contract-drift-detection 0.1.3 → 0.1.4

package/CHANGELOG.md

@@ -2,6 +2,15 @@
 
 All notable changes to this project are documented in this file.
 
+## 0.1.4 - 2026-03-16
+
+### Improved
+
+- Reworked README for npm users with clearer onboarding and prerequisites.
+- Added explicit first-run flows for `quickstart`, `--spec`, `--discover`, and `--spec-url`.
+- Expanded troubleshooting section with actionable recovery steps.
+- Clarified CLI usage, runtime diagnostics endpoints, and CORS guidance.
+
 ## 0.1.3 - 2026-03-16
 
 ### Improved

package/README.md

@@ -1,172 +1,111 @@
 # Contract Drift Detection
 
-Contract Drift Detection is a stateful OpenAPI mock server with proxy-based response validation.
+Contract Drift Detection is a developer CLI that gives you a stateful mock API from OpenAPI and detects contract drift against real backend responses.
 
-It solves the frontend/backend integration gap by combining:
+Use it when:
 
-1. **Spec-first mocking** (OpenAPI 3.x)
-2. **Persistent local API state** (CRUD that actually mutates)
-3. **Live contract drift detection** against real backend responses
+- frontend is blocked by incomplete backend endpoints,
+- your team has an OpenAPI contract but real responses drift from it,
+- you want one local endpoint that supports mock mode and proxy mode.
 
-If your frontend is blocked by backend readiness, or your backend keeps returning payloads that quietly break UI assumptions, this package is built for that exact pain.
+## What this tool does
 
-## What problem this resolves
+- Generates API routes from OpenAPI 3.x (`.yaml` or `.json`).
+- Persists API state in a local `.mock-db.json` file.
+- Supports workflow actions using OpenAPI vendor extensions (`x-mock-state`).
+- In proxy mode, forwards traffic to real backend and validates responses against your spec.
+- Prints visible drift alerts when schema mismatches happen.
 
-Frontend and backend teams usually have to choose between two incomplete options:
+## What you need before starting
 
-- Stateless OpenAPI mockers that validate contracts but do not persist mutations.
-- Fake JSON backends that persist state but know nothing about the OpenAPI spec the frontend was actually built against.
+- Node.js `>= 20`
+- One of these:
+  - local OpenAPI file (`openapi.yaml` / `openapi.json`), or
+  - backend URL that exposes OpenAPI, or
+  - nothing (use `quickstart` to generate starter contract)
 
-This project combines both and adds a third layer: drift detection against a live backend.
+## Fastest way to start
 
-### Typical outcomes
-
-- Frontend can develop end-to-end before backend is complete.
-- Backend drift is detected immediately in development, not in QA/production.
-- Teams converge faster on a stable API contract.
-
-## Features
-
-- Generates Fastify routes directly from an OpenAPI 3.x file.
-- Persists state in a local JSON file so POST, PATCH, and DELETE affect future requests.
-- Seeds collections from component schemas using realistic sample data.
-- Supports action-style workflows with `x-mock-state` vendor extensions instead of a separate DSL.
-- Proxies to a live backend with `--drift-check` and validates real responses against the contract.
-- Ships as a CLI and as a reusable library.
-
-## Install and run
-
-### Use directly with `npx` (no install)
-
-```bash
-npx contract-drift-detection@latest --spec ./openapi.yaml --port 4010
-```
-
-(`serve` subcommand is optional; root command accepts serve options.)
-
-### Install globally
-
-```bash
-npm i -g contract-drift-detection
-cdd --help
-```
-
-### Install in a project
-
-```bash
-npm install
-npm run build
-```
-
-For local development:
-
-```bash
-npm run dev
-```
-
-## 30-second quick start
-
-No spec file yet? Start instantly:
+### Option A: no spec yet (recommended first run)
 
 ```bash
 npx contract-drift-detection@latest quickstart
 ```
 
-Already have an OpenAPI file? Start with local spec:
+This creates a starter OpenAPI file and starts the server immediately.
 
