redocly-cli icon indicating copy to clipboard operation
redocly-cli copied to clipboard

Published 20 hours ago verified publisher icon Redocly

join command does not join root security

Open ootkin opened this issue 1 year ago • 5 comments

Describe the bug

security section is not joined in the output if a schema specify the security section in the root level

To Reproduce

spec1.yaml:

openapi: 3.1.0
info:
  title: "spec1"
  version: 1.0.0
servers:
  - url: https://api.example.com
security:
  - oauth2: []
components:
  securitySchemes:
    oauth2:
      type: oauth2
      flows:
        authorizationCode:
          authorizationUrl: https://example.com/oauth/authorize
          tokenUrl: https://example.com/oauth/token
          scopes: {}
paths: {}

spec2.yaml:

openapi: 3.1.0
info:
  title: "spec1"
  version: 1.0.0
servers:
  - url: https://api.example.com
paths:
  /post:
    get:
      summary: Example
      operationId: example
      responses:
        200:
          description: OK
        400:
          description: Bad request

run command: npx @redocly/cli join spec1.yaml spec2.yaml -o joined.yaml

output:

openapi: 3.1.0
info:
  title: spec1
  version: 1.0.0
servers:
  - url: https://api.example.com
tags:
  - name: spec2_other
    x-displayName: other
paths:
  /post:
    get:
      summary: Example
      operationId: example
      responses:
        '200':
          description: OK
        '400':
          description: Bad request
      tags:
        - spec2_other
components:
  securitySchemes:
    oauth2:
      type: oauth2
      flows:
        authorizationCode:
          authorizationUrl: https://example.com/oauth/authorize
          tokenUrl: https://example.com/oauth/token
          scopes: {}
x-tagGroups:
  - name: spec2
    tags:
      - spec2_other

Expected behavior

the security in the root level must be present in the output

OpenAPI description

oas version: 3.1

Redocly Version(s)

1.6.0

Node.js Version(s)

v20.10.0

ootkin avatar Jan 26 '24 07:01 ootkin

This looks like a bug. Thank you for finding this!

tatomyr avatar Jan 26 '24 08:01 tatomyr

See also: #913

lornajane avatar Feb 13 '24 14:02 lornajane

We've got some custom 'x-' properties right inside the root object (same level as 'openapi', 'info', ...), which get lost upon 'join'. Maybe this is the same issue?

MarcelHoell avatar Mar 25 '24 22:03 MarcelHoell

Are there any workarounds until it's fixed? Except blunt text append to generated schema.

artsiommiksiuk avatar May 23 '24 09:05 artsiommiksiuk

@MarcelHoell not exactly the same, but rather similar. Currently, we have to specify the fields to be merged in the code, and I think it will be difficult to merge unknown fields correctly (although it is still worth investigating).

@artsiommiksiuk unfortunately I cannot come up with a workaround here. Just in case, we accept PRs here!

tatomyr avatar May 24 '24 14:05 tatomyr