jentic-openapi-validator-redocly 1.0.0a30__tar.gz → 1.0.0a32__tar.gz

{jentic_openapi_validator_redocly-1.0.0a30 → jentic_openapi_validator_redocly-1.0.0a32}/PKG-INFO

@@ -1,14 +1,14 @@
 Metadata-Version: 2.4
 Name: jentic-openapi-validator-redocly
-Version: 1.0.0a30
+Version: 1.0.0a32
 Summary: Jentic OpenAPI Redocly Validator Backend
 Author: Jentic
 Author-email: Jentic <hello@jentic.com>
 License-Expression: Apache-2.0
 License-File: LICENSE
 License-File: NOTICE
-Requires-Dist: jentic-openapi-common~=1.0.0a30
-Requires-Dist: jentic-openapi-validator~=1.0.0a30
+Requires-Dist: jentic-openapi-common~=1.0.0a32
+Requires-Dist: jentic-openapi-validator~=1.0.0a32
 Requires-Dist: lsprotocol~=2025.0.0
 Requires-Dist: jsonpointer~=3.0.0
 Requires-Python: >=3.11
@@ -17,7 +17,9 @@ Description-Content-Type: text/markdown
 
 # jentic-openapi-validator-redocly
 
-A [Redocly](https://redocly.com/docs/cli/) validator backend for the Jentic OpenAPI Tools ecosystem. This package provides OpenAPI document validation using Redocly CLI with comprehensive error reporting and flexible configuration options.
+A [Redocly](https://redocly.com/docs/cli/) validator backend for the Jentic OpenAPI Tools ecosystem. This package
+provides OpenAPI document validation using Redocly CLI with comprehensive error reporting and flexible configuration
+options.
 
 ## Features
 
@@ -34,13 +36,14 @@ pip install jentic-openapi-validator-redocly
 ```
 
 **Prerequisites:**
+
 - Node.js and npm (for Redocly CLI)
 - Python 3.11+
 
 The Redocly CLI will be automatically downloaded via npx on first use, or you can install it globally:
 
 ```bash
-npm install -g @redocly/cli
+npm install -g @redocly/cli@2.14.3
 ```
 
 ## Quick Start
@@ -86,7 +89,7 @@ print(f"Document is valid: {result.valid}")
 validator = RedoclyValidatorBackend(redocly_path="/usr/local/bin/redocly")
 
 # Use specific version via npx
-validator = RedoclyValidatorBackend(redocly_path="npx --yes @redocly/cli@2.11.1")
+validator = RedoclyValidatorBackend(redocly_path="npx --yes @redocly/cli@2.14.3")
 ```
 
