPI spec server URL at runtime |
+${securityConfigRows ? `${securityConfigRows}\n` : ""}
 
 ## Development
 
@@ -595,6 +660,7 @@ export async function generateApp(opts) {
         openapiFile: path.resolve(opts.openapiFile),
         catalogFile: path.resolve(opts.catalogFile),
         appDir: path.resolve(opts.appDir),
+        securityConfigFile: opts.securityConfigFile ? path.resolve(opts.securityConfigFile) : undefined,
     };
     const force = resolvedOpts.force ?? false;
     // Validate required files and directories
@@ -608,6 +674,7 @@ export async function generateApp(opts) {
     // Generate scaffold files (each checks for existing files unless force is set)
     generateServerFile(resolvedOpts.appDir, resolvedOpts, clientClassName, force);
     generateConfigFile(resolvedOpts.appDir, resolvedOpts, defaultWsdlSource, force);
+    generateSecurityFile(resolvedOpts.appDir, resolvedOpts, force);
     generatePackageJson(resolvedOpts.appDir, force);
     generateTsConfig(resolvedOpts.appDir, resolvedOpts, force);
     generateEnvExample(resolvedOpts.appDir, resolvedOpts, defaultWsdlSource, force);

package/dist/cli.js

@@ -267,7 +267,11 @@ if (rawArgs[0] === "openapi") {
         default: "post",
         desc: "Default HTTP method for all operations (can be overridden via --openapi-ops-file)"
     })
-        .option("openapi-security-file", { type: "string", desc: "Path to security.json configuration" })
+        .option("openapi-security-config-file", {
+        type: "string",
+        desc: "Path to security.json configuration",
+        alias: "openapi-security-file",
+    })
         .option("openapi-tags-file", { type: "string", desc: "Path to tags.json mapping operation name -> tag" })
         .option("openapi-ops-file", {
         type: "string",
@@ -508,6 +512,10 @@ if (rawArgs[0] === "app") {
         choices: ["copy", "reference"],
         default: "copy",
         desc: "How to handle OpenAPI file: copy into app dir or reference original"
+    })
+        .option("security-config-file", {
+        type: "string",
+        desc: "Path to security.json configuration used to scaffold upstream SOAP security",
     })
         .option("force", {
         type: "boolean",
@@ -557,6 +565,7 @@ if (rawArgs[0] === "app") {
         logger: Boolean(appArgv.logger),
         openapiMode: appArgv["openapi-mode"],
         force: Boolean(appArgv.force),
+        securityConfigFile: appArgv["security-config-file"] ? path.resolve(String(appArgv["security-config-file"])) : undefined,
     });
     process.exit(0);
 }
@@ -616,7 +625,7 @@ if (rawArgs[0] === "pipeline") {
         choices: ["post", "get", "put", "patch", "delete"],
         default: "post"
     })
-        .option("openapi-security-file", { type: "string" })
+        .option("openapi-security-config-file", { type: "string", alias: "openapi-security-file" })
         .option("openapi-tags-file", { type: "string" })
         .option("openapi-ops-file", { type: "string" })
         .option("openapi-closed-schemas", { type: "boolean", default: false })
@@ -832,6 +841,7 @@ if (rawArgs[0] === "pipeline") {
             host: pipelineArgv["app-host"],
             port: pipelineArgv["app-port"],
             prefix: pipelineArgv["app-prefix"],
+            securityConfigFile: (pipelineArgv["openapi-security-config-file"] || pipelineArgv["openapi-security-file"]),
         } : undefined,
         test: testDir ? {
             testDir: path.resolve(testDir),

package/dist/gateway/helpers.js

@@ -10,7 +10,7 @@
  * - Parameter resolution with path-level and operation-level override support
  * - Automatic version/service detection from OpenAPI paths
  */
-import { pascal } from "../util/tools.js";
+import { pascal, trimRepeatedEdgeChar } from "../util/tools.js";
 /**
  * Converts a name to a deterministic slug for use in file names and URN IDs
  *
@@ -30,7 +30,7 @@ import { pascal } from "../util/tools.js";
 export function slugName(name) {
     const lower = String(name ?? "").toLowerCase();
     const collapsed = lower.replace(/[^a-z0-9]+/g, "_");
-    return collapsed.replace(/^_+|_+$/g, "");
+    return trimRepeatedEdgeChar(collapsed, "_");
 }
 /**
  * Checks if a status code string is numeric

