Skip to content

chore: openapi-diff on PRs #10100

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 37 commits into from
Jun 10, 2025
Merged

chore: openapi-diff on PRs #10100

merged 37 commits into from
Jun 10, 2025

Conversation

gastonfournier
Copy link
Contributor

About the changes

PoC openapi diff

@vercel Vercel
Copy link

vercel bot commented Jun 9, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

1 Skipped Deployment
Name Status Preview Comments Updated (UTC)
unleash-docs ⬜️ Ignored (Inspect) Visit Preview Jun 10, 2025 10:44am

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 9, 2025
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/actions/checkout 4.*.* 🟢 5.3
Details
CheckScoreReason
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
Security-Policy🟢 9security policy file detected
Branch-Protection⚠️ -1internal error: error during GetBranch(releases/v2): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
SAST🟢 9SAST tool detected but not run on all commits
Vulnerabilities⚠️ 19 existing vulnerabilities detected
actions/actions/download-artifact 4.*.* 🟢 5.7
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 1030 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST🟢 10SAST tool is run on all commits
Vulnerabilities⚠️ 19 existing vulnerabilities detected
actions/actions/github-script 7.*.* 🟢 7.2
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Code-Review🟢 10all changesets reviewed
Binary-Artifacts🟢 10no binaries found in the repo
Maintained🟢 68 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
License🟢 10license file detected
Security-Policy🟢 9security policy file detected
Branch-Protection⚠️ -1internal error: error during GetBranch(releases/v2): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
SAST🟢 10SAST tool is run on all commits
Vulnerabilities🟢 55 existing vulnerabilities detected
actions/actions/setup-node 4.*.* 🟢 5.4
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Binary-Artifacts🟢 9binaries present in source code
Maintained🟢 57 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
Branch-Protection⚠️ 1branch protection is not maximal on development and all release branches
SAST🟢 9SAST tool is not run on all commits -- score normalized to 9
Vulnerabilities🟢 46 existing vulnerabilities detected
actions/actions/upload-artifact 4.*.* 🟢 5.3
Details
CheckScoreReason
Maintained🟢 45 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Security-Policy🟢 9security policy file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST🟢 9SAST tool detected but not run on all commits
Vulnerabilities🟢 37 existing vulnerabilities detected

Scanned Files

  • .github/workflows/openapi-diff.yaml

@Unleash Unleash deleted a comment from github-actions bot Jun 9, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 9, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 9, 2025
@gastonfournier gastonfournier moved this from New to In Progress in Issues and PRs Jun 10, 2025
@gastonfournier gastonfournier changed the title chore: test openapi-diff chore: openapi-diff on PRs Jun 10, 2025
@gastonfournier gastonfournier requested a review from Copilot June 10, 2025 10:33
Copilot
Copilot AI reviewed Jun 10, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces a proof-of-concept for automatically generating and displaying OpenAPI spec differences on pull requests.

  • Modified the "dev:backend" command in package.json to allow for an environment variable override for NODE_ENV.
  • Added a new GitHub workflow (.github/workflows/openapi-diff.yaml) that generates OpenAPI specs from both stable and current branches, computes their diff, and posts the result as a PR comment.
  • Updated build.yaml and the docker-compose.test.yml file to support the new changes.

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File Description
package.json Updated NODE_ENV usage in the "dev:backend" command
.github/workflows/openapi-diff.yaml Added comprehensive steps to generate and post the OpenAPI diff
.github/workflows/build.yaml Added a trigger path for new workflow changes
.github/docker-compose.test.yml Modified image reference to include an environment variable fallback

@Unleash Unleash deleted a comment from github-actions bot Jun 10, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 10, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 10, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 10, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 10, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 10, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 10, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 10, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 10, 2025
@Unleash Unleash deleted a comment from github-actions bot Jun 10, 2025
sighphyre
sighphyre approved these changes Jun 10, 2025
View reviewed changes
Copy link
Member

@sighphyre sighphyre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@github-project-automation github-project-automation bot moved this from In Progress to Approved PRs in Issues and PRs Jun 10, 2025
@gastonfournier gastonfournier merged commit 2d228ee into main Jun 10, 2025
14 of 15 checks passed
@gastonfournier gastonfournier deleted the openapi-diff branch June 10, 2025 14:51
@github-project-automation github-project-automation bot moved this from Approved PRs to Done in Issues and PRs Jun 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@sighphyre sighphyre sighphyre approved these changes

Assignees

@gastonfournier gastonfournier

Labels
None yet
Projects
Issues and PRs
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gastonfournier @sighphyre