Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
openapi3-ts
Advanced tools
The openapi3-ts npm package is a TypeScript library that provides types and utility functions for working with OpenAPI 3.0.x documents. It allows developers to create, manipulate, and validate OpenAPI specifications programmatically.
Creating OpenAPI documents
This feature allows developers to create new OpenAPI documents by defining the necessary OpenAPI object structure in TypeScript. The code sample represents a basic OpenAPI document structure with the required fields.
{"openApi": "3.0.0","info": {"title": "Sample API","version": "1.0.0"},"paths": {}}
Manipulating OpenAPI documents
This feature allows developers to add or modify paths, operations, and other components within an OpenAPI document. The code sample demonstrates adding a new path with a GET operation to an existing OpenAPI document.
{"openApi": "3.0.0","info": {"title": "Sample API","version": "1.0.0"},"paths": {"/pets": {"get": {"summary": "List all pets","operationId": "listPets","tags": ["pets"],"responses": {"200": {"description": "An paged array of pets"}}}}}}
Validating OpenAPI documents
This feature provides the ability to validate OpenAPI documents against the OpenAPI 3.0.x specification. The code sample shows how to create a validator instance and validate an OpenAPI document.
const OpenAPIValidator = require('openapi3-ts').OpenAPIValidator;const openApiDoc = {openApi: '3.0.0',info: {title: 'Sample API',version: '1.0.0'},paths: {}};const validator = new OpenAPIValidator(openApiDoc);const isValid = validator.validate();
This package allows you to integrate Swagger using JSDoc comments directly in your code. Unlike openapi3-ts, which is more about manipulating OpenAPI objects, swagger-jsdoc is focused on generating OpenAPI documentation from inline comments.
This package is used to serve auto-generated swagger-ui generated API docs from express, based on a swagger.json file. It is different from openapi3-ts in that it is more about serving and displaying documentation rather than creating or manipulating OpenAPI objects.
This package is an OpenAPI validator that validates API requests and responses against an OpenAPI document. It is similar to the validation functionality of openapi3-ts but is a standalone package dedicated to validation.
TypeScript library to help building OpenAPI 3.x compliant API contracts.
Breaking change notice:
Version 4.0 Adds explicit support for OAS 3.0 and OAS 3.1 as separate implementations.
import { oas31 } from 'openapi3-ts';
Or directly import from subpath:
import { OpenAPIObject, OpenApiBuilder } from 'openapi3-ts/oas31';
import { oas30 } from 'openapi3-ts';
Or directly import from subpath:
import { OpenAPIObject, OpenApiBuilder } from 'openapi3-ts/oas30';
/src/model
TS typed interfaces for helping building a contract./src/dsl
Fluent DSL for building a contract.Install package via npm:
npm i --save openapi3-ts
Licensed under the MIT License.
Contact: Pedro J. Molina | github: pjmolina | twitter: pmolinam
(c) 2017-2024. Pedro J. Molina at Metadev S.L. https://metadev.pro & contributors.
FAQs
TS Model & utils for OpenAPI 3.x specification.
The npm package openapi3-ts receives a total of 1,972,397 weekly downloads. As such, openapi3-ts popularity was classified as popular.
We found that openapi3-ts demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.