package/dist/index.d.ts

@@ -1,6 +1,7 @@
 import type { CompilerOptions } from "./config.js";
 export { generateOpenAPI } from "./openapi/generateOpenAPI.js";
 export { generateGateway } from "./gateway/generateGateway.js";
+export { buildSecurity, loadSecurityConfigFile, parseSecurityConfig, SecurityConfigError, type SecurityConfig, } from "./util/securityConfig.js";
 export { generateTests } from "./test/generateTests.js";
 export { runGenerationPipeline } from "./pipeline.js";
 export { loadStreamConfigFile, parseStreamConfig, StreamConfigError, type OperationStreamMetadata, type ShapeCatalogRef, type StreamConfig, } from "./util/streamConfig.js";

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAeA,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,aAAa,CAAC;AAWjD,OAAO,EAAC,eAAe,EAAC,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAC,eAAe,EAAC,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAC,aAAa,EAAC,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAC,qBAAqB,EAAC,MAAM,eAAe,CAAC;AACpD,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,iBAAiB,EACjB,KAAK,uBAAuB,EAC5B,KAAK,eAAe,EACpB,KAAK,YAAY,GAClB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAC,kBAAkB,EAAE,KAAK,yBAAyB,EAAC,MAAM,6BAA6B,CAAC;AAG/F;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAsB,oBAAoB,CACxC,KAAK,EAAE;IACL,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,eAAe,CAAC;IAC1B,kHAAkH;IAClH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,8EAA8E;IAC9E,YAAY,CAAC,EAAE,OAAO,wBAAwB,EAAE,YAAY,CAAC;CAC9D,GACA,OAAO,CAAC,IAAI,CAAC,CA2Ef"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAeA,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,aAAa,CAAC;AAWjD,OAAO,EAAC,eAAe,EAAC,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAC,eAAe,EAAC,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EACL,aAAa,EACb,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,EACnB,KAAK,cAAc,GACpB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAC,aAAa,EAAC,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAC,qBAAqB,EAAC,MAAM,eAAe,CAAC;AACpD,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,iBAAiB,EACjB,KAAK,uBAAuB,EAC5B,KAAK,eAAe,EACpB,KAAK,YAAY,GAClB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAC,kBAAkB,EAAE,KAAK,yBAAyB,EAAC,MAAM,6BAA6B,CAAC;AAG/F;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAsB,oBAAoB,CACxC,KAAK,EAAE;IACL,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,eAAe,CAAC;IAC1B,kHAAkH;IAClH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,8EAA8E;IAC9E,YAAY,CAAC,EAAE,OAAO,wBAAwB,EAAE,YAAY,CAAC;CAC9D,GACA,OAAO,CAAC,IAAI,CAAC,CA2Ef"}

package/dist/index.js

@@ -24,6 +24,7 @@ import { generateOperations } from "./client/generateOperations.js";
 import { info } from "./util/cli.js";
 export { generateOpenAPI } from "./openapi/generateOpenAPI.js";
 export { generateGateway } from "./gateway/generateGateway.js";
+export { buildSecurity, loadSecurityConfigFile, parseSecurityConfig, SecurityConfigError, } from "./util/securityConfig.js";
 export { generateTests } from "./test/generateTests.js";
 export { runGenerationPipeline } from "./pipeline.js";
 export { loadStreamConfigFile, parseStreamConfig, StreamConfigError, } from "./util/streamConfig.js";

package/dist/openapi/casing.d.ts

@@ -1,17 +1,3 @@
-/**
- * Path Segment Styling for OpenAPI Generation
- *
- * This module provides utilities for converting operation names to appropriately styled
- * path segments in the OpenAPI specification. It supports multiple styling options to
- * accommodate different API design preferences:
- *
- * - kebab-case: Transforms "GetUserDetails" to "get-user-details"
- * - as-is: Preserves the original operation name without modification
- * - lowercase: Converts to lowercase and removes all non-alphanumeric characters
- *
- * These transformations ensure that the generated API paths follow consistent conventions
- * and are properly formatted for RESTful API design.
- */
 /**
  * Path segment styling options for OpenAPI generation
  *

package/dist/openapi/casing.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"casing.d.ts","sourceRoot":"","sources":["../../src/openapi/casing.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC;AAQnD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,GAAG,MAAM,CAepE"}
+{"version":3,"file":"casing.d.ts","sourceRoot":"","sources":["../../src/openapi/casing.ts"],"names":[],"mappings":"AAgBA;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC;AAQnD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,GAAG,MAAM,CAiBpE"}

package/dist/openapi/casing.js

@@ -12,6 +12,7 @@
  * These transformations ensure that the generated API paths follow consistent conventions
  * and are properly formatted for RESTful API design.
  */
+import { trimRepeatedEdgeChar } from "../util/tools.js";
 /**
  * Regular expression for detecting boundaries between words in camelCase
  * Matches transitions from lowercase/digit to uppercase letter
@@ -40,10 +41,9 @@ export function toPathSegment(name, style) {
         case "kebab":
         default:
             // insert hyphen between camelCase boundaries then sanitize
-            return name
+            return trimRepeatedEdgeChar(name
                 .replace(CAMEL_BOUNDARY, "$1-$2")
-                .replace(/[^A-Za-z0-9]+/g, "-")
-                .replace(/^-+|-+$/g, "")
+                .replace(/[^A-Za-z0-9]+/g, "-"), "-")
                 .toLowerCase();
     }
 }

package/dist/openapi/generateOpenAPI.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"generateOpenAPI.d.ts","sourceRoot":"","sources":["../../src/openapi/generateOpenAPI.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAMH,OAAO,EAAiB,KAAK,eAAe,EAAC,MAAM,+BAA+B,CAAC;AAKnF,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,aAAa,CAAC;AAE3C;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAM,WAAW,sBAAsB;IACrC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,SAAS,GAAG,OAAO,GAAG,SAAS,CAAC;IAC3C,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;IAClC,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAChC;AAED,wBAAsB,eAAe,CAAC,IAAI,EAAE,sBAAsB,GAAG,OAAO,CAAC;IAC3E,GAAG,EAAE,GAAG,CAAC;IACT,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC,CAsTD"}
+{"version":3,"file":"generateOpenAPI.d.ts","sourceRoot":"","sources":["../../src/openapi/generateOpenAPI.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAMH,OAAO,EAAiB,KAAK,eAAe,EAAC,MAAM,+BAA+B,CAAC;AAKnF,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,aAAa,CAAC;AAE3C;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAM,WAAW,sBAAsB;IACrC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,SAAS,GAAG,OAAO,GAAG,SAAS,CAAC;IAC3C,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;IAClC,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAChC;AAED,wBAAsB,eAAe,CAAC,IAAI,EAAE,sBAAsB,GAAG,OAAO,CAAC;IAC3E,GAAG,EAAE,GAAG,CAAC;IACT,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC,CAyTD"}

package/dist/openapi/generateOpenAPI.js

@@ -280,6 +280,9 @@ export async function generateOpenAPI(opts) {
         paths: sortedPaths,
         components,
     };
+    if (securityBuilt.globalSecurity) {
+        doc.security = securityBuilt.globalSecurity;
+    }
     if (opts.description)
         doc.info.description = opts.description;
     if (opts.servers && opts.servers.length) {

