Releases: eropple/fastify-openapi3
v1.0.2
v1.0.1
v1.0.0
Minor iterations overall since v0.12.0 with one breaking change to be aware of:
- Autowired security schemes now run as
preValidationhooks instead ofonRequest. The reason for this is... - Autowired security schemes can now see the request body. I had a need for being able to compute an HMAC over a request body in a security scheme, and this seemed like the most effective path forward.
Thanks for using the library!
aside: this took an unpleasant amount of time because of NPM's new trusted-providers scheme, which has caused substantial disruption to a lot of people and unduly privileges GitHub's own product for a result that is at best of murky value. So good job for that, GitHub. I sure do want to give you money these days!
v1.0.0-rc1: tracking typebox 1.0
Typebox hit 1.0, and broke a lot of stuff! Hooray! No, seriously, it was a good thing; they fixed a lot of things that were really a huge pain. It just meant that the fiddling in its guts that this plugin does got really sad. Also there's a weird bug with Fastify stripping out ~kind so I had to work around that too.
All tests pass at present, but I have not used this in anger yet. As such, we're gonna put this as an RC until I have time to evaluate it in anger.
v0.12.0: optional logging for OAS validation errors
- Does what it says on the tin. The options object now takes
printSpecificationOnValidationFailureand only logs your spec when it's true, because otherwise you can smash buffers due to spec length.
v0.11.1
v0.11.0 - vendor extensions for operations
- added
vendorPrefixedFieldsto theoasobject in your Fastify route, which (as per OAS spec) requires all keys to be prefixed withx-. For example:
fastify.get("/vendor-test", {
schema: {
response: {
200: PingResponse,
},
},
oas: {
operationId: "vendorTest",
summary: "Test vendor extensions",
vendorPrefixedFields: {
"x-custom-field": "custom-value",
"x-rate-limit": 100,
"x-internal": true,
"x-complex-object": {
nested: "value",
array: [1, 2, 3],
bool: false,
},
},
},
handler: async (req, reply) => {
return { pong: true };
},
});- (internal) refactored some tests a bit for easier readability.
v0.10.2 - nested schema bug fix
- Fixed a bug in nested schemas caused by everyone's worst enemy: mutable state. (Hiss.) Thanks to @seanedwards for the test case.
Contributors
Assets 2
v0.10.0 - autowired security improvements
- accepts
{ type: "apiKey", in: "cookie" }security schemes for autowired security. - all autowired security schemes now support
passNullIfNoneProvided, which will passnullto your handler function if no credential is found instead of just returning401. This is backwards-compatible with the prior handler implementation.
v0.9.0 - better content type handling!
- Improves behavior when using content types that aren't
application/json. By which I mean...adds behavior. Setting a content type explicitly viaoas.body.contentTypeactually works now.- This won't support multiple content types; still need to think about the best way to do that.
- Example from the test suite:
await fastify.register(
async (fastify: FastifyInstance) => {
fastify.post("/qwop", {
schema: {
body: QwopModel,
response: {
200: PingResponse,
},
},
oas: {
body: {
contentType: "application/x-www-form-urlencoded",
},
},
handler: async (req, reply) => {
return { pong: true };
},
});
},
{ prefix: "/api" }
);
await fastify.ready();- Similarly, response bodies can now be specified with
oas.responses(and similarly it doesn't support multiple content types yet). Example from the test suite:
await fastify.register(
async (fastify: FastifyInstance) => {
fastify.get("/ping", {
schema: {
response: {
200: PingResponse,
},
},
oas: {
responses: {
200: {
description: "No response description specified.",
contentType: "application/x-www-form-urlencoded",
},
},
},
handler: async (req, reply) => {
reply.header("Content-Type", "application/x-www-form-urlencoded");
return "pong=true";
},
});
},
{ prefix: "/api" }
);You will still need @fastify/formbody or similar to actually parse the content.