express-openapi-validator - npm Package Compare versions

Comparing version 5.3.6 to 5.3.7

dist/framework/base.path.js

@@ -22,3 +22,3 @@ "use strict";
             // has variable that we need to check out
-            urlPath = urlPath.replace(/{(\w+)}/g, (substring, p1) => `:${p1}(.*)`);
+            urlPath = urlPath.replace(/{(\w+)}/g, (substring, p1) => `:"${p1}"`);
         }
@@ -64,3 +64,5 @@ this.expressPath = urlPath;
         const allParamCombos = cartesian(...allParams);
-        const toPath = (0, path_to_regexp_1.compile)(this.expressPath);
+        // path-to-regexp v 8.x.x requires we escape the open and close parentheses `(`,`)` added a replace function to catch that use case.
+        const filteredExpressPath = this.expressPath.replace(/[(]/g, '\\\\(').replace(/[)]/g, '\\\\)');
+        const toPath = (0, path_to_regexp_1.compile)(filteredExpressPath);
         const paths = new Set();
@@ -67,0 +69,0 @@ for (const combo of allParamCombos) {

dist/framework/openapi.spec.loader.js

@@ -80,2 +80,12 @@ "use strict";
         // const pass1 = part.replace(/\{(\/)([^\*]+)(\*)}/g, '$1:$2$3');
+        //if wildcard path use new path-to-regex expected model
+        if (/[*]/g.test(part)) {
+            // /v1/{path}* => /v1/*path)
+            // /v1/{path}(*) => /v1/*path)
+            const pass1 = part.replace(/\/{([^}]+)}\({0,1}(\*)\){0,1}/g, '/$2$1');
+            // substitute params with express equivalent
+            // /path/{multi}/test/{/*path}=> /path/:multi/test/{/*path}
+            return pass1.replace(/\{([^\/}]+)}/g, ':$1');
+            //return pass1;
+        }
         // instead create our own syntax that is compatible with express' pathToRegex
@@ -82,0 +92,0 @@ // /{path}* => /:path*)

dist/middlewares/openapi.metadata.js

@@ -67,3 +67,2 @@ "use strict";
             const _schema = responseApiDoc === null || responseApiDoc === void 0 ? void 0 : responseApiDoc.paths[pathKey][method.toLowerCase()];
-            const keys = [];
             const strict = !!req.app.enabled('strict routing');
@@ -75,6 +74,6 @@ const sensitive = !!req.app.enabled('case sensitive routing');
             };
-            const regexp = (0, path_to_regexp_1.pathToRegexp)(expressRoute, keys, pathOpts);
-            const matchedRoute = regexp.exec(path);
+            const regexpObj = (0, path_to_regexp_1.pathToRegexp)(expressRoute, pathOpts);
+            const matchedRoute = regexpObj.regexp.exec(path);
             if (matchedRoute) {
-                const paramKeys = keys.map((k) => k.name);
+                const paramKeys = regexpObj.keys.map((k) => k.name);
                 try {
@@ -81,0 +80,0 @@ const paramsVals = matchedRoute.slice(1).map(decodeURIComponent);

package.json

 {
   "name": "express-openapi-validator",
-  "version": "5.3.6",
+  "version": "5.3.7",
   "description": "Automatically validate API requests and responses with OpenAPI 3 and Express.",
@@ -37,3 +37,3 @@ "main": "dist/index.js",
     "@apidevtools/json-schema-ref-parser": "^11.7.0",
-    "@types/multer": "^1.4.11",
+    "@types/multer": "^1.4.12",
     "ajv": "^8.17.1",
@@ -49,3 +49,3 @@ "ajv-draft-04": "^1.0.0",
     "ono": "^7.1.3",
-    "path-to-regexp": "^6.3.0"
+    "path-to-regexp": "^8.1.0"
   },
@@ -52,0 +52,0 @@ "devDependencies": {

New alerts

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

369908

0.29%

Lines of code

6271

0.18%

Dependency changes

• - Removed

  path-to-regexp@6.3.0
  (transitive)

• Updated

  @types/multer@^1.4.12

• Updated

  path-to-regexp@^8.1.0