Conversation
✅ Deploy Preview for modelina canceled.
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
feat: support non-object model types for rust Those model types are common when using GET parameters in an OpenAPI document. Typescript already has a TypeRenderer. This adds an equivalent for Rust. However, instead of using a Rust type aliases, this PR uses the New Type Idiom. There are two main advantages to using the New Type idiom: compile-time value type validation and a bypass of the rust orphan rule (see https://effective-rust.com/newtype.html). The second advantage will be needed to implement model validation. Likely this validation will come from an external trait. Rust only allows adding external trait implementations to types that are internal to the crate (type aliases do not count).
| const sanitized = schemaId | ||
| .replace('<', '') | ||
| .replace(/-/g, '_') | ||
| .replace('>', ''); |
Check failure
Code scanning / CodeQL
Incomplete string escaping or encoding High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 5 days ago
Generally, the fix is to avoid using string.replace('<', '') / string.replace('>', ''), since these only affect the first match. Instead, use a regular expression with the global (g) flag so that all occurrences are removed (or use a single regex that strips all undesired characters at once). This ensures the sanitization is complete and predictable.
The best minimal change without altering existing functionality is to update the “sanitized anonymous ID” computation so that it removes all < and > characters, and continues to replace all - characters with _. We can do this in one of two ways:
- Keep the chaining, but switch to regexes with
g:
schemaId.replace(/</g, '').replace(/-/g, '_').replace(/>/g, ''), or - Use a single regex that removes all
<and>and then replace dashes:
schemaId.replace(/[<>]/g, '').replace(/-/g, '_').
Either approach is fine; the latter is slightly cleaner. No new imports or external libraries are needed; this uses built-in JavaScript/TypeScript regex support. The change is confined to the block starting at line 594 (the “Priority 7: Fallback to sanitized anonymous ID” section) in src/processors/AsyncAPIInputProcessor.ts, updating only the const sanitized = ... line.
| @@ -593,9 +593,8 @@ | ||
| // Priority 7: Fallback to sanitized anonymous ID | ||
| if (schemaId?.includes(AsyncAPIInputProcessor.ANONYMOUS_PREFIX)) { | ||
| const sanitized = schemaId | ||
| .replace('<', '') | ||
| .replace(/-/g, '_') | ||
| .replace('>', ''); | ||
| .replace(/[<>]/g, '') | ||
| .replace(/-/g, '_'); | ||
| Logger.debug(`Using sanitized anonymous ID: ${sanitized}`); | ||
| return sanitized; | ||
| } |
| const sanitized = schemaId | ||
| .replace('<', '') |
Check failure
Code scanning / CodeQL
Incomplete string escaping or encoding High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 5 days ago
In general, when performing string-based sanitization, avoid str.replace('x', 'y') with a plain string search, since it affects only the first occurrence. Use a regular expression with the g flag (e.g. /</g) or chain multiple replace calls that each use global regexes, so that all occurrences are processed consistently.
For this specific code, we should update the sanitization of schemaId in the “Priority 7: Fallback to sanitized anonymous ID” block to replace all < and > characters, not just the first one. The safest, minimal change that preserves existing intent is to convert the first and last .replace calls from string patterns to global regular expressions:
const sanitized = schemaId
.replace(/</g, '')
.replace(/-/g, '_')
.replace(/>/g, '');This keeps the behavior identical for IDs with at most one < or >, and correctly handles those with multiple such characters. No new imports or helpers are required; the change is limited to the sanitization expression inside src/processors/AsyncAPIInputProcessor.ts around lines 594–599.
| @@ -593,9 +593,9 @@ | ||
| // Priority 7: Fallback to sanitized anonymous ID | ||
| if (schemaId?.includes(AsyncAPIInputProcessor.ANONYMOUS_PREFIX)) { | ||
| const sanitized = schemaId | ||
| .replace('<', '') | ||
| .replace(/</g, '') | ||
| .replace(/-/g, '_') | ||
| .replace('>', ''); | ||
| .replace(/>/g, ''); | ||
| Logger.debug(`Using sanitized anonymous ID: ${sanitized}`); | ||
| return sanitized; | ||
| } |
|
🎉 This PR is included in version 6.0.0-next.5 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
| test: | ||
| name: Runtime testing Go Models | ||
| if: "github.event.pull_request.draft == false &&!((github.actor == 'asyncapi-bot' && startsWith(github.event.pull_request.title, 'ci: update global workflows')) || (github.actor == 'asyncapi-bot' && startsWith(github.event.pull_request.title, 'chore(release):')) || (github.actor == 'allcontributors' && startsWith(github.event.pull_request.title, 'docs: add')))" | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v3 | ||
| - name: Check package-lock version | ||
| uses: asyncapi/.github/.github/actions/get-node-version-from-package-lock@master | ||
| id: lockversion | ||
| - name: Setup Node.js | ||
| uses: actions/setup-node@v3 | ||
| with: | ||
| node-version: "${{ steps.lockversion.outputs.version }}" | ||
| cache: 'npm' | ||
| cache-dependency-path: '**/package-lock.json' | ||
| - name: Build Library | ||
| run: npm install && npm run build:prod | ||
| - name: Setup Go | ||
| uses: actions/setup-go@v4 | ||
| with: | ||
| go-version: '1.22' | ||
| - name: Generate Go Models | ||
| run: npm run generate:runtime:go | ||
| - name: Run runtime Tests |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 15 days ago
In general, the fix is to explicitly declare a permissions block in the workflow (at the root level or per job) that grants only the scopes required. This workflow just checks out code and runs Node.js and Go commands, so it only needs read access to repository contents; no write scopes are required.
The best fix with minimal functional impact is to add a root-level permissions block directly under the name: declaration so it applies to all jobs. In .github/workflows/runtime-go-testing.yml, add:
permissions:
contents: readon new lines after line 1 (name: Runtime Testing Go Models). No other changes, imports, or additional configuration are needed.
| @@ -1,4 +1,6 @@ | ||
| name: Runtime Testing Go Models | ||
| permissions: | ||
| contents: read | ||
| on: | ||
| push: | ||
| pull_request: |
|
🎉 This PR is included in version 6.0.0-next.6 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 6.0.0-next.7 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 6.0.0-next.8 🎉 The release is available on: Your semantic-release bot 📦🚀 |
* test: add failing tests for date unmarshal conversion (Phase 1 - TDD RED) Add unit tests that verify date-formatted string properties should be converted to Date objects in the unmarshal method. These tests currently fail because the date conversion is not yet implemented. Test cases: - date-time format generates new Date() conversion - date format generates new Date() conversion - time format generates new Date() conversion - null safety check with ternary pattern - regular strings remain unchanged (regression test) Relates to: GH-2457 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * fix(typescript): convert date-formatted strings to Date objects in unmarshal (Phase 2 - TDD GREEN) Add date conversion logic in renderUnmarshalProperty() for ConstrainedStringModel with format in ['date', 'date-time', 'time']. The generated unmarshal code now includes null-safe Date conversion: obj["createdAt"] == null ? null : new Date(obj["createdAt"]) This fixes the type mismatch where properties declared as Date were assigned raw strings at runtime. Fixes: GH-2457 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * test(runtime): add Date object verification tests for unmarshal (Phase 3) Add runtime tests that verify: - unmarshal converts date-formatted strings to Date objects - Date.toISOString() returns the correct value after round-trip - null date values are handled gracefully (not converted to Invalid Date) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>
|
🎉 This PR is included in version 6.0.0-next.9 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 6.0.0-next.10 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
4 participants
Placeholder for v6 release