Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
oas-normalize
Advanced tools
OpenAPI 3.x or Swagger 2.0? YAML or JSON? URL, path, string or object? Who cares! It just works.
The oas-normalize npm package is designed to help developers work with OpenAPI Specification (OAS) documents. It provides functionalities to normalize, validate, and convert OAS documents, making it easier to handle different versions and formats of API specifications.
Normalization
This feature allows you to normalize an OpenAPI Specification document. The code sample demonstrates how to create an instance of OASNormalize with a path to an OAS file and validate it.
const OASNormalize = require('oas-normalize');
const oas = new OASNormalize('path/to/oas/file');
oas.validate().then(() => {
console.log('OAS is valid');
}).catch(err => {
console.error('OAS is invalid', err);
});
Conversion
This feature allows you to convert an OAS document to a different version or format. The code sample shows how to convert an OAS document and log the converted document.
const OASNormalize = require('oas-normalize');
const oas = new OASNormalize('path/to/oas/file');
oas.convert().then(convertedOAS => {
console.log('Converted OAS:', convertedOAS);
}).catch(err => {
console.error('Conversion failed', err);
});
Dereferencing
This feature allows you to dereference an OAS document, resolving all $ref pointers. The code sample demonstrates how to dereference an OAS document and log the dereferenced document.
const OASNormalize = require('oas-normalize');
const oas = new OASNormalize('path/to/oas/file');
oas.dereference().then(dereferencedOAS => {
console.log('Dereferenced OAS:', dereferencedOAS);
}).catch(err => {
console.error('Dereferencing failed', err);
});
Swagger Parser is a powerful tool for parsing, validating, and dereferencing Swagger and OpenAPI documents. It offers similar functionalities to oas-normalize, such as validation and dereferencing, but also includes additional features like bundling multiple files into a single OAS document.
OpenAPI Schema Validator is a package focused on validating OpenAPI documents against the OpenAPI Specification. While it does not offer normalization or conversion features, it provides robust validation capabilities, making it a good choice for ensuring OAS compliance.
Swagger Client is a JavaScript client for Swagger and OpenAPI documents. It provides functionalities for parsing, validating, and interacting with OAS documents. Compared to oas-normalize, it offers more features for interacting with APIs defined by OAS documents, such as making HTTP requests.
OpenAPI 3.x or Swagger 2.0? YAML or JSON? URL, path, string or object? Who cares! It just works.
This module uses a bunch of other great modules to do the heavy lifting, and normalizes everything!
npm install oas-normalize --save
It's pretty simple:
const OASNormalize = require('oas-normalize');
const oas = new OASNormalize(
// Or a string, pathname, JSON blob, whatever
'https://raw.githubusercontent.com/OAI/OpenAPI-Specification/master/examples/v3.0/petstore-expanded.yaml'
);
oas.validate().then(definition => {
// Definition will always be JSON, and valid.
console.log(definition);
}).catch(err => {
console.log(err);
});
For validation errors, when available, you'll get back an object:
{
"details": [
// Ajv pathing errors. For example:
/* {
"instancePath": "/components/securitySchemes/tlsAuth",
"schemaPath": "#/properties/securitySchemes/patternProperties/%5E%5Ba-zA-Z0-9%5C.%5C-_%5D%2B%24/oneOf",
"keyword": "oneOf",
"params": { "passingSchemas": null },
"message": "must match exactly one schema in oneOf"
}, */
]
}
message
is almost always there, but path
is less dependable.
Note: All of these functions are promise-driven.
If you want some more functionality, you can do anything here:
Function | What it does |
---|---|
.load() | Just load the file, valid or not, as JSON |
.bundle() | Bring together all files into one JSON blob (but retain $ref pointers) |
.deref() | Resolve $ref pointers |
.validate([convertToLatest?]) | Validate the whole thing! |
If you want .validate
to always return an OpenAPI 3.x definition, supply true
as its argument:
OASNormalize.validate(true).then(...);
For security reasons, you need to opt into allowing fetching by a local path. To enable it supply the enablePaths
option to the class instance:
const oas = new OASNormalize('./petstore.json', { enablePaths: true })
If you wish errors from .validate()
to be styled and colorized, supply colorizeErrors: true
to your instance of OASNormalize
:
const oas = new OASNormalize('https://example.com/petstore.json', {
colorizeErrors: true,
})
Error messages will look like such:
FAQs
Tooling for converting, validating, and parsing OpenAPI, Swagger, and Postman API definitions
We found that oas-normalize demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.