Sync upstream (Stripe OpenAPI v1941 / basil)#1
Open
Sam Zabriskie (sammyz-onx) wants to merge 29 commits into
Open
Sync upstream (Stripe OpenAPI v1941 / basil)#1Sam Zabriskie (sammyz-onx) wants to merge 29 commits into
Sam Zabriskie (sammyz-onx) wants to merge 29 commits into
Conversation
* chore: sync files with beam-community/common-config
* fix: satisfy mix format and mix credo CI checks
- Add {:credo, "~> 1.7"} to deps to fix missing credo task
- Reformat all files to satisfy the new line_length: 120 setting
introduced by the common-config sync in .formatter.exs
* fix: satisfy mix credo --strict CI check
Add # credo:disable-for-this-file to all 137 generated files to suppress
auto-generated code violations. Fix remaining issues in non-generated code:
- Correct inline disable annotation syntax (disable-for-this-file, not disable-for-file)
- Resolve SinglePipe, PipeChainStart, NestedFunctionCalls violations
- Fix StrictModuleLayout ordering in api.ex and test files
- Replace Module.concat with Module.safe_concat in converter.ex
- Rewrite Request.new_request pipe chains to start with opts variable
* fix: add credo disable annotation to new generated files and fix compile.ex issues
Upstream added 24 new generated Stripe API files that lacked the
`# credo:disable-for-this-file` annotation. Also fixes three remaining
credo issues in compile.ex introduced by the rebased upstream changes:
NestedFunctionCalls in to_type/1, UnsafeToAtom in safe_type_name/1,
and CondWithSingleClause in type_spec_name/1. Formatting auto-fixed
across all generated files and test helpers.
* chore: migrate to ci.yaml, add stripe-mock service, remove old workflows
Replace ci.yml with the common-config synced ci.yaml. Adds the
stripe-mock service container and required env vars (STRIPE_SECRET_KEY,
SKIP_STRIPE_MOCK_RUN, SHELL) to the Test job so the suite can run
against the mock API. Removes the old deploy.yml and stale.yml
workflows superseded by the common-config versions.
* fix: restore generated files to v1941 SDK version with credo annotations
Previous commits inadvertently reverted the v1941 Stripe OpenAPI SDK
update when applying credo and formatting fixes. This restores all
lib/generated/*.ex files to their correct v1941 content and adds only
the `# credo:disable-for-this-file` annotation at the top of each.
* chore: exclude generated files from formatter
* chore: ignore formatter.exs in common config
* chore: restore lib/generated
* chore: ignore lib/generated
* chore: ignore .credo.exs in common config
* fix: typo
* fix: remove stale require of pre-rename StripeMock module
The module was renamed to Stripe.StripeMock upstream. The `require`
directive referenced the old top-level name and is unnecessary anyway
since Stripe.StripeMock defines no macros. The `alias` is sufficient
for the bare StripeMock.foo() call sites.
* fix: skip tests using v1941 API features unsupported by stripe-mock v0.144.0
The v1941 SDK update (70a675f) updated these tests to exercise newer
API features (Invoice.create_preview, the `object` query param on
external accounts, the `promotion` body param on promotion codes) and
removed their pre-existing `@tag :skip`. CI uses stripe-mock v0.144.0
whose bundled OpenAPI spec doesn't yet recognize those endpoints/params,
so the tests fail with "additional properties are not allowed". Re-tag
them `:skip` until the stripe-mock image is bumped.
* chore: bump stripe-mock to v0.198.0 and re-enable v1941-era tests
v0.198.0's bundled OpenAPI spec covers the API features exercised by
the v1941 test updates (Invoice.create_preview, the `object` query
param on external accounts, and the `promotion` body param on
promotion codes), so the previously-skipped tests can run against the
service container again.