-```bash
-npx contract-drift-detection@latest serve --spec ./openapi.yaml --port 4010
-```
-
-Create a starter config + starter OpenAPI file in current directory:
+### Option B: you already have a local spec
 
 ```bash
-npx contract-drift-detection@latest init
-```
-
-If your backend already exposes OpenAPI, avoid writing spec manually:
-
-```bash
-npx contract-drift-detection@latest serve --discover http://localhost:8080 --port 4010
+npx contract-drift-detection@latest --spec ./openapi.yaml --port 4010
 ```
 
-Or use direct remote spec URL:
+### Option C: backend exposes OpenAPI
 
 ```bash
-npx contract-drift-detection@latest serve --spec-url http://localhost:8080/openapi.json --port 4010
+npx contract-drift-detection@latest --discover http://localhost:8080 --port 4010
 ```
 
-If `--discover` fails, your backend likely does not expose OpenAPI at common paths.
-Try either:
+If discover still fails, use explicit endpoint:
 
 ```bash
-npx contract-drift-detection@latest serve --spec-url http://localhost:8080/v3/api-docs --port 4010
+npx contract-drift-detection@latest --spec-url http://localhost:8080/v3/api-docs --port 4010
 ```
 
-or bootstrap instantly:
+## Typical frontend + backend integration flow
 
-```bash
-npx contract-drift-detection@latest quickstart
-```
+1. Start backend (optional for mock-only mode).
+2. Start this tool on `http://localhost:4010`.
+3. Point frontend API base URL to `http://localhost:4010`.
+4. Use mock mode during backend gaps.
+5. Turn on drift-check mode when backend is available.
 
-Start in drift detection mode against a real backend:
+Drift-check example:
 
 ```bash
-npx contract-drift-detection@latest serve \
+npx contract-drift-detection@latest \
   --discover http://localhost:8080 \
-  --port 4010 \
-  --drift-check http://localhost:8080
+  --drift-check http://localhost:8080 \
+  --port 4010
 ```
 
-If the backend is flaky and you still want local progress, add `--fallback-to-mock`.
+## CLI usage
 
-Point your frontend API base URL to `http://localhost:4010`.
-
-## CLI
+`serve` subcommand is optional. Root command accepts serve options directly.
 
 ```text
-contract-drift-detection serve [--spec <path> | --spec-url <url> | --discover <backend-url>] [--port 4010] [--host 0.0.0.0] [--db .mock-db.json] [--cors-origin *] [--drift-check <url>] [--fallback-to-mock] [--verbose]
+contract-drift-detection [--spec <path> | --spec-url <url> | --discover <backend-url>] [--port 4010] [--host 0.0.0.0] [--db .mock-db.json] [--cors-origin *] [--drift-check <url>] [--fallback-to-mock] [--verbose]
+contract-drift-detection serve [same options as above]
 contract-drift-detection init [--spec openapi.yaml] [--template rest-crud|none] [--db .mock-db.json] [--port 4010] [--host 0.0.0.0]
 contract-drift-detection quickstart [--spec openapi.yaml] [--port 4010] [--host 0.0.0.0] [--db .mock-db.json] [--cors-origin *] [--verbose]
-
-# Root command (equivalent to serve)
-contract-drift-detection [--spec <path> | --spec-url <url> | --discover <backend-url>] [--port 4010] ...
 ```
 
-`--cors-origin` defaults to `*` for frictionless browser testing.
-
-Spec resolution priority in `serve` is:
+Spec resolution priority:
 
 1. `--spec`
 2. `--spec-url`
 3. `--discover`
 
-Remote/discovered specs are cached locally under `.cdd/`.
+Remote/discovered specs are cached under `.cdd/`.
 
-## Recommended workflows
+## Backend OpenAPI endpoints commonly discovered
 
-### A) Frontend-first (mock only)
+`--discover` checks common paths, including:
 
-```bash
-npx cdd serve --spec ./openapi.yaml --port 4010
-```
+- `/openapi.json`
+- `/openapi.yaml`
+- `/api/openapi.json`
+- `/api/openapi.yaml`
+- `/swagger.json`
+- `/swagger/v1/swagger.json`
+- `/v3/api-docs`
+- `/api-docs-json`
+- `/api-docs`
+- `/docs/openapi.json`
 
-Use this when backend endpoints are not ready.
+## OpenAPI workflow actions (`x-mock-state`)
 
