From d40ff2c2943358446035816fe512e38b6b1e7f33 Mon Sep 17 00:00:00 2001
From: Virgil <virgil@lethean.io>
Date: Thu, 2 Apr 2026 08:54:24 +0000
Subject: [PATCH] fix(api): remove global openapi bearer security

Co-Authored-By: Virgil <virgil@lethean.io>
---
 openapi.go      |  5 -----
 openapi_test.go | 10 ++--------
 2 files changed, 2 insertions(+), 13 deletions(-)

diff --git a/openapi.go b/openapi.go
index 0133e35..9d91947 100644
--- a/openapi.go
+++ b/openapi.go
@@ -74,11 +74,6 @@ func (sb *SpecBuilder) Build(groups []RouteGroup) ([]byte, error) {
 		},
 		"paths": sb.buildPaths(prepared),
 		"tags":  sb.buildTags(prepared),
-		"security": []any{
-			map[string]any{
-				"bearerAuth": []any{},
-			},
-		},
 	}
 
 	if sb.LicenseName != "" {
diff --git a/openapi_test.go b/openapi_test.go
index 51e9b6c..4f95653 100644
--- a/openapi_test.go
+++ b/openapi_test.go
@@ -197,14 +197,8 @@ func TestSpecBuilder_Good_EmptyGroups(t *testing.T) {
 	if bearerAuth["scheme"] != "bearer" {
 		t.Fatalf("expected bearerAuth.scheme=bearer, got %v", bearerAuth["scheme"])
 	}
-
-	security := spec["security"].([]any)
-	if len(security) != 1 {
-		t.Fatalf("expected one default security requirement, got %d", len(security))
-	}
-	req := security[0].(map[string]any)
-	if _, ok := req["bearerAuth"]; !ok {
-		t.Fatal("expected default bearerAuth security requirement")
+	if _, ok := spec["security"]; ok {
+		t.Fatal("expected no global security requirement in the document")
 	}
 }