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Sean Callan <seancallan@gmail.com>
…ty#888) Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2 to 3. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](dependabot/fetch-metadata@v2...v3) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v2...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…community#890) Bumps [googleapis/release-please-action](https://github.com/googleapis/release-please-action) from 4 to 5. - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](googleapis/release-please-action@v4...v5) --- updated-dependencies: - dependency-name: googleapis/release-please-action dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the prod group with 4 updates: [hackney](https://github.com/benoitc/hackney), [jason](https://github.com/michalmuskala/jason), [plug](https://github.com/elixir-plug/plug) and [telemetry](https://github.com/beam-telemetry/telemetry). Updates `hackney` from 1.20.1 to 4.0.0 - [Release notes](https://github.com/benoitc/hackney/releases) - [Changelog](https://github.com/benoitc/hackney/blob/master/NEWS.md) - [Commits](benoitc/hackney@1.20.1...4.0.0) Updates `jason` from 1.4.1 to 1.4.4 - [Release notes](https://github.com/michalmuskala/jason/releases) - [Changelog](https://github.com/michalmuskala/jason/blob/v1.4.4/CHANGELOG.md) - [Commits](michalmuskala/jason@v1.4.1...v1.4.4) Updates `plug` from 1.15.3 to 1.19.1 - [Changelog](https://github.com/elixir-plug/plug/blob/main/CHANGELOG.md) - [Commits](elixir-plug/plug@v1.15.3...v1.19.1) Updates `telemetry` from 1.2.1 to 1.4.1 - [Changelog](https://github.com/beam-telemetry/telemetry/blob/main/CHANGELOG.md) - [Commits](beam-telemetry/telemetry@v1.2.1...v1.4.1) --- updated-dependencies: - dependency-name: hackney dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod - dependency-name: jason dependency-version: 1.4.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod - dependency-name: plug dependency-version: 1.19.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod - dependency-name: telemetry dependency-version: 1.4.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…il_compat (beam-community#896) Both packages were transitive dependencies of hackney < 4.0 and are no longer required after the upgrade to hackney 4.0.
…munity#893) * fix: use conn returned from read_body in WebhookPlug Hoisting Conn.read_body/1 before the with block ensures the updated conn is in outer scope and used for all response paths, including the error branches in the else clause. Closes beam-community#855 * fix(webhook_plug): restore signature short-circuit and handle read_body errors Move read_body back into the with chain using <- instead of =: - Signature header is checked first again (no body read on unsigned requests) - Non-ok returns from read_body ({:more, ...} or {:error, ...}) now fall to the else clause as a 400 rather than raising a MatchError
…eam-community#895) * feat: add rich telemetry metadata to API requests and webhook events Incorporates changes from abandoned PR beam-community#833 (robuye/rob-telemetry) with outstanding reviewer feedback applied. API requests now emit stripe.request.{start,stop,exception} events with structured metadata: http_method, http_url (query params stripped to avoid leaking sensitive data like emails), http_status_code, http_retry_count, stripe_api_endpoint, and stripe_api_version. Webhook handler now emits stripe.webhook.{start,stop,exception} events with event type and handler_status (ok/error), enabling RED-method monitoring per Stripe event type. Also fixes flaky test ordering in assert_stripe_requested by comparing query params as a set rather than a full URL string. * fix: address Copilot review feedback on telemetry PR - Replace Kernel.then/2 (Elixir 1.12+) with inline tuple mapping in the webhook handler case branches; the project still supports Elixir 1.11 - Inject current attempt count into start metadata so http_retry_count is accurate on retries (was always reported as 0 in the start event) - Detach telemetry handlers in on_exit to prevent global handler leakage across tests - Restore full URL assertion in assert_stripe_requested (scheme/host/port in addition to path) and assert exact query-param equivalence rather than a subset match
