chore(deps): update dependency express-openapi-validator to v5.3.6 #776

renovate · 2024-09-01T00:58:07Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
express-openapi-validator	`5.3.5` -> `5.3.6`

Release Notes

cdimascio/express-openapi-validator (express-openapi-validator)

`v5.3.6`

Compare Source

(2024-09-13)

bodyParsers is deprecated so update with expess bodyParsers (#974) (6dc3b97), closes #974
Update README.md (772d1dc)
Update README.md (de4219e)
fix: upgrade express-openapi-validator from 5.2.0 to 5.3.1 (#960) (bd636bb), closes #960
chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /examples/9-nestjs (#964) (148fa90), closes #964
chore(deps-dev): bump braces in /examples/7-response-date-serialization (#963) (aa3018a), closes #963

(2024-09-06)

fix: Dereference path parameters (#962) (0aebe5d), closes #962
fix: upgrade express-openapi-validator from 5.2.0 to 5.3.1 (#951) (5b0058d), closes #951
[StepSecurity] ci: Harden GitHub Actions (#959) (78e55be), closes #959
Fix changelog breaking changes notice (#961) (0a8dc2f), closes #961
update README (7334ccd)
chore(deps-dev): bump braces in /examples/5-custom-operation-resolver (#958) (eda5612), closes #958
chore(deps): bump braces in /examples/4-eov-operations-babel (#957) (749a8c8), closes #957
chore(deps): bump webpack and @nestjs/cli in /examples/9-nestjs (#953) (299aad6), closes #953

(2024-08-31)

Change AJV allErrors default and support user setting (#955) (392f1dd), closes #955 #954
Update README.md (f20b1c9)
Use lenient resolver type (#956) (826ba62), closes #956 #921 #952

breaking change

By default, request and response validation now stops after the first failure. Only one error will be reported even when multiple may exist. This follows best practices from AJV:

To report all validation errors (only recommended in development), option allErrors can be set in options validateRequests and/or validateResponses. For example:

app.use(
  OpenApiValidator.middleware({
    apiSpec: 'path/to/openapi.json',
    validateRequests: {
      allErrors: true,
    },
    validateResponses: {
      allErrors: true,
    },
  })
);

(2024-08-24)

chore(deps-dev): bump @babel/traverse in /examples/9-nestjs (#948) (edd054f), closes #948
chore(deps-dev): bump braces in /examples/8-top-level-discriminator (#929) (e3a9526), closes #929
chore(deps-dev): bump ws from 7.5.5 to 7.5.10 in /examples/9-nestjs (#930) (9d5895b), closes #930
fix: correct security schema logic for OR verification (#946) (2265a10), closes #946
fix: upgrade @apidevtools/json-schema-ref-parser from 11.6.4 to 11.7.0 (#947) (ea4129c), closes #947
fix: upgrade ajv from 8.15.0 to 8.17.1 (#945) (087d8f7), closes #945
fix: upgrade express-openapi-validator from 5.1.6 to 5.2.0 (#944) (f022d21), closes #944
version 5.3.2 (4428922)

(2024-08-24)

fix: correct security schema logic for OR verification (#946) (2265a10), closes #946
fix: upgrade express-openapi-validator from 5.1.6 to 5.2.0 (#944) (f022d21), closes #944

(2024-08-05)

Stripped query params for req.url branch arm (#942) (26d06c4), closes #942
Update LICENSE (20727ff)
version 5.2.1 (aace73c)
FIX: issue #917 (#935) (8e66d3f), closes #917 #935
fix: upgrade @apidevtools/json-schema-ref-parser from 11.6.2 to 11.6.4 (#937) (f148eeb), closes #937
fix: upgrade ajv from 8.14.0 to 8.15.0 (#938) (a1ea81f), closes #938
fix: upgrade express-openapi-validator from 5.1.6 to 5.2.0 (#936) (2d75db4), closes #936
chore(deps-dev): bump braces from 3.0.2 to 3.0.3 (#928) (093bd3c), closes #928

(2024-06-02)

Add express as peer dependency (#907) (4e8bc84), closes #907
Add multipart fix when does not exist any body (#905) (5c98d17), closes #905
add reponse serializer tests for arrays (bbbd160)
pass coerceTypes through (#809) (8f7c678), closes #809
Support async operation handler resolver (#921) (a4a7175), closes #921
upgrade ajv (a708132)
upgrade example 3 (43cccc8)
upgrade example 4 (255f20f)
v5.2.0 (42cb3ab)
chore: apiSpec may be const literal (#854) (e35a07c), closes #854
chore(dependencies): bump @apidevtools/json-schema-ref-parser to 11.6.2 to prevent vulnerability (#9 (61ff0cf), closes #918
chore(deps-dev): bump @babel/traverse (#924) (5a04ea9), closes #924
chore(deps): bump axios, @nestjs/common, @nestjs/core, @nestjs/platform-express and @nestjs/testing (b77150f), closes #925
chore(deps): bump webpack and @nestjs/cli in /examples/9-nestjs (#831) (c0c5f4c), closes #831
fix: examples/4-eov-operations-babel/package.json & examples/4-eov-operations-babel/package-lock.jso (87d173b), closes #911
fix: package.json & package-lock.json to reduce vulnerabilities (#920) (898ceb7), closes #920
fix: upgrade @types/multer from 1.4.7 to 1.4.11 (#897) (a7d67e7), closes #897
fix: upgrade path-to-regexp from 6.2.0 to 6.2.2 (#914) (bce2d6a), closes #914

5.1.6 (2024-02-11)

Fixes for 881 - multiple specs w/validateRequests fail (#903) (766806b), closes #903

5.1.5 (2024-02-10)

fixes write-only tests (8c53e58)
Support writeOnly + required combination #149 (#756) (4f16ed2), closes #149 #756
v5.1.5 (708f2f5)

5.1.4 (2024-02-09)

add cookies to examples 1 and 2 (#891) (2c95d5b), closes #891
Direct example broken link to the guide (00a9c8f)
fixes badging for build and test (631fb7b)
npm audit fix (#892) (2977c0a), closes #892
Remove read only and write only fields (#895) (97617fd), closes #895 #627
removes lodash.uniq and lodash.zipobject dependencies (#893) (1206802), closes #893
Update CONTRIBUTING.md (6d67169)
Update README.md (dffda28)
Update README.md (bdd0d79)
Update README.md (#896) (bb66916), closes #896
v5.1.4 (b3d7483)
v5.1.4 (509fa22)
fix: #887 allow multiple params with wildcard (#898) (2d33d0a), closes #887 #898 #1
docs: fix doc typo in README.md (#885) (8a81bf8), closes #885

5.1.3 (2024-01-27)

CLS Context is lost after using multer middleware (#695) (40716fb), closes #695
remove examples from schema (#890) (0ad49ec), closes #890
v5.1.3 (f806690)
v5.1.3 (e567701)

5.1.2 (2023-12-04)

Normalize request body ContentTypes (#863) (0099b0d), closes #863
Safer handling of multipart nested JSON body props (#878) (807e09c), closes #878
v5.1.1 (4b0c989)

5.1.1 (2023-11-21)

Pass-through HttpError caught in multipart handler (#867) (240c876), closes #867
v5.1.0 (a9a3b0b)
v5.1.1 (a4e62ac)

5.1.0 (2023-11-12)

Allow optional use of req.url (#857) (f732379), closes #857
Reorder upload and security middlewares (#866) (95543d6), closes #866 #865
Update build and packaging scripts (#872) (dd4027f), closes #872
update version locks (bb8d6b8)
v5.1.0 (839f859)

5.0.5 (2023-08-23)

#841 return error thrown in serDes deserializer (#842) (d029401), closes #841 #842
fix documentation links (01950b7)
fix example schema removal and upgrade patch version (495dabd)
fixing default export function issue (#846) (268d38a), closes #846
Remove body-parser deps in example (#845) (c73b7c1), closes #845
Remove examples from apiDoc when validating requests (#774) (950d429), closes #774
Resolve "reference resolves to more than one schema" errors when AJV processes OpenAPI document and (9d215be), closes #853
v5.0.5 change history (b5cc33a)

5.0.4 (2023-04-30)

Switch json-schema-ref-parser to non-deprecated package (#829) (f5bbce9), closes #829
v5.0.4 (9b89c79)
fix: Deserialize custom types with inline schemas (#823) (d53621d), closes #823

5.0.3 (2023-03-04)

FIx serialization/deserialization in additionalProperties (#822) (a9067b8), closes #822
Rename field error_code to errorCode in ValidationErrorItem (#819) (1a1b2cc), closes #819
v5.0.3 (6e93a96)
chore(deps): bump cookiejar from 2.1.2 to 2.1.4 in /examples/9-nestjs (#805) (07d9879), closes #805
chore(deps): bump cookiejar from 2.1.3 to 2.1.4 (#806) (0da34f8), closes #806
chore(deps): bump http-cache-semantics (#811) (7a779f6), closes #811
chore(deps): bump http-cache-semantics (#813) (336683d), closes #813
chore(deps): bump http-cache-semantics (#814) (3721092), closes #814
chore(deps): bump http-cache-semantics (#816) (466e337), closes #816
chore(deps): bump http-cache-semantics (#817) (582b395), closes #817
chore(deps): bump http-cache-semantics in /examples/1-standard (#810) (e6ef9d3), closes #810
chore(deps): bump http-cache-semantics in /examples/3-eov-operations (#812) (fd04b5e), closes #812
chore(deps): bump http-cache-semantics in /examples/6-multi-file-spec (#815) (b2704b0), closes #815
chore(deps): bump json5 from 1.0.1 to 1.0.2 in /examples/9-nestjs (#801) (30defdc), closes #801
chore(deps): bump json5 in /examples/4-eov-operations-babel (#799) (a100192), closes #799
fix: upgrade ajv from 8.11.0 to 8.11.2 (#797) (e774d4b), closes #797
fix: upgrade body-parser from 1.19.0 to 1.20.1 (#798) (87a2000), closes #798
fix: upgrade content-type from 1.0.4 to 1.0.5 (#818) (541d5f9), closes #818

5.0.2 (2023-02-11)

v5.0.2 (3b0e70c)
v5.0.2 (24ad64f)
fix: objects in form-data (#730) (e5cb5d6), closes #730

5.0.1 (2023-01-09)

enhance SchemaObject type (#697) (ca43431), closes #697
implement github actions workflow (#793) (d415425), closes #793
Update README.md (33da583)
Update README.md (ccd981a)
v5.0.1 (de0708b)
chore(deps): bump ansi-regex from 3.0.0 to 3.0.1 in /examples/9-nestjs (#738) (60afead), closes #738
chore(deps): bump minimatch from 3.0.4 to 3.1.2 in /examples/1-standard (#764) (0d04305), closes #764
chore(deps): bump minimatch from 3.0.4 to 3.1.2 in /examples/9-nestjs (#760) (c1cf0d9), closes #760
chore(deps): bump minimatch in /examples/2-standard-multiple-api-specs (#763) (fe5e95e), closes #763
chore(deps): bump minimatch in /examples/3-eov-operations (#766) (3285f3a), closes #766
chore(deps): bump minimatch in /examples/4-eov-operations-babel (#768) (5bcc81b), closes #768
chore(deps): bump minimatch in /examples/5-custom-operation-resolver (#765) (b5b03b3), closes #765
chore(deps): bump minimatch in /examples/6-multi-file-spec (#767) (e8f54e8), closes #767
chore(deps): bump minimatch in /examples/7-response-date-serialization (#759) (9b9433e), closes #759
chore(deps): bump minimatch in /examples/8-top-level-discriminator (#761) (46afe5c), closes #761
chore(deps): bump minimist and @nestjs/cli in /examples/9-nestjs (#769) (8d31f9a), closes #769
chore(deps): bump terser from 5.7.2 to 5.14.2 in /examples/9-nestjs (#750) (a83ff9d), closes #750
fix: upgrade body-parser from 1.19.0 to 1.19.1 (#689) (40736f8), closes #689
fix: upgrade body-parser from 1.19.0 to 1.19.1 (#690) (9038edc), closes #690
fix: upgrade body-parser from 1.19.0 to 1.19.1 (#691) (e64a91c), closes #691

