New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
express-openapi not coercing parameters that use a $ref in their schema #647
Comments
I ran into a similar problem using version 6.0.0 on npm, specifically the
where the component looks like this:
sending this data
gives this error.
@chadxz As I workaround, I found using json-schema-ref-parser works. Essentially dereference all of the |
is this still an issue? |
As far as I know yes |
I have same problem too. |
It is still an issue in December... version 7.2.0 https://swagger.io/docs/specification/describing-parameters/ |
please submit a PR |
This appears to be a duplicate of issue 483. |
Parameter validations shouldn't silently be ignored; it is important to avoid false negatives. In a worst-case scenario this could be a security issue (though it would likely be detected before then). If express-openapi cannot and will not handle these valid openapi documents it should at least throw an exception when it notices the case. |
From what I see the issue is that openapi-jsonschema-parameters just removes the $ref for any kind of parameters (added some test driven test to verify that). |
When I use a parameter like this:
where the component looks like this:
The parameter that ends up in my controller action hasn't been parsed as the appropriate type. If i inline the schema it works as expected.
Here's a minimal reproduction of my issue: https://github.com/chadxz/param-ref-repro
When i was debugging the issue it looks like there's no support for $ref in openapi-request-coercer, but I don't know if the schema refs should have been resolved prior to getting to that library or not.
The text was updated successfully, but these errors were encountered: