-
Notifications
You must be signed in to change notification settings - Fork 70
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
openapi.json is unsuitable for generating bindings #1074
Comments
david-rocca
added a commit
that referenced
this issue
Jul 11, 2023
david-rocca
added a commit
that referenced
this issue
Jul 11, 2023
1 task
david-rocca
added a commit
that referenced
this issue
Jul 14, 2023
david-rocca
added a commit
that referenced
this issue
Jul 14, 2023
david-rocca
added a commit
that referenced
this issue
Jul 17, 2023
david-rocca
added a commit
that referenced
this issue
Jul 17, 2023
david-rocca
added a commit
that referenced
this issue
Jul 21, 2023
david-rocca
added a commit
that referenced
this issue
Jul 21, 2023
david-rocca
added a commit
that referenced
this issue
Jul 21, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Prerequisites
Description
The openapi.json at https://cveawg.mitre.org/api-docs/openapi.json isn't suitable for use for generating bindings. Specifically, the CVE Record endpoints don't expose the full CVE JSON 5.0 fields that it accepts, but only a tiny subset; this ends up being mirrored in the bindings, making them nearly unusable for submitting CVEs.
Steps to Reproduce
openapi-generate
(e.g.,brew install openapi-generator
).openapi-generator generate -i https://cveawg.mitre.org/api-docs/openapi.json -g go -o go-cve-api --skip-validate-spec
)Expected behavior:
The bindings generated from openapi.json expose the full functionality of the interface; including the ability to fill out any of the fields defined in CVE JSON 5.0
Actual behavior:
The bindings generated from openapi.json only expose the fields from the "cve record minimum request"; namely,
affected
,descriptions
,problemtypes
, andreferences
.Here is the only struct available to pass into the code to submit updates to records:
Reproduces how often:
Always
Versions
2.1.4
Additional Information
The full set of generated code (along with a few example programs I wrote, partly just to test that it worked at a basic level) can be found here: https://gitlab.com/xen-project/misc/go-cveapi
The text was updated successfully, but these errors were encountered: