Would it be possible to open source license this project ?

We'd love to use it in our internal projects !

copied from java version swagger-diff
String html = new HtmlRender("Changelog", "http://deepoove.com/swagger-diff/stylesheets/demo.css") .render(diff);

I'm very interested in using this tool to help identify differences between API versions. I noted we have a large number of lines reported in the unmatchDiffs section of kind equals to E. I'm not 100% clear why we see them from the swagger definitions. The help indicate

Note: unmatchDiffs are the raw diffs that didn't much any rules. They can include breakings changes not implemented yet.

Looking at our swagger definitions we can see the same required attributes marked for a particular model however version A does specify them in a slightly different order to version B. Should order be included as a difference in this way within a definition?

• Compare one local file to a url using CLI
• Compare one local file to a url using API

break

• Delete path
• Edit OperationId
• Delete OperationId
• Add Param required
• Edit Param required
• Edit Param type
• Edit Param location (in)
• Edit Host
• Edit BasePath
• Edit Array collectionFormat
• Edit Array items type (in param, response, ...)
• Add required object property (need to inline)
• Edit Object Property required (need to inline)
• Edit Object Property type

smooth

• Add path
• Add optional param
• Delete a param
• Add optional Object Property
• Delete Object Property

todo later

• Edit Security
• Edit Produced mime types
• Edit Consumed mime types

My team is currently exploring options for detecting breaking changes between Swagger files. After exploring what is available in the open source world at the moment this project seems the most mature, with the code being well structured and thoroughly tested 👍

We are juggling between contributing to this project or writing our own equivalent tool. Our concern with contributing to this project is there is there has not been a commit to this codebase in almost 5 months and a PR has been sitting in review for over 3 months.

Here is the list of swagger changes that this tool currently does not detect that we would be interested in adding support for (not comprehensive, just what we discovered during a few hours of spiking):

• Adding a new status code
• Changing an existing status code
• Adding a response body
• Making required response properties optional
• Adding a max or min restriction to a numeric response property
• Adding a max or min restriction to a numeric request property
• Removing a response body
• Removing a format from a response property

Is this project still alive?
If we were to start working on this would you prefer many smaller PR's or fewer larger PR's?

Hello,

I have ran swagger-diff on my swagger which is valid and working but I get the following error without too much information:

swagger-diff{"name":"SyntaxError","message":""http://myservice.mycompany.com/swagger/docs/v1\" is not a valid JSON Schema","stack":"SyntaxError: "http://myservice.mycompany.com/swagger/docs/v1\" is not a valid JSON Schema\n at Function.ono [as syntax] (D:\Azure-Agents\Agent1\_work\_tasks\swagger-diff_d0b32dd5-f8bd-4118-8e66-699ad33189a2\1.2.1\node_modules\ono\lib\index.js:61:20)\n at D:\Azure-Agents\Agent1\_work\_tasks\swagger-diff_d0b32dd5-f8bd-4118-8e66-699ad33189a2\1.2.1\node_modules\json-schema-ref-parser\lib\index.js:106:19\n at process._tickCallback (internal/process/next_tick.js:109:7)"}

Can you point me where I can see the reason of the failure?

Thanks,

Greg

Add needed rules to remove any unmatchedDiff on Google Drive v2 v3 comparison.

https://api.apis.guru/v2/specs/googleapis.com/drive/v2/swagger.json
https://api.apis.guru/v2/specs/googleapis.com/drive/v3/swagger.json

https://gist.githubusercontent.com/zallek/6ac28225cb907edfe8f1c4714fb13d24/raw/1d99658b22be3eec338139f185738c8b9ebb1509/gistfile1.txt

• add-description (improve the rule)
• edit-description (improve the rule)
• add-method
• delete-method
• add-security-requirement
• edit-security-requirement
• delete-security-requirement
  (etc)
• add-info
• edit-info
• delete-info

in reporter.js,

similar to https://github.com/zallek/swagger-diff/blob/master/src/reporter.js#L29 and https://github.com/zallek/swagger-diff/blob/master/src/reporter.js#L36, move https://github.com/zallek/swagger-diff/blob/master/src/reporter.js#L22 and https://github.com/zallek/swagger-diff/blob/master/src/reporter.js#L15 within their respective if-blocks.

CLI users could then (given the correct config rules) interpret non-empty stdout as evidence of diff failure.

I'm happy to put together a PR if that would help. Thanks in advance!

Allow swagger file to be both retrieve from disk or from the web by giving a URL.

Example:
swagger-diff ./old.swagger.json http://example.com/swagger.json

Very nice work, thanks for your efforts.

We have the following situation : we are using object ExportConfiguration in our API. It is being exposed as an output parameter.
We added a new property to this ExportConfiguration object which is required.

Because of the fact we set the rule "add-required-object-property" to cause an error, it will return an error, which makes sense. However, since this object is only being used as an output parameter in the API and it is never being used as an incoming parameter, it does not really break the API.

Does it make sense for the swagger-diff library to have separate rules "add-required-object-property-on-input-parameter" and "add-required-object-property-on-output-parameter"? Or do you suggest another workaround?

