core/api
8
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions
No description
263 commits 3 branches 9 tags 3.1 MiB
Find a file
Snider e54dd2e370 fix(pr#2): address CodeRabbit major/critical review findings 
Go:
- codegen: pass trimmed specPath to buildArgs instead of raw g.SpecPath
- cmd/sdk: use local resolvedSpecFile to avoid mutating flag variable per-invocation
- export: write to temp file + atomic rename to prevent destination truncation on failure
- openapi: gate effectiveGraphQLPath/SwaggerPath/WSPath/SSEPath on enable flags; use effectiveSwaggerPath in effectiveAuthentikPublicPaths
- cache: reject oversized replacement before mutating LRU state for existing keys
- ratelimit: move setRateLimitHeaders before c.Next() so headers are sent; hash credential headers with SHA-256 to avoid storing raw secrets; prefer validated principal from context
- response_meta: track size separately from body buffer so Size() is accurate after body rewrites and in passthrough mode
- bridge: limit request body reads with http.MaxBytesReader (10 MiB); allow missing data key in ValidateResponse for nil/zero success responses; update recorder status in writeErrorResponse
- pkg/provider/proxy: validate target scheme and host after url.Parse to catch hostless inputs
- cmd_test: snapshot/restore global spec registry in TestAPISpecCmd_Good_RegisteredSpecGroups

PHP:
- HasApiResponses.php, config.php: add declare(strict_types=1)
- RateLimitExceededException: validate Origin against cors.allowed_origins before reflecting in CORS header
- ApiUsageService: import and use Core\Api\Models\ApiKey instead of fully-qualified Mod\ path
- SeoReportService: add SSRF protection (scheme check, private-IP rejection); add .throw() for HTTP error handling; disable automatic redirects

Co-Authored-By: Virgil <virgil@lethean.io>
2026-04-07 08:38:41 +01:00
.core feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
cmd/api fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
docs docs(api): align cache docs with explicit limits 2026-04-02 08:36:59 +00:00
go-io feat(api): add stable openapi operation ids 2026-04-01 07:36:35 +00:00
go-log feat(api): add stable openapi operation ids 2026-04-01 07:36:35 +00:00
pkg/provider fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
src/php fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
.gitattributes feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
.gitignore chore: add .core/ and .idea/ to .gitignore 2026-03-15 10:17:49 +00:00
api.go feat(api): snapshot authentik runtime config 2026-04-02 13:17:08 +00:00
api_test.go fix(api): return engine groups by copy 2026-04-01 21:16:10 +00:00
authentik.go fix(api): normalise runtime metadata snapshots 2026-04-02 16:48:37 +00:00
authentik_integration_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
authentik_test.go fix(auth): exempt swagger ui path in authentik middleware 2026-04-02 06:29:34 +00:00
authz_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
bridge.go fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
bridge_test.go fix(api): trim tool bridge tags 2026-04-02 00:31:38 +00:00
brotli.go feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
brotli_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
cache.go fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
cache_config.go feat(api): expose cache config snapshot 2026-04-02 09:23:02 +00:00
cache_test.go docs(api): align cache docs with explicit limits 2026-04-02 08:36:59 +00:00
CLAUDE.md feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
client.go fix(api): correct OpenAPI iterator examples 2026-04-03 04:50:54 +00:00
client_test.go fix(api): correct OpenAPI iterator examples 2026-04-03 04:50:54 +00:00
codegen.go fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
codegen_test.go fix(api): harden SDK generator inputs 2026-04-02 13:43:07 +00:00
composer.json feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
export.go fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
export_test.go fix(cmd/api): normalise spec export formats 2026-04-02 08:12:47 +00:00
expvar_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
go.mod fix: migrate module paths from forge.lthn.ai to dappco.re 2026-04-04 16:21:11 +01:00
go.sum feat(openapi): omit auth errors on public routes 2026-04-01 21:46:06 +00:00
graphql.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
graphql_config_test.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
graphql_test.go feat(graphql): normalise custom mount paths 2026-04-01 18:08:27 +00:00
group.go docs(api): add AX usage examples 2026-04-02 07:51:21 +00:00
group_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
gzip_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
httpsign_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
i18n.go feat(api): add i18n config snapshot 2026-04-02 12:25:38 +00:00
i18n_test.go feat(api): add i18n config snapshot 2026-04-02 12:25:38 +00:00
LICENCE feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
location_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
middleware.go docs(api): add AX usage examples 2026-04-02 07:51:21 +00:00
middleware_test.go fix(response): attach meta to all json responses 2026-04-02 03:38:34 +00:00
modernization_test.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
norace_test.go feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
openapi.go fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
openapi_test.go fix(api): omit disabled graphql playground spec metadata 2026-04-03 04:56:48 +00:00
options.go fix(api): normalise runtime metadata snapshots 2026-04-02 16:48:37 +00:00
pprof_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
race_test.go feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
ratelimit.go fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
ratelimit_test.go fix(api): scope rate limiting by key 2026-04-01 18:22:17 +00:00
response.go docs(api): add AX usage examples 2026-04-02 07:51:21 +00:00
response_meta.go fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
response_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
runtime_config.go feat(api): include graphql in runtime snapshots 2026-04-02 13:58:56 +00:00
secure_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
servers.go feat(api): collapse equivalent OpenAPI servers 2026-04-01 20:01:34 +00:00
sessions_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
slog_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
spec_builder_helper.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
spec_builder_helper_internal_test.go refactor(api): normalise config snapshots 2026-04-02 12:38:54 +00:00
spec_builder_helper_test.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
spec_registry.go refactor(api): centralise spec group iterator 2026-04-02 07:57:58 +00:00
spec_registry_test.go refactor(api): centralise spec group iterator 2026-04-02 07:57:58 +00:00
sse.go docs(api): add AX usage examples 2026-04-02 07:51:21 +00:00
sse_test.go fix(api): preserve streaming response passthrough 2026-04-02 06:04:06 +00:00
static_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
sunset.go fix(api): preserve sunset response headers 2026-04-01 23:33:52 +00:00
sunset_test.go fix(api): preserve sunset response headers 2026-04-01 23:33:52 +00:00
swagger.go refactor(api): assert swagger spec interface 2026-04-02 13:12:08 +00:00
swagger_internal_test.go fix(api): snapshot swagger groups 2026-04-02 00:24:54 +00:00
swagger_test.go fix(api): redirect swagger base path 2026-04-02 07:44:55 +00:00
timeout_test.go fix(api): disable non-positive timeouts 2026-04-01 13:12:51 +00:00
tracing.go fix(api): add tracing AX examples 2026-04-02 14:29:59 +00:00
tracing_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
transport.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
websocket.go feat(api): add configurable websocket path 2026-04-02 03:21:28 +00:00
websocket_test.go fix(api): preserve streaming response passthrough 2026-04-02 06:04:06 +00:00