package/dist/openapi/security.d.ts

@@ -1,82 +1,2 @@
-/**
- * Authentication scheme types supported in the OpenAPI specification
- *
- * @property {"none"} string No authentication required
- * @property {"basic"} string HTTP Basic authentication
- * @property {"bearer"} string HTTP Bearer token authentication
- * @property {"apiKey"} string API key authentication
- * @property {"oauth2"} string OAuth 2.0 authentication
- */
-export type AuthScheme = "none" | "basic" | "bearer" | "apiKey" | "oauth2";
-/**
- * Security configuration schema for the OpenAPI generation
- *
- * @interface SecurityConfig
- * @property {Object} [global] - Global security settings applied to all operations by default
- * @property {AuthScheme} [global.scheme] - Default authentication scheme
- * @property {Object} [global.apiKey] - API key configuration (when scheme is "apiKey")
- * @property {Object} [global.bearer] - Bearer token configuration (when scheme is "bearer")
- * @property {Object} [global.basic] - Basic auth configuration (when scheme is "basic")
- * @property {Object} [global.oauth2] - OAuth2 configuration (when scheme is "oauth2")
- * @property {Array<Object>} [global.headers] - Global security headers
- * @property {Record<string, Object>} [overrides] - Operation-specific security overrides
- */
-export type SecurityConfig = {
-    global?: {
-        scheme?: AuthScheme;
-        apiKey?: {
-            in: "header" | "query" | "cookie";
-            name: string;
-        };
-        bearer?: {
-            bearerFormat?: string;
-        };
-        basic?: Record<string, never>;
-        oauth2?: {
-            flows: Record<string, any>;
-        };
-        headers?: Array<{
-            name: string;
-            required?: boolean;
-            schema?: any;
-        }>;
-    };
-    overrides?: Record<string, {
-        scheme?: AuthScheme;
-        headers?: Array<{
-            name: string;
-            required?: boolean;
-            schema?: any;
-        }>;
-    }>;
-};
-/**
- * Built security components for OpenAPI generation
- *
- * @interface BuiltSecurity
- * @property {Record<string, any>} [securitySchemes] - Security schemes defined for the API
- * @property {Record<string, any>} headerParameters - Header parameters for security
- * @property {Record<string, any[]>} opSecurity - Operation security requirements
- * @property {Record<string, string[]>} opHeaderParameters - Operation-specific header parameters
- */
-export type BuiltSecurity = {
-    securitySchemes?: Record<string, any>;
-    headerParameters: Record<string, any>;
-    opSecurity: Record<string, any[] | undefined>;
-    opHeaderParameters: Record<string, string[]>;
-};
-/**
- * Load security configuration from a JSON file
- *
- * @param {string} [filePath] - Path to the security configuration file
- * @returns {SecurityConfig|undefined} Parsed security configuration object or undefined if loading failed
- */
-export declare function loadSecurityConfig(filePath?: string): SecurityConfig | undefined;
-/**
- * Build security schemes and parameters for OpenAPI generation
- *
- * @param {SecurityConfig} [cfg] - Security configuration object
- * @returns {BuiltSecurity} Object containing built security schemes and parameters
- */
-export declare function buildSecurity(cfg?: SecurityConfig): BuiltSecurity;
+export { buildSecurity, loadSecurityConfigFile as loadSecurityConfig, parseSecurityConfig, SecurityConfigError, type BuiltSecurity, type GatewayAuthScheme as AuthScheme, type SecurityConfig, } from "../util/securityConfig.js";
 //# sourceMappingURL=security.d.ts.map

package/dist/openapi/security.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/openapi/security.ts"],"names":[],"mappings":"AAmBA;;;;;;;;GAQG;AACH,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAE3E;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,CAAC,EAAE;QACP,MAAM,CAAC,EAAE,UAAU,CAAC;QACpB,MAAM,CAAC,EAAE;YAAE,EAAE,EAAE,QAAQ,GAAG,OAAO,GAAG,QAAQ,CAAC;YAAC,IAAI,EAAE,MAAM,CAAA;SAAE,CAAC;QAC7D,MAAM,CAAC,EAAE;YAAE,YAAY,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC;QACnC,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAC9B,MAAM,CAAC,EAAE;YAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;SAAE,CAAC;QACxC,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,QAAQ,CAAC,EAAE,OAAO,CAAC;YAAC,MAAM,CAAC,EAAE,GAAG,CAAA;SAAE,CAAC,CAAC;KACrE,CAAC;IACF,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;QACzB,MAAM,CAAC,EAAE,UAAU,CAAC;QACpB,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,QAAQ,CAAC,EAAE,OAAO,CAAC;YAAC,MAAM,CAAC,EAAE,GAAG,CAAA;SAAE,CAAC,CAAA;KACpE,CAAC,CAAC;CACJ,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,MAAM,aAAa,GAAG;IAC1B,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtC,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACtC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;IAC9C,kBAAkB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;CAC9C,CAAC;AAEF;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,cAAc,GAAG,SAAS,CAShF;AAeD;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,GAAG,CAAC,EAAE,cAAc,GAAG,aAAa,CA+FjE"}
+{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/openapi/security.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,aAAa,EACb,sBAAsB,IAAI,kBAAkB,EAC5C,mBAAmB,EACnB,mBAAmB,EACnB,KAAK,aAAa,EAClB,KAAK,iBAAiB,IAAI,UAAU,EACpC,KAAK,cAAc,GACpB,MAAM,2BAA2B,CAAC"}