 ### Custom Rulesets
@@ -157,13 +160,15 @@ validator = RedoclyValidatorBackend(
 ```
 
 **Security Benefits:**
+
 - Prevents path traversal attacks (`../../etc/passwd`)
 - Restricts access to allowed directories only (when `allowed_base_dir` is set)
 - Validates file extensions (`.yaml`, `.yml`, `.json`) - **always enforced**, even when `allowed_base_dir=None`
 - Checks symlinks don't escape boundaries (when `allowed_base_dir` is set)
 - Validates both document and ruleset paths
 
-**Note:** File extension validation (`.yaml`, `.yml`, `.json`) is always performed for filesystem paths, regardless of whether `allowed_base_dir` is set. When `allowed_base_dir=None`, only the base directory containment check is skipped.
+**Note:** File extension validation (`.yaml`, `.yml`, `.json`) is always performed for filesystem paths, regardless of
+whether `allowed_base_dir` is set. When `allowed_base_dir=None`, only the base directory containment check is skipped.
 
 ## Advanced Usage
 
@@ -238,7 +243,8 @@ result = validator.validate("file:///path/to/openapi.yaml")
 
 ### Integration Tests
 
-The integration tests require Redocly CLI to be available. They will be automatically skipped if Redocly is not installed.
+The integration tests require Redocly CLI to be available. They will be automatically skipped if Redocly is not
+installed.
 
 **Run the integration test:**
 
@@ -253,36 +259,44 @@ uv run --package jentic-openapi-validator-redocly pytest packages/jentic-openapi
 ```python
 class RedoclyValidatorBackend(BaseValidatorBackend):
     def __init__(
-        self,
-        redocly_path: str = "npx --yes @redocly/cli@2.11.1",
-        ruleset_path: str | None = None,
-        timeout: float = 600.0,
-        allowed_base_dir: str | Path | None = None,
+            self,
+            redocly_path: str = "npx --yes @redocly/cli@2.14.3",
+            ruleset_path: str | None = None,
+            timeout: float = 600.0,
+            allowed_base_dir: str | Path | None = None,
     ) -> None
 ```
 
 **Parameters:**
+
 - `redocly_path`: Path to Redocly CLI executable
 - `ruleset_path`: Path to a custom ruleset file (optional)
 - `timeout`: Maximum execution time in seconds
-- `allowed_base_dir`: Optional base directory for path security validation. When set, all document and ruleset paths are validated to be within this directory, providing defense against path traversal attacks. When `None` (default), only file extension validation is performed (no base directory containment check). Recommended for web services or untrusted input (optional)
+- `allowed_base_dir`: Optional base directory for path security validation. When set, all document and ruleset paths are
+  validated to be within this directory, providing defense against path traversal attacks. When `None` (default), only
+  file extension validation is performed (no base directory containment check). Recommended for web services or
+  untrusted input (optional)
 
 **Methods:**
 
 - `accepts() -> list[Literal["uri", "dict"]]`: Returns supported document format identifiers
-- `validate(document: str | dict, *, base_url: str | None = None, target: str | None = None) -> ValidationResult`: Validates an OpenAPI document
+- `validate(document: str | dict, *, base_url: str | None = None, target: str | None = None) -> ValidationResult`:
+  Validates an OpenAPI document
 
 **Exceptions:**
+
 - `FileNotFoundError`: Custom ruleset file doesn't exist
 - `RuntimeError`: Redocly execution fails
 - `SubprocessExecutionError`: Redocly times out or fails to start
 - `TypeError`: Unsupported document type
-- `PathTraversalError`: Document or ruleset path attempts to escape allowed_base_dir (only when `allowed_base_dir` is set)
+- `PathTraversalError`: Document or ruleset path attempts to escape allowed_base_dir (only when `allowed_base_dir` is
+  set)
 - `InvalidExtensionError`: Document or ruleset path has disallowed file extension (always checked for filesystem paths)
 
 ## Exit Codes
 
 Redocly CLI uses the following exit codes:
+
 - **0**: No validation errors found
 - **1**: Validation errors found (document has issues)
 - **2+**: Command-line or configuration errors

{jentic_openapi_validator_redocly-1.0.0a30 → jentic_openapi_validator_redocly-1.0.0a32}/README.md

@@ -1,6 +1,8 @@
 # jentic-openapi-validator-redocly
 
-A [Redocly](https://redocly.com/docs/cli/) validator backend for the Jentic OpenAPI Tools ecosystem. This package provides OpenAPI document validation using Redocly CLI with comprehensive error reporting and flexible configuration options.
+A [Redocly](https://redocly.com/docs/cli/) validator backend for the Jentic OpenAPI Tools ecosystem. This package
+provides OpenAPI document validation using Redocly CLI with comprehensive error reporting and flexible configuration
+options.
 
 ## Features
 
@@ -17,13 +19,14 @@ pip install jentic-openapi-validator-redocly
 ```
 
 **Prerequisites:**
+
 - Node.js and npm (for Redocly CLI)
 - Python 3.11+
 
 The Redocly CLI will be automatically downloaded via npx on first use, or you can install it globally:
 
 ```bash
-npm install -g @redocly/cli
+npm install -g @redocly/cli@2.14.3
 ```
 
