Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
@jmms/swagger-codegen
Advanced tools
Swagger to Typescript Codegen
Differences and why we have our own module
The Templates are shiny-clean now, very memory efficient, return with correct typings & includes a lookup function.
This package generates a TypeScript class from a swagger specification file. The code is generated using mustache templates and is quality checked by jshint and beautified by js-beautify.
The typescript generator is based on superagent and can be used for both nodejs and the browser via browserify/webpack.
This fork was made to simplify some parts, add some more features, and tailor it more to specific use cases.
Example
var fs = require("fs");
var CodeGen = require("swagger-typescript-codegen").CodeGen;
var file = "swagger/spec.json";
var swagger = JSON.parse(fs.readFileSync(file, "UTF-8"));
var tsSourceCode = CodeGen.getTypescriptCode({
className: "Test",
swagger: swagger,
imports: ["../../typings/tsd.d.ts"],
});
console.log(tsSourceCode);
Custom template
var source = CodeGen.getCustomCode({
moduleName: "Test",
className: "Test",
swagger: swaggerSpec,
template: {
class: fs.readFileSync("my-class.mustache", "utf-8"),
method: fs.readFileSync("my-method.mustache", "utf-8"),
type: fs.readFileSync("my-type.mustache", "utf-8"),
},
});
Options
In addition to the common options listed below, getCustomCode() requires a template field:
template: { class: "...", method: "..." }
getTypescriptCode(), getCustomCode() each support the following options:
moduleName:
type: string
description: Your module name
className:
type: string
beautify:
type: boolean
description: whether or not to beautify the generated code
beautifyOptions:
type: object
description: Options to be passed to the beautify command. See js-beautify for all available options.
mustache:
type: object
description: See the 'Custom Mustache Variables' section below
imports:
type: array
description: Typescript definition files to be imported.
swagger:
type: object
required: true
description: swagger object
Template Variables
The following data are passed to the mustache templates:
isES6:
type: boolean
description:
type: string
description: Provided by your options field: 'swagger.info.description'
isSecure:
type: boolean
description: false unless 'swagger.securityDefinitions' is defined
moduleName:
type: string
description: Your module name - provided by your options field
className:
type: string
description: Provided by your options field
domain:
type: string
description: If all options defined: swagger.schemes[0] + '://' + swagger.host + swagger.basePath
methods:
type: array
items:
type: object
properties:
path:
type: string
pathFormatString:
type: string
className:
type: string
description: Provided by your options field
methodName:
type: string
description: Generated from the HTTP method and path elements or 'x-swagger-js-method-name' field
method:
type: string
description: 'GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'COPY', 'HEAD', 'OPTIONS', 'LINK', 'UNLINK', 'PURGE', 'LOCK', 'UNLOCK', 'PROPFIND'
enum:
- GET
- POST
- PUT
- DELETE
- PATCH
- COPY
- HEAD
- OPTIONS
- LINK
- UNLINK
- PURGE
- LOCK
- UNLOCK
- PROPFIND
isGET:
type: string
description: true if method === 'GET'
summary:
type: string
description: Provided by the 'description' or 'summary' field in the schema
externalDocs:
type: object
properties:
url:
type: string
description: The URL for the target documentation. Value MUST be in the format of a URL.
required: true
description:
type: string
description: A short description of the target documentation. GitHub-Markdown syntax can be used for rich text representation.
isSecure:
type: boolean
description: true if the 'security' is defined for the method in the schema
version:
type: string
description: Version part of the path, if the path starts with the prefix '/api/vXXX/'.
intVersion:
type: integer
description: Integer part of the version string.
isLatestVersion:
type: boolean
description: True iff this is the latest version of the method.
parameters:
type: array
description: Includes all of the properties defined for the parameter in the schema plus:
items:
camelCaseName:
type: string
isSingleton:
type: boolean
description: true if there was only one 'enum' defined for the parameter
singleton:
type: string
description: the one and only 'enum' defined for the parameter (if there is only one)
isBodyParameter:
type: boolean
isPathParameter:
type: boolean
isQueryParameter:
type: boolean
isPatternType:
type: boolean
description: true if *in* is 'query', and 'pattern' is defined
isHeaderParameter:
type: boolean
isFormParameter:
type: boolean
successfulResponseType:
type: string
description: The type of a successful response. Defaults to any for non-parsable types or Swagger 1.0 spec files
successfulResponseTypeIsRef:
type: boolean
description: True iff the successful response type is the name of a type defined in the Swagger schema.
Custom Mustache Variables
You can also pass in your own variables for the mustache templates by adding a mustache object:
var source = CodeGen.getCustomCode({
...
mustache: {
foo: 'bar',
app_build_id: env.BUILD_ID,
app_version: pkg.version
}
});
Swagger Extensions
x-proxy-header
Some proxies and application servers inject HTTP headers into the requests. Server-side code may use these fields, but they are not required in the client API.
eg: https://cloud.google.com/appengine/docs/go/requests#Go_Request_headers
/locations:
get:
parameters:
- name: X-AppEngine-Country
in: header
x-proxy-header: true
type: string
description: Provided by AppEngine eg - US, AU, GB
- name: country
in: query
type: string
description: |
2 character country code.
If not specified, will default to the country provided in the X-AppEngine-Country header
...
Development
To run the typescript compiler on the source files run. This will start a watch process on the sources and build them into the lib folder.
npm run build:watch
In addition you can run the test watcher in a separate tab to run the tests in watch mode on the files in the lib folder.
npm run test:watch
FAQs
A Swagger codegen for JavaScript
We found that @jmms/swagger-codegen demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Nov 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026