
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
@nldoc/openapi-test-set-generator
Advanced tools
A powerful CLI tool for generating comprehensive test sets from OpenAPI 3.1.0 specifications. This TypeScript library automatically creates valid and invalid test examples based on schema definitions, enabling robust API validation testing.
The OpenAPI Test Set Generator extracts examples from OpenAPI specifications and systematically creates test variants to validate API implementations. It processes schema definitions and generates:
This tool is essential for:
Install the package globally:
npm install -g @nldoc/openapi-test-set-generator
Or as a development dependency:
npm install --save-dev @nldoc/openapi-test-set-generator
Create a configuration file (e.g., test-generator.yaml):
input:
openapi: ./api/openapi.json
output:
valid: ./tests/examples.valid.json
invalid: ./tests/examples.invalid.json
variantsOnExamples:
property:
# All examples in openapi.json are valid by default
- where: {}
do: {}
valid: true
# Generate invalid examples by removing required properties
- where:
required: true
hasDefault: false
do:
remove: true
valid: false
Run the generator:
openapi-test-set-generator extract-examples --input test-generator.yaml
Or using npx:
npx @nldoc/openapi-test-set-generator extract-examples -i test-generator.yaml
The generator uses a YAML configuration file with the following structure:
input:
openapi: <path-to-openapi-spec> # Path to your OpenAPI specification (JSON/YAML)
output:
valid: <output-path-for-valid-examples> # Where to save valid test examples
invalid: <output-path-for-invalid-examples> # Where to save invalid test examples
variantsOnExamples:
property:
- where: <conditions> # Conditions to match properties
do: <action> # Action to perform on matched properties
valid: <boolean> # Whether the result should be valid or invalid
The generator supports sophisticated property selection and modification:
Select properties based on their schema characteristics:
where:
type: 'string' # Match by type
format: 'email' # Match by format
required: true # Match required properties
hasDefault: false # Match properties without defaults
minLength:
$gte: 1 # Match strings with minLength >= 1
maxLength:
$lte: 100 # Match strings with maxLength <= 100
do:
set: <value> # Set property to a specific value
remove: true # Remove the property entirely
truncate: 10 # Truncate string to specified length
The generator automatically traverses nested object structures to find and modify properties at any depth:
variantsOnExamples:
property:
# Modifies all email fields, even deeply nested ones
- where:
type: 'string'
format: 'email'
do:
set: 'invalid-email'
valid: false
# Removes all non-required nested properties
- where:
required: false
do:
remove: true
valid: true
Clone the repository:
git clone https://gitlab.com/logius/nldoc/lib/typescript/openapi-test-set-generator.git
cd openapi-test-set-generator
Install dependencies:
npm install
Build the project:
npm run build
npm run build - Compile TypeScript to JavaScriptnpm run build:check - Type-check without emitting filesnpm test - Run test suite with coveragenpm run test:watch - Run tests in watch modenpm run lint - Lint the codebasenpm run format - Format code with Prettiernpm run format:check - Check code formattingnpm run fix - Auto-fix linting and formatting issuesExtract and generate test examples from an OpenAPI specification.
openapi-test-set-generator extract-examples --input <config-file>
Options:
-i, --input <file> - Path to the configuration file (required)Examples:
openapi-test-set-generator extract-examples --input otsg.yaml
openapi-test-set-generator extract-examples -i otsg.yml
import {
importOpenAPIFile,
extractSchemaObjectsWithExamples,
createExampleVariantsFromSchemasOnQueries
} from '@nldoc/openapi-test-set-generator';
// Load OpenAPI specification
const spec = await importOpenAPIFile('path/to/openapi.json');
// Extract schemas with examples
const schemas = extractSchemaObjectsWithExamples(spec);
// Generate test variants
const { valid, invalid } = await createExampleVariantsFromSchemasOnQueries(
schemas,
variantQueries
);
Required Field Validation
- where:
required: true
hasDefault: false
do:
remove: true
valid: false
String Format Validation
- where:
type: 'string'
format: 'uuid'
do:
set: 'invalid-uuid'
valid: false
Array Constraints
- where:
type: 'array'
required: true
hasDefault: false
do:
set: []
valid: false
Boolean Value Testing
- where:
type: 'boolean'
do:
set: true
valid: true
- where:
type: 'boolean'
do:
set: false
valid: true
This generator can be integrated into any project that uses OpenAPI specifications. Common integration patterns include:
Example integration in package.json:
{
"scripts": {
"build:examples": "openapi-test-set-generator extract-examples -i ./example-generator.yaml"
}
}
Run the test suite:
npm test
Run tests with coverage:
npm run test:watch run
We welcome contributions! Please ensure:
npm test)npm run format:check)npm run lint)npm run build:check)This project is licensed under the European Union Public License 1.2 - see LICENSE for details.
FAQs
OpenApi test set generator
The npm package @nldoc/openapi-test-set-generator receives a total of 14 weekly downloads. As such, @nldoc/openapi-test-set-generator popularity was classified as not popular.
We found that @nldoc/openapi-test-set-generator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.