 ## Quick Start
@@ -69,7 +72,7 @@ print(f"Document is valid: {result.valid}")
 validator = RedoclyValidatorBackend(redocly_path="/usr/local/bin/redocly")
 
 # Use specific version via npx
-validator = RedoclyValidatorBackend(redocly_path="npx --yes @redocly/cli@2.11.1")
+validator = RedoclyValidatorBackend(redocly_path="npx --yes @redocly/cli@2.14.3")
 ```
 
 ### Custom Rulesets
@@ -140,13 +143,15 @@ validator = RedoclyValidatorBackend(
 ```
 
 **Security Benefits:**
+
 - Prevents path traversal attacks (`../../etc/passwd`)
 - Restricts access to allowed directories only (when `allowed_base_dir` is set)
 - Validates file extensions (`.yaml`, `.yml`, `.json`) - **always enforced**, even when `allowed_base_dir=None`
 - Checks symlinks don't escape boundaries (when `allowed_base_dir` is set)
 - Validates both document and ruleset paths
 
-**Note:** File extension validation (`.yaml`, `.yml`, `.json`) is always performed for filesystem paths, regardless of whether `allowed_base_dir` is set. When `allowed_base_dir=None`, only the base directory containment check is skipped.
+**Note:** File extension validation (`.yaml`, `.yml`, `.json`) is always performed for filesystem paths, regardless of
+whether `allowed_base_dir` is set. When `allowed_base_dir=None`, only the base directory containment check is skipped.
 
 ## Advanced Usage
 
@@ -221,7 +226,8 @@ result = validator.validate("file:///path/to/openapi.yaml")
 
 ### Integration Tests
 
-The integration tests require Redocly CLI to be available. They will be automatically skipped if Redocly is not installed.
+The integration tests require Redocly CLI to be available. They will be automatically skipped if Redocly is not
+installed.
 
 **Run the integration test:**
 
@@ -236,36 +242,44 @@ uv run --package jentic-openapi-validator-redocly pytest packages/jentic-openapi
 ```python
 class RedoclyValidatorBackend(BaseValidatorBackend):
     def __init__(
-        self,
-        redocly_path: str = "npx --yes @redocly/cli@2.11.1",
-        ruleset_path: str | None = None,
-        timeout: float = 600.0,
-        allowed_base_dir: str | Path | None = None,
+            self,
+            redocly_path: str = "npx --yes @redocly/cli@2.14.3",
+            ruleset_path: str | None = None,
+            timeout: float = 600.0,
+            allowed_base_dir: str | Path | None = None,
     ) -> None
 ```
 
 **Parameters:**
+
 - `redocly_path`: Path to Redocly CLI executable
 - `ruleset_path`: Path to a custom ruleset file (optional)
 - `timeout`: Maximum execution time in seconds
-- `allowed_base_dir`: Optional base directory for path security validation. When set, all document and ruleset paths are validated to be within this directory, providing defense against path traversal attacks. When `None` (default), only file extension validation is performed (no base directory containment check). Recommended for web services or untrusted input (optional)
+- `allowed_base_dir`: Optional base directory for path security validation. When set, all document and ruleset paths are
+  validated to be within this directory, providing defense against path traversal attacks. When `None` (default), only
+  file extension validation is performed (no base directory containment check). Recommended for web services or
+  untrusted input (optional)
 
 **Methods:**
 
 - `accepts() -> list[Literal["uri", "dict"]]`: Returns supported document format identifiers
-- `validate(document: str | dict, *, base_url: str | None = None, target: str | None = None) -> ValidationResult`: Validates an OpenAPI document
+- `validate(document: str | dict, *, base_url: str | None = None, target: str | None = None) -> ValidationResult`:
+  Validates an OpenAPI document
 