5.0.0 (2022-11-19)

Fix #699 serdes missed on items in a collection, with tests. (#704) (77bc4ae), closes #699 #704
fixed router parameters (#762) (2bbed6f), closes #762
v5.0.0 with ajv8 (1d1d71b)

4.13.8 (2022-05-30)

Bump AJV to v8 (#713) (2b27332), closes #713
Bump multer to version that removes dicer as sub-dependency (#739) (6501a62), closes #739
update ansi-regex (6448f45)
Update README.md (c954b4b)
v4.14.0-beta.1 (369a4a6)
v4.14.0-beta.2 (1706538)
chore(deps): bump ansi-regex in /examples/2-standard-multiple-api-specs (#727) (3e803b5), closes #727
chore(deps): bump ansi-regex in /examples/3-eov-operations (#726) (aba3cd0), closes #726
chore(deps): bump ansi-regex in /examples/5-custom-operation-resolver (#725) (2bf250e), closes #725
chore(deps): bump ansi-regex in /examples/6-multi-file-spec (#723) (e29c1eb), closes #723
chore(deps): bump ansi-regex in /examples/7-response-date-serialization (#722) (acdae50), closes #722
chore(deps): bump ansi-regex in /examples/8-top-level-discriminator (#719) (45059a6), closes #719
chore(deps): bump follow-redirects in /examples/9-nestjs (#705) (15e91aa), closes #705
chore(deps): bump minimist from 1.2.5 to 1.2.6 in /examples/1-standard (#714) (1eecf40), closes #714
chore(deps): bump minimist in /examples/2-standard-multiple-api-specs (#716) (6f6ea71), closes #716
chore(deps): bump minimist in /examples/3-eov-operations (#715) (3f6cb37), closes #715
chore(deps): bump minimist in /examples/4-eov-operations-babel (#717) (6b90f35), closes #717
chore(deps): bump minimist in /examples/5-custom-operation-resolver (#718) (acc3f33), closes #718
chore(deps): bump minimist in /examples/6-multi-file-spec (#724) (15814ba), closes #724
chore(deps): bump minimist in /examples/7-response-date-serialization (#721) (ff63618), closes #721
chore(deps): bump minimist in /examples/8-top-level-discriminator (#720) (a23a09f), closes #720
chore(deps): bump node-fetch from 2.6.1 to 2.6.7 in /examples/9-nestjs (#711) (87bb6df), closes #711

4.13.7 (2022-03-27)

migrate README to wiki (4887ba5)
Update README (13b26d6)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2024-09-01T00:58:27Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package

Version

Score

Details

npm/express-openapi-validator

5.3.6

🟢 5.3

Details

Check	Score	Reason
Code-Review	🟢 3	Found 7/22 approved changesets -- score normalized to 3
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 3	dependency not pinned by hash detected -- score normalized to 3
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	15 existing vulnerabilities detected

npm/path-to-regexp

6.3.0

🟢 5.9

Details

Check	Score	Reason
Binary-Artifacts	🟢 10	no binaries found in the repo
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
CI-Tests	🟢 10	2 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Code-Review	⚠️ 0	found 28 unreviewed changesets out of 30 -- score normalized to 0
Contributors	🟢 10	27 different organizations found -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Dependency-Update-Tool	⚠️ 0	no update tool detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Maintained	🟢 10	30 commit(s) out of 30 and 18 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	no published package detected
Pinned-Dependencies	🟢 6	dependency not pinned by hash detected -- score normalized to 6
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Security-Policy	🟢 10	security policy file detected
Signed-Releases	⚠️ -1	no releases found
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	🟢 9	1 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json

sonarqubecloud · 2024-09-13T17:13:48Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

renovate bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Sep 1, 2024

renovate bot force-pushed the renovate/express-openapi-validator-5.x-lockfile branch from 0db43cf to 9a2c3c6 Compare September 1, 2024 06:19

renovate bot changed the title ~~chore(deps): update dependency express-openapi-validator to v5.3.4~~ chore(deps): update dependency express-openapi-validator to v5.3.4 - autoclosed Sep 2, 2024