-### B) Integration mode (proxy + drift detection)
-
-```bash
-npx cdd serve \
-  --spec ./openapi.yaml \
-  --port 4010 \
-  --drift-check http://localhost:8080
-```
-
-Use this when backend is partially/fully available and you want immediate contract mismatch alerts.
-
-## OpenAPI workflow actions
-
-Instead of inventing a separate configuration language, action endpoints are defined directly in the OpenAPI document with vendor extensions.
+Example:
 
 ```yaml
 paths:
@@ -188,70 +127,58 @@ Supported actions:
 - `replace`
 - `append`
 
-Values inside `assign` and `set` can reference request input with `{{body.field}}`, `{{params.id}}`, `{{query.key}}`, and `{{headers.header_name}}`.
+Template values are supported in `assign` and `set`, for example:
 
-## Runtime endpoints
+- `{{body.field}}`
+- `{{params.id}}`
+- `{{query.key}}`
+- `{{headers.authorization}}`
 
-- `GET /__health` returns a simple health payload.
-- `GET /__spec` returns the dereferenced OpenAPI document currently in memory.
-- `GET /__routes` returns generated route diagnostics (method/path/operation).
+## Runtime diagnostic endpoints
 
-## Browser/CORS notes
+- `GET /__health` → health check
+- `GET /__spec` → resolved OpenAPI in memory
+- `GET /__routes` → generated route summary
 
-- Default CORS is enabled for all origins (`*`) so local frontend apps can call the mock server immediately.
-- For stricter setups, set a specific origin:
+## CORS notes
+
+- Default CORS is enabled for all origins (`*`) for fast local onboarding.
+- For stricter browser setup:
 
 ```bash
-npx cdd serve --spec ./openapi.yaml --cors-origin http://localhost:5173
+npx contract-drift-detection@latest --spec ./openapi.yaml --cors-origin http://localhost:5173
 ```
 
-- If you see `EADDRINUSE`, choose a different port (`--port 4020`) or stop the process already using that port.
+## Troubleshooting
+
+### `Could not discover an OpenAPI spec ...`
 
-## Example product workflow
+- Try explicit endpoint with `--spec-url`.
+- Or use `quickstart` if backend does not expose OpenAPI.
+- Or run `init` to scaffold starter files.
 
-1. Start the mock server from the OpenAPI spec before the backend is ready.
-2. Build the frontend against persistent local state instead of hand-written fixtures.
-3. Switch on `--drift-check` when backend endpoints start coming online.
-4. Keep frontend traffic pointed at this tool until contract mismatches are resolved.
+### `EADDRINUSE: address already in use`
 
-## Development
+- Port already taken. Choose another port:
 
 ```bash
-npm run typecheck
-npm test
-npm run lint
-npm run build
+npx contract-drift-detection@latest --spec ./openapi.yaml --port 4020
 ```
 
-## Release verification
+### Need full stack traces for debugging
 
 ```bash
-npm run release:verify
+CDD_SHOW_STACK=1 npx contract-drift-detection@latest --spec ./openapi.yaml
 ```
 
-This runs typecheck, tests, lint, build, and `npm pack --dry-run`.
-
-## Real frontend + backend test
-
-Use the built-in demo harness to validate this package in a full request chain:
-
-1. `npm run demo:backend`
-2. `npm run demo:mock:drift`
-3. `npm run demo:frontend`
-
-Then open `http://localhost:5173` and exercise requests through the browser.
-
-For the complete flow and drift simulation, see `docs/REAL_STACK_TEST.md`.
-
-## Launch
-
-For release automation and go-to-market steps, follow:
+## Package and binaries
 
-- `docs/RELEASE.md` for versioning and npm publish
-- `docs/LAUNCH_CHECKLIST.md` for launch channels and success metrics
+- npm package: `contract-drift-detection`
+- binaries: `contract-drift-detection`, `cdd`
+- license: MIT
 
-## Shipping notes
+## Links
 
-- The package exposes the `cdd` and `contract-drift-detection` binaries.
-- `prepublishOnly` runs typecheck, tests, and build to block broken releases.
-- The included example spec under `examples/` is intended for demos, screenshots, and onboarding.
+- Changelog: `CHANGELOG.md`
+- Release process: `docs/RELEASE.md`
+- Real stack demo test flow: `docs/REAL_STACK_TEST.md`

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "contract-drift-detection",
-  "version": "0.1.3",
+  "version": "0.1.4",
   "description": "Stateful OpenAPI mock server with contract drift detection",
   "repository": {
     "type": "git",