New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarification on scan inclusions and exclusions #422
Comments
@arthurdm Any chance you can track down the other implementations so they can describe how they implement this feature. That way we can determine what the current behavior is across the implementations. Perhaps we can converge (or have already converged) and thus codify that behavior in the spec. That said, on the hangout call today it was suggested that we allow regular expressions in these properties. That seems like a very good idea - then we just need to make it clear the order of operations (presumably include first then exclude). |
hey @EricWittmann / @MikeEdgar - sorry for the long delay in replying. The Open Liberty (Swagger-based) relevant code is here. From that we can infer:
|
Payara also seems to use Here are my thoughts for how this should be logically defined in the specification and tested with TCK cases. These should be handled sequentially, and exit as soon as one is found to be true.
|
My only issue with this is that it may be mutually exclusive with the idea of using regular expressions. Because I don't think you can do (3) with regular expressions - it's not possible to determine "a more complete package". But if we decode to not support regex then I'm cool with this approach. |
Do you think it would make sense to introduce two additional properties for regex? I really like the idea of supporting regex, but my concern would be around introducing breaking behavior for applications and/or requiring implementations to figure out if a property value is a pattern or just a comma-separated list of package names. If the value contains a comma, should it be split into multiple regex patterns for matching(?), is the presence of a comma an indicator that it is not a regex(?), etc.
I would expect these properties to be handled somewhere in (3) of the steps I listed above. Perhaps there would need to be some rules around the "quality" as determined by CC: @phillip-kruger in case you're not seeing this thread and want to weigh in. |
How about we treat it as a string except if it explicitly starts with ^ (https://docs.oracle.com/javase/tutorial/essential/regex/bounds.html) then it's a regex ? |
That sounds like a nice idea - and I would even add "or ends with |
…lrye.config-smallrye-config-1.8.5 Bump smallrye-config from 1.8.4 to 1.8.5
We discussed this issue in a recent team call and the agreement was that the current behavior of the SmallRye scanner will be documented in the spec and a TCK test added to verify the order of handling the include/exclude configuration properties. Comments/suggestions for changes in the PR (once opened) will certainly be considered. |
What was the use case for wanting to be able to use regex here? My initial thought is that regex seems like a bad fit for matching package names:
I particularly wouldn't want support for regex to come at the cost of not allowing a more specific match to take priority over a less specific one. Consider the following rules:
I think it's fairly important that these rules have the following result:
Implementations are always free to define some way of supporting the use of regex here but I don't see any need to add it to the spec unless there are clear use cases for it. When we look at the use cases, we might decide for example that a simpler and more restrictive wildcard syntax is more appropriate. |
The MP OpenAPI specification currently defines four configuration keys that deal with including or excluding packages or classes during annotation scanning.
mp.openapi.scan.packages
- the list of packages to scanmp.openapi.scan.classes
- the list of classes to scanmp.openapi.scan.exclude.packages
- the list of packages to exclude from scansmp.openapi.scan.exclude.classes
- the list of classes to exclude from scansI would be helpful to (1) explicitly define the precedence for these configurations (and enforce with TCK tests) and (2) define whether the inclusion of a package or exclusion of a package is recursive. Leaving the detail of package recursion as an implementation decision is a problem for portability.
Relates to smallrye/smallrye-open-api#289
The text was updated successfully, but these errors were encountered: