express-api - npm Package Compare versions

Comparing version 0.0.0 to 0.0.1

package.json

 {
   "name": "express-api",
-  "version": "0.0.0",
-  "description": "Swagger API framework.",
+  "version": "0.0.1",
+  "description": "",
   "main": "index.js",
@@ -9,4 +9,22 @@ "scripts": {
   },
-  "author": "Mario Gutierrez <mario@mgutz.com>",
-  "license": "ISC"
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "cson-safe": "^0.1.1",
+    "js-yaml": "^3.0.2",
+    "lodash": "^2.4.1",
+    "serve-static": "^1.2.3"
+  },
+  "peerDependencies": {
+    "express": "4.x"
+  },
+  "devDependencies": {
+    "express": "^4.4.2"
+  },
+  "keywords": [
+    "swagger",
+    "express",
+    "api",
+    "resource"
+  ]
 }

README.md

 # express-api
 
-Swagger API framework.
+Express-api is an API framework based on Swagger.
+
+Express-api uses CSON, JSON or YAML files to expose your apis using the
+eapiger specs. Express-eapi reloads schemas in development facilitating schema
+creation.
+
+DO NOT USE, WIP! Documentation is inaccurate.
+
+## Using
+
+Install the library
+
+    npm install express-api
+
+Create resource listings schema and resource schema files in a common
+directory, eg `public/api/docs`. Here are the official examples
+
+- [petstore resource listing](http://petstore.eapiger.wordnik.com/api/api-docs)
+- [petstore resource](http://petstore.eapiger.wordnik.com/api/api-docs/pet)
+
+Implement your resource API. NOTE, the name of your resoure methods must match
+the `nickname` property in the schema operations
+
+```
+//// pet.json
+apis: [{
+  path: "/pet/{petId}",
+  operations: [{
+    summary: "Find pet by ID",
+    nickname: "getPetById",
+   }]
+}]
+```
+
+```
+//// resource/pet.js
+exports.getPetById = function(req, res) {
+}
+```
+
+Wire it all up
+
+```
+var express = require('express');
+var app = express();
+var Swag = require('express-eapi');
+
+// create routers for API and docs
+var apiRouter = express.Router();
+var docsRouter = epxress.Router();
+app.use('/api', apiRouter);
+app.use('/api/api-docs', docsRouter);
+
+var eapi = new Swag({
+  apiRouter: apiRouter,
+  docsRouter: docsRouter,
+  docsDir: 'public/api/docs',
+  extname: '.json'
+});
+
+eapi
+  .addApi('pet.json', require('./resources/pet.js'))
+  .addApi('user.json', require('./resources/user.js'))
+  .configureDocs('index.json', 'http://localhost:8000/api');
+
+app.listen(3000);
+```
+
+Browser your json schemas at `http://localhost:3000/api/api-docs` or
+through the eapiger UI.
+
+## Middleware
+
+The primary reason for creating express-api is the lack of support for
+plain middleware in other frameworks.
+
+The implementation method can either be a function or array of functions.
+
+    exports.getPetById = function(req, res, next) { ... };
+
+    exports.getPetById = [
+      validationMiddleware({ body: {id: joi.integer()}}),
+      function(req, res, next) { ... };
+    ];
+
+That can be a bit tedious. Express-api can use middleware as plugins. Let's
+create one.
+
+    function validate(req, res, next) {
+      // get the spec for the current operation
+      var spec = req.__eapiger.operation;
+      var params = spec.parameters;
+      params.forEach(function(param) {
+        if (param.required && param.paramType === 'path')  {
+          if (!req.params[param.name]) res.send(400, 'Require argument missing' + param.name);
+        }
+      });
+
+      next();
+    }
+
+To use it
+
+    eapi
+      .use(validate)
+      .addApi('pet.json', require('./resources/pet.js'))
+
+The position matters. All middleware used before `addApi` are applied before
+a operation method in the pipeline. Post filters look like this.
+
+    eapi
+      .addApi('pet.json', require('./resources/pet.js'))
+      .use(normalizeResult);

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 4 instances in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Minified code

Quality

This package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

Fixed alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

574017

increased by191239%

Number of package files

31

increased by1450%

Lines of code

9850

increased byInfinity%

Number of lines in readme file

116

increased by2800%

Worsened metrics

Dependency count

5

increased byInfinity%

Dev dependency count

1

increased byInfinity%

Number of low maintenance alerts

3

increased by50%

Number of low quality alerts

4

increased by33.33%

Number of low supply chain risk alerts

13

increased by1200%

Number of medium supply chain risk alerts

8

increased by700%

Dependency changes

• + Addedcson-safe@^0.1.1

• + Addedjs-yaml@^3.0.2

• + Addedlodash@^2.4.1

• + Addedserve-static@^1.2.3

• + AddedStringScanner@0.0.3(transitive)

• + Addedabbrev@1.1.1(transitive)

• + Addedaccepts@1.3.8(transitive)

• + Addedamdefine@1.0.1(transitive)

• + Addedargparse@1.0.10(transitive)

• + Addedarray-flatten@1.1.1(transitive)

• + Addedbody-parser@1.20.3(transitive)

• + Addedbytes@3.1.2(transitive)

• + Addedcall-bind-apply-helpers@1.0.1(transitive)

• + Addedcall-bound@1.0.3(transitive)

• + Addedcoffee-script-redux@2.0.0-beta8(transitive)

• + Addedcontent-disposition@0.5.4(transitive)

• + Addedcontent-type@1.0.5(transitive)

• + Addedcookie@0.7.1(transitive)

• + Addedcookie-signature@1.0.6(transitive)

• + Addedcson-safe@0.1.1(transitive)

• + Addeddebug@2.6.9(transitive)

• + Addeddepd@2.0.0(transitive)

• + Addeddestroy@1.2.0(transitive)

• + Addeddunder-proto@1.0.1(transitive)

• + Addedee-first@1.1.1(transitive)

• + Addedencodeurl@1.0.22.0.0(transitive)

• + Addedes-define-property@1.0.1(transitive)

• + Addedes-errors@1.3.0(transitive)

• + Addedes-object-atoms@1.1.1(transitive)

• + Addedescape-html@1.0.3(transitive)

• + Addedescodegen@0.0.28(transitive)

• + Addedescope@1.0.3(transitive)

• + Addedesmangle@0.0.17(transitive)

• + Addedesprima@1.0.44.0.1(transitive)

• + Addedesshorten@0.0.2(transitive)

• + Addedestraverse@1.2.01.3.22.0.0(transitive)

• + Addedetag@1.8.1(transitive)

• + Addedexpress@4.21.2(transitive)

• + Addedfinalhandler@1.3.1(transitive)

• + Addedforwarded@0.2.0(transitive)

• + Addedfresh@0.5.2(transitive)

• + Addedfunction-bind@1.1.2(transitive)

• + Addedget-intrinsic@1.2.7(transitive)

• + Addedget-proto@1.0.1(transitive)

• + Addedgopd@1.2.0(transitive)

• + Addedhas-symbols@1.1.0(transitive)

• + Addedhasown@2.0.2(transitive)

• + Addedhttp-errors@2.0.0(transitive)

• + Addediconv-lite@0.4.24(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedipaddr.js@1.9.1(transitive)

• + Addedjs-yaml@3.14.1(transitive)

• + Addedlodash@2.4.2(transitive)

• + Addedmath-intrinsics@1.1.0(transitive)

• + Addedmedia-typer@0.3.0(transitive)

• + Addedmerge-descriptors@1.0.3(transitive)

• + Addedmethods@1.1.2(transitive)

• + Addedmime@1.6.0(transitive)

• + Addedmime-db@1.52.0(transitive)

• + Addedmime-types@2.1.35(transitive)

• + Addedminimist@0.0.10(transitive)

• + Addedms@2.0.02.1.3(transitive)

• + Addednegotiator@0.6.3(transitive)

• + Addednopt@2.1.2(transitive)

• + Addedobject-inspect@1.13.3(transitive)

• + Addedon-finished@2.4.1(transitive)

• + Addedoptimist@0.6.1(transitive)

• + Addedparseurl@1.3.3(transitive)

• + Addedpath-to-regexp@0.1.12(transitive)

• + Addedproxy-addr@2.0.7(transitive)

• + Addedqs@6.13.0(transitive)

• + Addedrange-parser@1.2.1(transitive)

• + Addedraw-body@2.5.2(transitive)

• + Addedsafe-buffer@5.2.1(transitive)

• + Addedsafer-buffer@2.1.2(transitive)

• + Addedsend@0.19.0(transitive)

• + Addedserve-static@1.16.2(transitive)

• + Addedsetprototypeof@1.2.0(transitive)

• + Addedside-channel@1.1.0(transitive)

• + Addedside-channel-list@1.0.0(transitive)

• + Addedside-channel-map@1.0.1(transitive)

• + Addedside-channel-weakmap@1.0.2(transitive)

• + Addedsource-map@0.1.11(transitive)

• + Addedsprintf-js@1.0.3(transitive)

• + Addedstatuses@2.0.1(transitive)

• + Addedtoidentifier@1.0.1(transitive)

• + Addedtype-is@1.6.18(transitive)

• + Addedunpipe@1.0.0(transitive)

• + Addedutils-merge@1.0.1(transitive)

• + Addedvary@1.1.2(transitive)

• + Addedwordwrap@0.0.3(transitive)