Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
swagger-snippet
Advanced tools
Generates code snippets for given Swagger / Open API Specification files
Generates code snippets for given Swagger / Open API specification files.
This package takes as input a Swagger 2.0 / OpenAPI v3.0.x specification. It translates the specification into an HTTP Archive 1.2 request object. It uses the HTTP Snippet library to generate code snippets for every API endpoint (URL path + HTTP method) defined in the specification in various languages & tools (cURL
, Node
, Python
, Ruby
, Java
, Go
, C#
...).
npm i swagger-snippet
Clone the Swagger Snippet repository. Install required dependencies:
npm i
Build a minified version of Swagger Snippet (swaggersnippet.min.js
):
npm run build
const SwaggerSnippet = require('swagger-snippet')
// define input:
const swagger = ... // a Swagger / Open API specification
const targets = ['node_unirest', 'c'] // array of targets for code snippets. See list below...
try {
// either, get snippets for ALL endpoints:
const results = SwaggerSnippet.getSwaggerSnippets(swagger, targets) // results is now array of snippets, see "Output" below.
// ...or, get snippets for a single endpoint:
const results2 = SwaggerSnippet.getEndpointSnippets(swagger, '/users/{user-id}/relationship', 'get', targets)
} catch (err) {
// do something with potential errors...
}
Include the swaggersnippet.min.js
file created after building the the library (see above) in your HTML page:
<script type="text/javascript" src="path/to/swaggersnippet.min.js"></script>
Use Swagger Snippet, which now defines the global variable SwaggerSnippet
.
The output for every endpoint is an object, containing the method
, url
, a human-readable description
, and the corresponding resource
- all of these values stem from the specification. In addition, within the snippets
list, an object containing a code snippet for every chosen target is provided. As of version 0.4.0
, the snippets include exemplary payload data.
If getSwaggerSnippets
is used, an array of the above described objects is returned.
For example:
[
...
{
"method": "GET",
"url": "https://api.instagram.com/v1/users/{user-id}/relationship",
"description": "Get information about a relationship to another user.",
"resource": "relationship",
"snippets": [
{
"id": "node",
"title": "Node + Native",
"content": "var http = require(\"https\");\n\nvar options = {..."
}
]
}
...
]
Currently, swagger-snippet supports the following targets (depending on the HTTP Snippet library):
c_libcurl
(default)csharp_restsharp
(default)go_native
(default)java_okhttp
java_unirest
(default)javascript_jquery
javascript_xhr
(default)node_native
(default)node_request
node_unirest
objc_nsurlsession
(default)ocaml_cohttp
(default)php_curl
(default)php_http1
php_http2
python_python3
(default)python_requests
ruby_native
(default)shell_curl
(default)shell_httpie
shell_wget
swift_nsurlsession
(default)If only the language is provided (e.g., c
), the default library will be selected.
License: MIT
FAQs
Generates code snippets for given Swagger / Open API Specification files
We found that swagger-snippet demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.