package/dist/openapi/security.js

@@ -1,146 +1 @@
-/**
- * OpenAPI Security Configuration
- *
- * This module handles security scheme generation for the OpenAPI specification.
- * It provides functionality to define authentication and authorization requirements
- * for the API, including:
- *
- * - Basic authentication
- * - Bearer token authentication
- * - API key authentication
- * - OAuth2 flows
- * - Custom security headers
- *
- * The module supports both global security requirements and operation-specific
- * security overrides through an external JSON configuration file.
- */
-import fs from "node:fs";
-import { warn } from "../util/cli.js";
-/**
- * Load security configuration from a JSON file
- *
- * @param {string} [filePath] - Path to the security configuration file
- * @returns {SecurityConfig|undefined} Parsed security configuration object or undefined if loading failed
- */
-export function loadSecurityConfig(filePath) {
-    if (!filePath)
-        return undefined;
-    try {
-        const raw = fs.readFileSync(filePath, "utf8");
-        return JSON.parse(raw);
-    }
-    catch (e) {
-        warn(`Failed to read security config '${filePath}': ${e instanceof Error ? e.message : String(e)}`);
-        return undefined;
-    }
-}
-/**
- * Generate a canonical parameter component name from a header name
- *
- * @param {string} headerName - Original header name
- * @returns {string} Canonicalized component name
- */
-function makeParamComponentName(headerName) {
-    return headerName
-        .replace(/[^A-Za-z0-9]+/g, "_")
-        .replace(/^_+|_+$/g, "")
-        || "X_Header";
-}
-/**
- * Build security schemes and parameters for OpenAPI generation
- *
- * @param {SecurityConfig} [cfg] - Security configuration object
- * @returns {BuiltSecurity} Object containing built security schemes and parameters
- */
-export function buildSecurity(cfg) {
-    const securitySchemes = {};
-    const headerParameters = {};
-    const opSecurity = {};
-    const opHeaderParameters = {};
-    if (!cfg || !cfg.global) {
-        return { securitySchemes: undefined, headerParameters, opSecurity, opHeaderParameters };
-    }
-    const global = cfg.global;
-    const schemeName = "defaultAuth";
-    const scheme = global.scheme || "none";
-    const hasGlobal = scheme !== "none";
-    if (scheme !== "none") {
-        switch (scheme) {
-            case "basic":
-                securitySchemes[schemeName] = { type: "http", scheme: "basic" };
-                break;
-            case "bearer":
-                securitySchemes[schemeName] = { type: "http", scheme: "bearer", ...(global.bearer || {}) };
-                break;
-            case "apiKey":
-                securitySchemes[schemeName] = { type: "apiKey", ...(global.apiKey || { in: "header", name: "X-API-Key" }) };
-                break;
-            case "oauth2":
-                securitySchemes[schemeName] = { type: "oauth2", ...(global.oauth2 || { flows: {} }) };
-                break;
-        }
-    }
-    // Global headers
-    for (const h of global.headers || []) {
-        const compName = makeParamComponentName(h.name);
-        headerParameters[compName] = {
-            name: h.name,
-            in: "header",
-            required: !!h.required,
-            schema: h.schema || { type: "string" },
-        };
-    }
-    // Default op security (inherit global scheme)
-    // (If scheme is none we omit entirely)
-    // Overrides can set scheme to none to remove security
-    for (const [opName, override] of Object.entries(cfg.overrides || {})) {
-        const oScheme = override.scheme ?? scheme;
-        if (oScheme === "none") {
-            opSecurity[opName] = undefined;
-        }
-        else if (oScheme === scheme) {
-            opSecurity[opName] = hasGlobal ? [{ [schemeName]: [] }] : undefined;
-        }
-        else {
-            // Different scheme per operation -> create ad-hoc component name
-            const altName = `${schemeName}_${oScheme}`;
-            if (!securitySchemes[altName]) {
-                switch (oScheme) {
-                    case "basic":
-                        securitySchemes[altName] = { type: "http", scheme: "basic" };
-                        break;
-                    case "bearer":
-                        securitySchemes[altName] = { type: "http", scheme: "bearer" };
-                        break;
-                    case "apiKey":
-                        securitySchemes[altName] = { type: "apiKey", ...(global.apiKey || { in: "header", name: "X-API-Key" }) };
-                        break;
-                    case "oauth2":
-                        securitySchemes[altName] = { type: "oauth2", ...(global.oauth2 || { flows: {} }) };
-                        break;
-                }
-            }
-            opSecurity[opName] = [{ [altName]: [] }];
-        }
-        // Per-op headers merge global + override specific headers
-        const headers = [...(global.headers || []), ...(override.headers || [])];
-        opHeaderParameters[opName] = headers.map(h => makeParamComponentName(h.name));
-        for (const h of override.headers || []) {
-            const compName = makeParamComponentName(h.name);
-            if (!headerParameters[compName]) {
-                headerParameters[compName] = {
-                    name: h.name,
-                    in: "header",
-                    required: !!h.required,
-                    schema: h.schema || { type: "string" },
-                };
-            }
-        }
-    }
-    return {
-        securitySchemes: Object.keys(securitySchemes).length ? securitySchemes : undefined,
-        headerParameters,
-        opSecurity,
-        opHeaderParameters
-    };
-}
+export { buildSecurity, loadSecurityConfigFile as loadSecurityConfig, parseSecurityConfig, SecurityConfigError, } from "../util/securityConfig.js";