renovate bot closed this Sep 2, 2024

renovate bot deleted the renovate/express-openapi-validator-5.x-lockfile branch September 2, 2024 03:38

renovate bot changed the title ~~chore(deps): update dependency express-openapi-validator to v5.3.4 - autoclosed~~ chore(deps): update dependency express-openapi-validator to v5.3.4 Sep 6, 2024

renovate bot reopened this Sep 6, 2024

renovate bot restored the renovate/express-openapi-validator-5.x-lockfile branch September 6, 2024 03:10

renovate bot force-pushed the renovate/express-openapi-validator-5.x-lockfile branch from 9a2c3c6 to 9673e6d Compare September 6, 2024 03:11

renovate bot changed the title ~~chore(deps): update dependency express-openapi-validator to v5.3.4~~ chore(deps): update dependency express-openapi-validator to v5.3.5 Sep 6, 2024

renovate bot changed the title ~~chore(deps): update dependency express-openapi-validator to v5.3.5~~ chore(deps): update dependency express-openapi-validator to v5.3.5 - autoclosed Sep 7, 2024

renovate bot closed this Sep 7, 2024

renovate bot deleted the renovate/express-openapi-validator-5.x-lockfile branch September 7, 2024 09:07

renovate bot changed the title ~~chore(deps): update dependency express-openapi-validator to v5.3.5 - autoclosed~~ chore(deps): update dependency express-openapi-validator to v5.3.5 Sep 13, 2024

renovate bot reopened this Sep 13, 2024

renovate bot restored the renovate/express-openapi-validator-5.x-lockfile branch September 13, 2024 01:27

renovate bot force-pushed the renovate/express-openapi-validator-5.x-lockfile branch from 9673e6d to cb7baf7 Compare September 13, 2024 01:27

renovate bot changed the title ~~chore(deps): update dependency express-openapi-validator to v5.3.5~~ chore(deps): update dependency express-openapi-validator to v5.3.6 Sep 13, 2024

chore(deps): update dependency express-openapi-validator to v5.3.6

e3a7b3c

renovate bot force-pushed the renovate/express-openapi-validator-5.x-lockfile branch from cb7baf7 to e3a7b3c Compare September 13, 2024 17:12

myrotvorets-team merged commit 871ef5c into master Sep 15, 2024
12 checks passed

myrotvorets-team deleted the renovate/express-openapi-validator-5.x-lockfile branch September 15, 2024 20:13

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency express-openapi-validator to v5.3.6 #776

chore(deps): update dependency express-openapi-validator to v5.3.6 #776

renovate bot commented Sep 1, 2024 •

edited

Loading

github-actions bot commented Sep 1, 2024 •

edited

Loading

sonarqubecloud bot commented Sep 13, 2024

chore(deps): update dependency express-openapi-validator to v5.3.6 #776

chore(deps): update dependency express-openapi-validator to v5.3.6 #776

Conversation

renovate bot commented Sep 1, 2024 • edited Loading

Release Notes

v5.3.6

(2024-09-13)

(2024-09-06)

(2024-08-31)

breaking change

(2024-08-24)

(2024-08-24)

(2024-08-05)

(2024-06-02)

5.1.6 (2024-02-11)

5.1.5 (2024-02-10)

5.1.4 (2024-02-09)

5.1.3 (2024-01-27)

5.1.2 (2023-12-04)

5.1.1 (2023-11-21)

5.1.0 (2023-11-12)

5.0.5 (2023-08-23)

5.0.4 (2023-04-30)

5.0.3 (2023-03-04)

5.0.2 (2023-02-11)

5.0.1 (2023-01-09)

5.0.0 (2022-11-19)

4.13.8 (2022-05-30)

4.13.7 (2022-03-27)

Configuration

github-actions bot commented Sep 1, 2024 • edited Loading

Dependency Review

OpenSSF Scorecard

Scanned Manifest Files

sonarqubecloud bot commented Sep 13, 2024

Quality Gate passed

renovate bot commented Sep 1, 2024 •

edited

Loading

`v5.3.6`

github-actions bot commented Sep 1, 2024 •

edited

Loading