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…eam-community#894) * Allow returning responses as json. * typo. * feat: replace response_as_json boolean with response_as enum Incorporates PR beam-community#805 feedback: replaces the `response_as_json: true/false` option with a `response_as: :struct | :map | :raw` enum. - `:struct` (default) – converts result to typed Stripe structs (existing behaviour) - `:map` – returns the decoded response as a plain map with string keys, useful for serialising and storing Stripe responses; convert back later with `Stripe.Converter.convert_result/1` - `:raw` – returns the raw JSON string (original payload for webhooks; re-encoded JSON for API requests) Adds `@type response_as :: :struct | :map | :raw` to the public Stripe module and covers all three variants with ExUnit tests on `Stripe.Webhook`. * fix: incorporate PR feedback on response_as - Update @specs for `Stripe.Webhook.construct_event/5` and `Stripe.Request.{make_request,make_file_upload_request}/1` to include `map() | String.t()` return shapes alongside the existing struct return. - Add a 4-arg `construct_event` head that detects a keyword list as the 4th argument so callers can pass `response_as: :map` without specifying an explicit tolerance, mirroring the dispatch pattern already used in `Stripe.Request.put_params/2`. - Cover the new arity with an ExUnit test. * style: replace single-call pipeline in convert_to_map! Credo's `Credo.Check.Readability.SinglePipe` flagged `payload |> decode!()`. A pipeline with only one function call adds noise — call the function directly instead. * fix: incorporate PR feedback on raw encoding and webhook docs - `Stripe.Request.format_response/2`: pipe `:raw` encoding through `IO.iodata_to_binary/1` so the result honours the `String.t()` spec even when `:json_library` is configured to a library whose `encode!/1` returns iodata (e.g., Poison). - `Stripe.Webhook.construct_event/5`: document the new `opts` parameter, the supported `:response_as` values, and the 4-arg shortcut form so the docstring matches the function's current contract. --------- Co-authored-by: David McHealy <david@simplecast.com>
…munity#901) PR beam-community#893 attempted to fix issue beam-community#855 (Bandit.HTTPError corrupting subsequent webhook requests) but the change was a no-op: Elixir's `with`/`else` captures the outer scope at the point the `with` begins, so rebinding `conn` inside a generator does not make the new `conn` visible to the `else` branches. All error responses (bad signature, handler errors) were still being sent on the pre-`read_body` conn. When `send_resp` runs on a stale conn, Bandit believes the request body has not been consumed and drains `Content-Length` bytes from the socket when sending the response. On a keep-alive HTTP/1.1 connection (which Stripe uses), those bytes get eaten from the *next* request, corrupting its request line and producing the `Bandit.HTTPError` reported by users. Extract the post-`read_body` work into a private `process_event/6` helper. Function parameters are not `with` rebindings, so the inner `with`'s `else` sees the post-`read_body` conn correctly. Order is preserved: signature header is checked before the body is read.
Bumps the dev group with 4 updates: [ex_doc](https://github.com/elixir-lang/ex_doc), [excoveralls](https://github.com/parroty/excoveralls), [inch_ex](https://github.com/rrrene/inch_ex) and [mox](https://github.com/dashbitco/mox). Updates `ex_doc` from 0.31.1 to 0.40.1 - [Release notes](https://github.com/elixir-lang/ex_doc/releases) - [Changelog](https://github.com/elixir-lang/ex_doc/blob/main/CHANGELOG.md) - [Commits](elixir-lang/ex_doc@v0.31.1...v0.40.1) Updates `excoveralls` from 0.18.0 to 0.18.5 - [Release notes](https://github.com/parroty/excoveralls/releases) - [Changelog](https://github.com/parroty/excoveralls/blob/master/CHANGELOG.md) - [Commits](parroty/excoveralls@v0.18.0...v0.18.5) Updates `inch_ex` from 2.0.0 to 2.1.0 - [Changelog](https://github.com/rrrene/inch_ex/blob/master/CHANGELOG.md) - [Commits](rrrene/inch_ex@v2.0.0...v2.1.0) Updates `mox` from 1.1.0 to 1.2.0 - [Changelog](https://github.com/dashbitco/mox/blob/main/CHANGELOG.md) - [Commits](dashbitco/mox@v1.1.0...v1.2.0) --- updated-dependencies: - dependency-name: ex_doc dependency-version: 0.40.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev - dependency-name: excoveralls dependency-version: 0.18.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev - dependency-name: inch_ex dependency-version: 2.1.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev - dependency-name: mox dependency-version: 1.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the dev group with 2 updates: [dialyxir](https://github.com/jeremyjh/dialyxir) and [erlexec](https://github.com/saleyn/erlexec). Updates `dialyxir` from 1.4.3 to 1.4.7 - [Release notes](https://github.com/jeremyjh/dialyxir/releases) - [Changelog](https://github.com/jeremyjh/dialyxir/blob/master/CHANGELOG.md) - [Commits](jeremyjh/dialyxir@1.4.3...1.4.7) Updates `erlexec` from 2.0.6 to 2.3.0 - [Changelog](https://github.com/saleyn/erlexec/blob/master/CHANGELOG.txt) - [Commits](saleyn/erlexec@2.0.6...2.3.0) --- updated-dependencies: - dependency-name: dialyxir dependency-version: 1.4.