package/dist/pipeline.d.ts

@@ -40,6 +40,7 @@ export interface PipelineOptions {
         host?: string;
         port?: number;
         prefix?: string;
+        securityConfigFile?: string;
     };
     test?: {
         testDir: string;

package/dist/pipeline.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"pipeline.d.ts","sourceRoot":"","sources":["../src/pipeline.ts"],"names":[],"mappings":"AAiBA,OAAO,EAAkB,KAAK,sBAAsB,EAAC,MAAM,8BAA8B,CAAC;AAC1F,OAAO,EAAkB,KAAK,sBAAsB,EAAC,MAAM,8BAA8B,CAAC;AAC1F,OAAO,EAAC,KAAK,eAAe,EAAyB,MAAM,aAAa,CAAC;AAEzE,OAAO,EAAuB,KAAK,YAAY,EAAC,MAAM,wBAAwB,CAAC;AAG/E;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IACpC,OAAO,CAAC,EAAE,IAAI,CAAC,sBAAsB,EAAE,MAAM,GAAG,aAAa,GAAG,iBAAiB,CAAC,GAAG;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAC1G,OAAO,CAAC,EAAE,IAAI,CAAC,sBAAsB,EAAE,aAAa,GAAG,iBAAiB,CAAC,GAAG;QAC1E,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,MAAM,CAAC;QACpB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,GAAG,CAAC,EAAE;QACJ,MAAM,EAAE,MAAM,CAAC;QACf,WAAW,CAAC,EAAE,MAAM,GAAG,WAAW,CAAC;QACnC,KAAK,CAAC,EAAE,OAAO,CAAC;QAChB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,CAAC;IACF,IAAI,CAAC,EAAE;QACL,OAAO,EAAE,MAAM,CAAC;QAChB,KAAK,CAAC,EAAE,OAAO,CAAC;QAChB,oBAAoB,CAAC,EAAE,OAAO,CAAC;KAChC,CAAC;IACF;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;;;OAIG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,eAAe,GAAG,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,UAAU,CAAC,EAAE,GAAG,CAAC;CAAE,CAAC,CAiKhH"}
+{"version":3,"file":"pipeline.d.ts","sourceRoot":"","sources":["../src/pipeline.ts"],"names":[],"mappings":"AAiBA,OAAO,EAAkB,KAAK,sBAAsB,EAAC,MAAM,8BAA8B,CAAC;AAC1F,OAAO,EAAkB,KAAK,sBAAsB,EAAC,MAAM,8BAA8B,CAAC;AAC1F,OAAO,EAAC,KAAK,eAAe,EAAyB,MAAM,aAAa,CAAC;AAEzE,OAAO,EAAuB,KAAK,YAAY,EAAC,MAAM,wBAAwB,CAAC;AAG/E;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IACpC,OAAO,CAAC,EAAE,IAAI,CAAC,sBAAsB,EAAE,MAAM,GAAG,aAAa,GAAG,iBAAiB,CAAC,GAAG;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAC1G,OAAO,CAAC,EAAE,IAAI,CAAC,sBAAsB,EAAE,aAAa,GAAG,iBAAiB,CAAC,GAAG;QAC1E,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,MAAM,CAAC;QACpB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,GAAG,CAAC,EAAE;QACJ,MAAM,EAAE,MAAM,CAAC;QACf,WAAW,CAAC,EAAE,MAAM,GAAG,WAAW,CAAC;QACnC,KAAK,CAAC,EAAE,OAAO,CAAC;QAChB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,kBAAkB,CAAC,EAAE,MAAM,CAAC;KAC7B,CAAC;IACF,IAAI,CAAC,EAAE;QACL,OAAO,EAAE,MAAM,CAAC;QAChB,KAAK,CAAC,EAAE,OAAO,CAAC;QAChB,oBAAoB,CAAC,EAAE,OAAO,CAAC;KAChC,CAAC;IACF;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;;;OAIG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,eAAe,GAAG,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,UAAU,CAAC,EAAE,GAAG,CAAC;CAAE,CAAC,CAkKhH"}

