Release notes
- implements a new request validator
- removes dependencies on openapi-request-coercer, openapi-request-validator, and openapi-security-handler, and openapi-schema-validator
thanks @sheldhur!
Changes
courtesy @richdouglasevans!
The $ref
support is improved
Previously there was an issue with validating $ref
-erences. As a workaround until it was fixed we inlined a few of the types — thus incurring some duplication — and it worked fine.
Upgrading to 1.3.0-rc.3
has allowed me to remove the inlining and go back to nice DRY $ref
-erences.
Error messages have changed
We have tests that exercise validation: I had to change some of these because the error messages reported by express-openapi-validator
changed.
We do some transformation of the validation errors returned by the validator but we do just pass along some of the useful stuff such as the
path
and themessage
unchanged.
Finer-grained path
reporting
For example, one of our tests sent a product (JSON) in the request body with an (invalid) negative price.
Previously we"d get this response:
errors: [
{
"path": "items[0].price",
"message": "Must be >= 0"
}
]
And now we get this response: the path
now is explicit about the error being in the body of the request.
errors: [
{
"path": ".body.items[0].price",
"message": "Must be >= 0"
}
]
Unsupported Media type message changed
Unsupported Content-Type text/plain
➡️ unsupported media type text/plain
Richer format
support
This snippet from our API spec mentions the format
:
quantity:
type: integer
format: int32
minimum: 1
Previously, a test that sent an invalid float value for the quantity
would result in this response:
errors: [
{
"path": "items[0].quantity",
"message": "Must be integer"
}
]
Now we get this response which mentions the format
:
errors: [
{
"path": ".body.items[0].quantity",
"message": "Must be integer"
},
{
"path": ".body.items[0].quantity",
"message": "Must match format \"int32\""
}
]