Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

swagger-brake not reporting violation in breaking changes | MIN/MAX validation | POST object mandatory field validation #42

Closed
madhur2928 opened this issue Oct 6, 2020 · 6 comments
Closed

swagger-brake not reporting violation in breaking changes | MIN/MAX validation | POST object mandatory field validation #42

madhur2928 opened this issue Oct 6, 2020 · 6 comments
Labels
2.2.0

Comments

@madhur2928
Copy link

I am facing couple of issues where swagger-brake is not reporting violation in breaking changes

  1. Changed minimum/ maximum validation in new contract. please find the example below

Old Contract
{
"name": "orderId",
"in": "path",
"description": "ID of pet that needs to be fetched",
"required": true,
"type": "integer",
"maximum": 10,
"minimum": 1,
"format": "int64"
},

New Contract
{
"name": "orderId",
"in": "path",
"description": "ID of pet that needs to be fetched",
"required": true,
"type": "integer",
"maximum": 5,
"minimum": 3,
"format": "int64"
},

Output
Loading old API from swagger-old.json
Loading new API from swagger-new.json
Successfully loaded APIs
Starting the check for breaking API changes
Check is finished
No breaking API changes detecte

  1. Changed POST object field from optional to mandatory in new contract. please find the example below

Old Contract:
"Pet": {
"type": "object",
"required": [
"photoUrls"
],

New Contract:
"Pet": {
"type": "object",
"required": [
"photoUrls",
"name"
],

Output
Loading old API from swagger-old.json
Loading new API from swagger-new.json
Successfully loaded APIs
Starting the check for breaking API changes
Check is finished
No breaking API changes detected

Attached both old and new swagger json files

swagger.zip

Please look into it and let me know in case any further details are needed.

Thanks,
Madhur
@galovics galovics added the 1.2.0 label Oct 6, 2020
@galovics
Copy link
Member

galovics commented Oct 6, 2020

@madhur2928 thanks for reporting. Certainly the min/max validation is something missing from the current ruleset, however the second use-case should fail. Anyway, I'll look into both of the cases and get back to you soon.

galovics added a commit that referenced this issue Oct 10, 2020
@galovics
#42 request body required validation
91971e3
galovics added a commit that referenced this issue Oct 13, 2020
@galovics
#42 implemented detection for maximum/minimum/exclusiveMaximum/exclus…
3f25767 
…iveMinimum attributes for integer parameter types
galovics added a commit that referenced this issue Oct 13, 2020
@galovics
#42 support of maximum/minimum constraints on number/float/double par…
5793d66 
…ameters
galovics added a commit that referenced this issue Oct 13, 2020
@galovics
#42 added integration tests for number typed constraints
d63a669
@galovics
Copy link
Member

Fixed on master, new version will be released soon.

@madhur2928
Copy link
Author

thanks @galovics for fixing the issue. I took a checkout from master and tried replicating the issue.
Both min/max validation and post object mandatory field validation is working fine now.

But still facing couple of issues.

  1. min/max validation is working only for GET params but not for POST fields
  2. regex validation (pattern) is not working for both GET and POST

attached the json files
swagger.zip

@galovics galovics reopened this Nov 17, 2020
@galovics
Copy link
Member

@madhur2928 let me take another look then at request body validations. Perhaps I missed it. :)

@galovics
Copy link
Member

@madhur2928 in fact request body validation was completely missing, so I'm doing the implementation.

Also, please bear in mind that I intentionally did not implement the regex constraint validation. In my opinion it's way too complicated to implement something like that. The only thing swagger-brake could easily verify if the pattern has changed, but IMHO that's going to result in many false positives. Somehow it should rather detect if the new regex is equal in terms of semantics or an expansion of the original regex. If you have any ideas, feel free to share.

galovics added a commit that referenced this issue Nov 26, 2020
@galovics
#42 introduced constraint validation on request bodies
a990f9c
@galovics
Copy link
Member

@madhur2928 give it a try from latest master, let's see how it goes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
2.2.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@galovics @madhur2928