package/dist/pipeline.js

@@ -142,6 +142,7 @@ export async function runGenerationPipeline(opts) {
             host: opts.app.host,
             port: opts.app.port,
             prefix: opts.app.prefix,
+            securityConfigFile: opts.app.securityConfigFile,
         });
     }
     // Step 7: Optionally generate test suite

package/dist/test/generateTests.js

@@ -14,7 +14,7 @@
 import fs from "node:fs";
 import path from "node:path";
 import { info, success } from "../util/cli.js";
-import { resolveClientMeta, resolveOperationMeta } from "../gateway/helpers.js";
+import { resolveClientMeta, resolveOperationMeta, slugName } from "../gateway/helpers.js";
 import { generateAllOperationMocks } from "./mockData.js";
 import { emitVitestConfig, emitMockClientHelper, emitTestAppHelper, emitRoutesTest, emitErrorsTest, emitEnvelopeTest, emitValidationTest, emitClassifyErrorTest, emitEnvelopeBuildersTest, emitUnwrapTest, } from "./generators.js";
 /**
@@ -77,7 +77,7 @@ export async function generateTests(opts) {
         // Read OpenAPI doc paths from the gateway's generated routes to get URL paths
         // We use the catalog operations and derive paths using the same pattern as gateway generation
         for (const op of catalog.operations) {
-            const operationSlug = op.name.toLowerCase().replace(/[^a-z0-9]+/g, "_").replace(/^_+|_+$/g, "");
+            const operationSlug = slugName(op.name);
             // Try to find the path from the generated operation schema
             const opSchemaPath = path.join(gatewayDir, "schemas", "operations", `${operationSlug}.json`);
             let urlPath = `/${operationSlug.replace(/_/g, "-")}`;

package/dist/util/builder.js

@@ -40,7 +40,7 @@ export function buildOpenApiOptionsFromArgv(argv, format, servers) {
         opsFile: argv["openapi-ops-file"],
         pathStyle: argv["openapi-path-style"],
         pruneUnusedSchemas: argv["openapi-prune-unused-schemas"],
-        securityConfigFile: argv["openapi-security-file"],
+        securityConfigFile: (argv["openapi-security-config-file"] || argv["openapi-security-file"]),
         servers,
         skipValidate: false, // Always validate
         tagStyle: argv["openapi-tag-style"],