Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@api-platform/api-doc-parser
Advanced tools
Transform an API documentation (Hydra, OpenAPI, GraphQL) in an intermediate representation that can be used for various tasks such as creating smart API clients, scaffolding code or building administration interfaces.
api-doc-parser
is a standalone TypeScript library to parse Hydra, Swagger, OpenAPI and GraphQL documentations
and transform them in an intermediate representation.
This data structure can then be used for various tasks such as creating smart API clients,
scaffolding code or building administration interfaces.
It plays well with the API Platform framework.
With Yarn:
yarn add @api-platform/api-doc-parser
Using NPM:
npm install @api-platform/api-doc-parser
If you plan to use the library with Node, you also need a polyfill for the fetch
function:
yarn add isomorphic-fetch
Hydra
import { parseHydraDocumentation } from '@api-platform/api-doc-parser';
parseHydraDocumentation('https://demo.api-platform.com').then(({api}) => console.log(api));
OpenAPI v2 (formerly known as Swagger)
import { parseSwaggerDocumentation } from '@api-platform/api-doc-parser';
parseSwaggerDocumentation('https://demo.api-platform.com/docs.json').then(({api}) => console.log(api));
OpenAPI v3
import { parseOpenApi3Documentation } from '@api-platform/api-doc-parser';
parseOpenApi3Documentation('https://demo.api-platform.com/docs.json?spec_version=3').then(({api}) => console.log(api));
GraphQL
import { parseGraphQl } from '@api-platform/api-doc-parser';
parseGraphQl('https://demo.api-platform.com/graphql').then(({api}) => console.log(api));
In order to support OpenAPI, the library makes some assumptions about how the documentation relates to a corresponding ressource:
GET
) or edit (PUT
) one resource looks like /books/{id}
(regular expression used: ^[^{}]+/{[^{}]+}/?$
).
Note that books
may be a singular noun (book
).
If there is no path like this, the library skips the resource.get
either in the [response
/ 200
/ content
/ application/json
] path section or in the components
section of the documentation.
If retrieved from the components
section, the component name needs to look like Book
(singular noun).
For put
, the schema is only retrieved in the [requestBody
/ content
/ application/json
] path section.
If no schema is found, the resource is skipped.get
and one for put
), resource fields are merged.POST
) and list (GET
) path. They need to look like /books
(plural noun).DELETE
) path needs to be inside the get / edit path.reviews
property, the library tries to find a Review
resource.
If there is, a relation or an embedded between Book
and Review
resources is made for the reviews
field.
The property name can also be like review_id
, reviewId
, review_ids
or reviewIds
for references.API Doc Parser is designed to parse any API documentation format and convert it in the same intermediate representation. If you develop a parser for another format, please open a Pull Request to include it in the library.
yarn test
yarn lint
Created by Kévin Dunglas. Sponsored by Les-Tilleuls.coop.
FAQs
Transform an API documentation (Hydra, OpenAPI, GraphQL) in an intermediate representation that can be used for various tasks such as creating smart API clients, scaffolding code or building administration interfaces.
We found that @api-platform/api-doc-parser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.