 **Exceptions:**
+
 - `FileNotFoundError`: Custom ruleset file doesn't exist
 - `RuntimeError`: Redocly execution fails
 - `SubprocessExecutionError`: Redocly times out or fails to start
 - `TypeError`: Unsupported document type
-- `PathTraversalError`: Document or ruleset path attempts to escape allowed_base_dir (only when `allowed_base_dir` is set)
+- `PathTraversalError`: Document or ruleset path attempts to escape allowed_base_dir (only when `allowed_base_dir` is
+  set)
 - `InvalidExtensionError`: Document or ruleset path has disallowed file extension (always checked for filesystem paths)
 
 ## Exit Codes
 
 Redocly CLI uses the following exit codes:
+
 - **0**: No validation errors found
 - **1**: Validation errors found (document has issues)
 - **2+**: Command-line or configuration errors

{jentic_openapi_validator_redocly-1.0.0a30 → jentic_openapi_validator_redocly-1.0.0a32}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "jentic-openapi-validator-redocly"
-version = "1.0.0-alpha.30"
+version = "1.0.0-alpha.32"
 description = "Jentic OpenAPI Redocly Validator Backend"
 readme = "README.md"
 authors = [{ name = "Jentic", email = "hello@jentic.com" }]
@@ -8,8 +8,8 @@ license = "Apache-2.0"
 license-files = ["LICENSE", "NOTICE"]
 requires-python = ">=3.11"
 dependencies = [
-  "jentic-openapi-common~=1.0.0-alpha.30",
-  "jentic-openapi-validator~=1.0.0-alpha.30",
+  "jentic-openapi-common~=1.0.0-alpha.32",
+  "jentic-openapi-validator~=1.0.0-alpha.32",
   "lsprotocol~=2025.0.0",
   "jsonpointer~=3.0.0"
 ]

{jentic_openapi_validator_redocly-1.0.0a30 → jentic_openapi_validator_redocly-1.0.0a32}/src/jentic/apitools/openapi/validator/backends/redocly/__init__.py

@@ -1,5 +1,6 @@
 import json
 import logging
+import os
 import shlex
 import tempfile
 from collections.abc import Sequence
@@ -33,7 +34,7 @@ ruleset_file = rulesets_files_dir.joinpath("redocly.yaml")
 class RedoclyValidatorBackend(BaseValidatorBackend):
     def __init__(
         self,
-        redocly_path: str = "npx --yes @redocly/cli@2.11.1",
+        redocly_path: str = "npx --yes @redocly/cli@2.14.3",
         ruleset_path: str | None = None,
         timeout: float = 600.0,
         allowed_base_dir: str | Path | None = None,
@@ -43,7 +44,7 @@ class RedoclyValidatorBackend(BaseValidatorBackend):
         Initialize the RedoclyValidatorBackend.
 
         Args:
-            redocly_path: Path to the redocly CLI executable (default: "npx --yes @redocly/cli@2.11.1").
+            redocly_path: Path to the redocly CLI executable (default: "npx --yes @redocly/cli@2.14.3").
                 Uses shell-safe parsing to handle quoted arguments properly.
             ruleset_path: Path to a custom ruleset file. If None, uses bundled default ruleset.
             timeout: Maximum time in seconds to wait for Redocly CLI execution (default: 600.0)
@@ -162,10 +163,19 @@ class RedoclyValidatorBackend(BaseValidatorBackend):
                         str(self.max_problems),
                         validated_doc_path,
                     ]
+                    env = os.environ.copy()
+                    env.update(
+                        {
+                            "REDOCLY_TELEMETRY": "off",
+                            "REDOCLY_SUPPRESS_UPDATE_NOTICE": "true",
+                        }
+                    )
 
                     # Open the temp output file for writing and redirect stdout to it
                     with open(output_path, "w", encoding="utf-8") as output_file:
-                        result = run_subprocess(cmd, timeout=self.timeout, stdout=output_file)
+                        result = run_subprocess(
+                            cmd, env=env, timeout=self.timeout, stdout=output_file
+                        )
 
                 if result is None:
                     raise RuntimeError("Redocly validation failed - no result returned")