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev - dependency-name: erlexec dependency-version: 2.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the prod group with 2 updates: [jason](https://github.com/michalmuskala/jason) and [telemetry](https://github.com/beam-telemetry/telemetry). Updates `jason` from 1.4.4 to 1.4.5 - [Release notes](https://github.com/michalmuskala/jason/releases) - [Changelog](https://github.com/michalmuskala/jason/blob/master/CHANGELOG.md) - [Commits](michalmuskala/jason@v1.4.4...v1.4.5) Updates `telemetry` from 1.4.1 to 1.4.2 - [Changelog](https://github.com/beam-telemetry/telemetry/blob/main/CHANGELOG.md) - [Commits](beam-telemetry/telemetry@v1.4.1...v1.4.2) --- updated-dependencies: - dependency-name: jason dependency-version: 1.4.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod - dependency-name: telemetry dependency-version: 1.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…-community#907) Bumps the dev group with 1 update: [ex_doc](https://github.com/elixir-lang/ex_doc). Updates `ex_doc` from 0.40.1 to 0.40.2 - [Release notes](https://github.com/elixir-lang/ex_doc/releases) - [Changelog](https://github.com/elixir-lang/ex_doc/blob/main/CHANGELOG.md) - [Commits](elixir-lang/ex_doc@v0.40.1...v0.40.2) --- updated-dependencies: - dependency-name: ex_doc dependency-version: 0.40.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/stale](https://github.com/actions/stale) from 10 to 10.2.0. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v10...v10.2.0) --- updated-dependencies: - dependency-name: actions/stale dependency-version: 10.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…community#909) Bumps the prod group with 1 update: [plug](https://github.com/elixir-plug/plug). Updates `plug` from 1.19.1 to 1.19.2 - [Changelog](https://github.com/elixir-plug/plug/blob/main/CHANGELOG.md) - [Commits](elixir-plug/plug@v1.19.1...v1.19.2) --- updated-dependencies: - dependency-name: plug dependency-version: 1.19.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…#911) Bumps [actions/stale](https://github.com/actions/stale) from 10.2.0 to 10.3.0. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v10.2.0...v10.3.0) --- updated-dependencies: - dependency-name: actions/stale dependency-version: 10.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…-community#912) Bumps the prod group with 1 update: [hackney](https://github.com/benoitc/hackney). Updates `hackney` from 4.0.0 to 4.0.2 - [Release notes](https://github.com/benoitc/hackney/releases) - [Changelog](https://github.com/benoitc/hackney/blob/master/NEWS.md) - [Commits](benoitc/hackney@4.0.0...4.0.2) --- updated-dependencies: - dependency-name: hackney dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v6...v6.0.2) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the dev group with 2 updates: [erlexec](https://github.com/saleyn/erlexec) and [ex_doc](https://github.com/elixir-lang/ex_doc). Updates `erlexec` from 2.3.0 to 2.3.2 - [Release notes](https://github.com/saleyn/erlexec/releases) - [Changelog](https://github.com/saleyn/erlexec/blob/master/CHANGELOG.txt) - [Commits](saleyn/erlexec@2.3.0...2.3.2) Updates `ex_doc` from 0.40.2 to 0.40.3 - [Release notes](https://github.com/elixir-lang/ex_doc/releases) - [Changelog](https://github.com/elixir-lang/ex_doc/blob/main/CHANGELOG.md) - [Commits](elixir-lang/ex_doc@v0.40.2...v0.40.3) --- updated-dependencies: - dependency-name: erlexec dependency-version: 2.3.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev - dependency-name: ex_doc dependency-version: 0.40.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Brings in v1941 of the Stripe OpenAPI SDK regen (adds current_period_start and current_period_end to Stripe.SubscriptionItem under API version 2025-03-31 'basil'), plus assorted upstream fixes (WebhookPlug, telemetry metadata, response_as option). Supersedes the previous 'new acacia updates' hand-patch on Stripe.Invoice and Stripe.LineItem: nearly all of its fields are now present in the upstream regen. Two fields are dropped here (Invoice :customer_account and LineItem :subtotal); neither is referenced in onXmaps/money_mogul. Several LineItem fields that the regen removed (:amount_excluding_tax, :plan, :proration*, :subscription_item, :tax_amounts, :tax_rates, :type, :unit_amount_excluding_tax) likewise have no references in money_mogul — they now live under :parent / :pricing per Stripe basil.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
hell ya