I use following swagger spec:

{
  "swagger" : "2.0",
  "info" : {
    "version" : "1.0.10",
    "title" : "dummy-service"
  },
  "basePath" : "/",
  "tags" : [ {
    "name" : "multipart-support-service"
  }, {
    "name" : "protocol"
  }, {
    "name" : "protocol-v2"
  } ],
  "paths" : {
    "/protocol/version-2/message-changed" : {
      "post" : {
        "tags" : [ "protocol-v2" ],
        "summary" : "Receive operation for protocol service version 2",
        "description" : "This operation is also very important",
        "operationId" : "IProtocolServiceV2_receive_POST",
        "consumes" : [ "application/json" ],
        "produces" : [ "application/json" ],
        "parameters" : [ {
          "in" : "body",
          "name" : "msg",
          "description" : "message to process as Message object",
          "required" : true,
          "schema" : {
            "$ref" : "#/definitions/Message"
          }
        }, {
          "name" : "User-agent",
          "in" : "header",
          "description" : "User-Agent header parameter",
          "required" : true,
          "type" : "string"
        } ],
        "responses" : {
          "200" : {
            "description" : "successful operation",
            "schema" : {
              "$ref" : "#/definitions/Message"
            }
          },
          "400" : {
            "description" : "Invalid arguments passed"
          },
          "404" : {
            "description" : "Something was not found"
          }
        }
      }
    }
  },
  "definitions" : {
    "Message" : {
      "type" : "object",
      "required" : [ "message", "protocol-type" ],
      "properties" : {
        "message" : {
          "type" : "object",
          "description" : "message to process",
          "additionalProperties" : {
            "type" : "object"
          }
        },
        "protocol-type" : {
          "type" : "string",
          "example" : "OLD",
          "description" : "type of protocol",
          "enum" : [ "OLD", "NEW" ]
        }
      },
      "description" : "message type"
    }
  }
}

then I change /protocol/version-2/message to /protocol/version-2/message-changed to create new file and run following command:
target\node\node.exe target\node_modules\swagger-diff\bin\swagger-diff.js swagger-previous.json target/classes/docs/restapi/swagger-new.json

When versions are the same for both files (1.0.10) the result is as expected:

Errors (2)
delete-path                   /protocol/version-2/message - Deleted
add-path                      /protocol/version-2/message-changed - Added
Warnings (0)

When versions are 1.0.10 (previous) and 1.0.11 (new) the result is:

Errors (1)
delete-path                   /protocol/version-2/message - Deleted
Warnings (1)
add-path                      /protocol/version-2/message-changed - Added

For 1.0.10 and 1.0.11-SNAPSHOT the result is:

Errors (0)
Warnings (0)

Rename binary from swagger to swagger-diff.

• Remove dependencies to fs
• Remove dependency to require-all -> add a script to generate rules index ...

Hi @zallek,

Didn't found your email, so I opened Github issue instead 😄
Maybe you would be interested in testing your tool against 200+ real-life Swagger files:
https://github.com/APIs-guru/api-models
They are validated by sway and could accessed through my REST API(no key needed).

You can also compare different versions of some popular API like Google Drive:
https://apis-guru.github.io/api-models/googleapis.com/drive/v1/swagger.yaml
https://apis-guru.github.io/api-models/googleapis.com/drive/v2/swagger.yaml
https://apis-guru.github.io/api-models/googleapis.com/drive/v3/swagger.yaml
IMHO it will help other developers to see all features of your tool.
All links support CORS so you can use it in online demo.

If you have any questions you can ask me directly through Skype(ivangon4arov), Hangout([email protected]) or you can ask them on public chat: https://gitter.im/APIs-guru/api-models

In the package.json you use the following link:
"json-schema-ref-parser": "github:zallek/json-schema-ref-parser#v1",
To a very old version of your own module.

Could you just link to the regular release on npm?

Reason: my compagny's build system uses an internal npm-repo, and can't handle the external github links... :-(

would be great if you could fix this

allow swagger-diff to output a file which CI systems can parse to get test summary

Circle - https://circleci.com/docs/test-metadata/

Like "Your build ran 832 tests with 4 breaking API changes and 3 Warnings listed below"

I'm having trouble installing this in a project that is using Node.js 18.x and newer due to errors installing/detecting phantomjs (which is EOL), and I can see that zallek/json-schema-ref-parser@8197f19 specifically removes phantomjs

Please update the dependency to a new enough version of json-schema-ref-parser to no longer include phantomjs in the dependency tree

It would be nice for script writing to be able to check the return code of the CLI tool. If a value other than zero is returned, there was a diff.

$ npm audit
(partial)
High Prototype Pollution Package lodash.merge Patched in >=4.6.2 Dependency of swagger-diff Path swagger-diff > lodash.defaultsdeep > lodash.merge More info https://nodesecurity.io/advisories/1066 High Prototype Pollution Package lodash.merge Patched in >=4.6.1 Dependency of swagger-diff Path swagger-diff > lodash.defaultsdeep > lodash.merge More info https://nodesecurity.io/advisories/1067

(partial)

Hi,
Is there any way to get the supported methods when a new path is added?

like,
{ "ruleId": "add-path", "message": "/v2/user/id- Added", "path": "/v2/user/id" }
should be
{ "ruleId": "add-path", "message": "/v2/user/id- Added", "path": "/v2/user/id", "method": "get" }
if I have added a new endpoint 'GET /v2/user/id' ?

Creates rules to warn when a path method (get, post, put, etc) is created are removed.
break/delete-method
smooth/add-method

inspired by
sansri264@06cd19d
sansri264@fa90a7e

Let's wait for #11 to be merged before.

Hiii..
We want to change the Output from rule-centric to path-centric. It will simplify the output and make it easy to understand. Any help in doing this is much appreciated.

TIA,

Hi, is there a consideration to extend this library to support openapi3. Currently, swagger-parser is now v9 and support openapi3 destructuring. Is there an issue with using newer swagger-parser to parse openapi3 doc before using the existing comparison engine? I have tried with the upgraded swagger-parser and there is no error. My only worry is that the comparison engine is not catered for openapi3 and that there are missing component that we need to add on to the comparison engine. Btw, great job on coming up with this package, it's really useful 👍