diff --git a/.github/workflows/pnpm-audit.yml b/.github/workflows/pnpm-audit.yml new file mode 100644 index 0000000..6c5fb24 --- /dev/null +++ b/.github/workflows/pnpm-audit.yml @@ -0,0 +1,38 @@ +name: pnpm audit + +on: + workflow_dispatch: + pull_request: + types: + - opened + - synchronize + - reopened + - ready_for_review + paths: + - package.json + - pnpm-lock.yaml + +permissions: + contents: read + +jobs: + audit: + name: audit + runs-on: self-hosted + steps: + - name: Fetch Repository + uses: actions/checkout@v6 + + - name: Set up pnpm + uses: pnpm/action-setup@v4 + with: + version: 10.32.1 + run_install: false + + - name: Set up Node.js + uses: actions/setup-node@v6 + with: + node-version: "lts/*" + + - name: Run pnpm audit + run: pnpm audit --audit-level low diff --git a/README.md b/README.md index 24c3e9d..a2cef34 100644 --- a/README.md +++ b/README.md @@ -29,34 +29,8 @@ This project uses [pre-commit](https://pre-commit.com/ "pre-commit Docs") to reg pre-commit install ``` -For OpenAPI spec maintenance, the repo also includes utility scripts under -`scripts/`: - -```sh -# 1. Rebuild the bundled YAML and JSON artifacts from the design-time source spec -./scripts/bundle-api-spec - -# 2. Validate the bundled YAML artifact -./scripts/validate-api-spec - -# 3. Lint the bundled YAML artifact with the repo Spectral ruleset -./scripts/lint-api-spec - -# 4. Lint hand-authored YAML files -./scripts/lint-yaml-files - -# 5. Check formatting for contract YAML and JSON files -./scripts/check-format-contract-files - -# 6. Compile standalone JSON Schemas -./scripts/check-json-schemas - -# 7. Check for breaking OpenAPI changes against a base ref -./scripts/check-openapi-breaking [base-ref] -``` - -If you use [mise](https://mise.jdx.dev/), install the pinned runtimes from -`mise.toml` and run: +For OpenAPI spec maintenance, use the versioned `mise` tasks from the repo +root: ```sh # Install the pinned Go and Node runtimes for this repo @@ -71,6 +45,10 @@ You can also run each step individually with `mise run bundle-api-spec`, `mise run lint-yaml-files`, `mise run check-format-contract-files`, `mise run check-json-schemas`, and `mise run check-openapi-breaking`. +The underlying Node commands are also available through `pnpm run +bundle:api-spec`, `pnpm run validate:api-spec`, `pnpm run lint:api-spec`, +`pnpm run check:fmt`, and `pnpm run check:schemas`. + ## Policies ### Open Source Policy diff --git a/api-spec/README.md b/api-spec/README.md index 7f99be5..7536b81 100644 --- a/api-spec/README.md +++ b/api-spec/README.md @@ -42,19 +42,19 @@ The public contract in this branch is currently defined in ## Bundling And Checks -Use the repo scripts from the project root: +Use the supported task runner commands from the project root: ```sh -./scripts/bundle-api-spec -./scripts/validate-api-spec -./scripts/lint-api-spec +mise install +mise run check-api-spec ``` -Or, with `mise`: +To run the steps individually: ```sh -mise install -mise run check-api-spec +mise run bundle-api-spec +mise run validate-api-spec +mise run lint-api-spec ``` Bundling produces checked-in versioned artifacts under `api-spec/v0/dist/` and @@ -62,6 +62,10 @@ Bundling produces checked-in versioned artifacts under `api-spec/v0/dist/` and serving; they should always be regenerated from the source files in this directory. +The `mise` tasks call the repo's checked-in Node scripts, so the equivalent +lower-level commands are `pnpm run bundle:api-spec`, `pnpm run +validate:api-spec`, and `pnpm run lint:api-spec`. + ## Pull Request Expectations - Make contract intent clear in the PR description diff --git a/docs/api.md b/docs/api.md index bab46a2..3bc40c1 100644 --- a/docs/api.md +++ b/docs/api.md @@ -10,23 +10,21 @@ caveats. ## Authentication Behavior -- When `SKIP_AUTH=false`, Cognito middleware is enabled globally. -- Middleware reads access token from header: `x-amzn-oidc-accesstoken`. -- Token checks include: - - valid signature via JWKS - - issuer match - - `token_use=access` - - `client_id` claim equals configured app client ID - -If auth fails, response is `401 Unauthorized`. -This applies to `/api/edu` and `/api/v0/veteran-disability-ratings` when auth is -enabled. `/health` is registered before the auth middleware and remains -unauthenticated in the current branch. +- The checked-in v0 contract declares OAuth 2.0 bearer auth in + `api-spec/v0/openapi.yaml`. +- The current Go runtime on this branch does not register Cognito or bearer-token + verification middleware. +- When `SKIP_AUTH=true`, the app attaches `SkipAuthMiddleware`, which injects a + stable local identity into Fiber locals using optional `x-skip-auth-*` + override headers. +- `/health` is registered before that development middleware and remains + unauthenticated. ## Circuit Breaker Behavior -`/health`, `/api/edu`, and `/api/v0/veteran-disability-ratings` are wrapped by -Redis-backed circuit breaker middleware. +`/health`, `POST /api/v0/education-enrollments`, and +`POST /api/v0/veteran-disability-ratings` are wrapped by Redis-backed +circuit-breaker middleware. - On breaker deny/open state: `503 Service Unavailable`. - On Redis state read failures with fail-open (default): request is allowed. @@ -36,45 +34,29 @@ Redis-backed circuit breaker middleware. | Method | Path | Description | Success | Notes | | ------ | ------------------------------ | -------------------------------------- | ----------- | ------------------------------------------------------------------ | | `GET` | `/` | Liveness string | `200` text | Returns `Backend running!` | -| `GET` | `/health` | Redis health check | `200` empty | Registered before auth middleware; pings Redis with 2s timeout | -| `GET` | `/api/edu` | NSC education verification scaffold | `200` JSON | Uses a hardcoded request payload in handler; not the v0 contract | -| `POST` | `/api/v0/veteran-disability-ratings` | Veteran disability status from v0 spec | `200` JSON | Accepts caller-provided identity payload and matches the v0 route | +| `GET` | `/health` | Redis health check | `200` empty | Registered before skip-auth middleware; pings Redis with 2s timeout | +| `GET` | `/api-spec/v1/verify` | Bundled OpenAPI JSON artifact | `200` JSON | Returns the checked-in spec artifact served by `OpenAPISpecHandler` | +| `POST` | `/api/v0/education-enrollments` | Education enrollment verification | `200` JSON | Parses caller JSON and returns `enrollmentStatus` | +| `POST` | `/api/v0/veteran-disability-ratings` | Veteran disability status from v0 spec | `200` JSON | Accepts caller-provided identity payload and returns rating data | -| Method | Path | Description | Success | Notes | -| ------ | --------------------- | ----------------------------------- | ----------- | ----- | -| `GET` | `/` | Liveness string | `200` text | Returns `Backend running!` | -| `GET` | `/status` | Redis health check | `200` empty | Uses 2s Redis ping timeout; wrapped by circuit breaker | -| `GET` | `/api-spec/v1/verify` | Bundled OpenAPI JSON artifact | `200` JSON | Returns `api-spec/dist/openapi.bundled.json` | -| `GET` | `/api/edu` | Education verification passthrough | `200` JSON | Uses hardcoded request payload in handler; wrapped by circuit breaker | - -### NSC Submit Request model (`pkg/education/models_request.go`) +### Education request model (`pkg/education/models_request.go`) ```go type Request struct { - AccountID string `json:"accountId"` - OrganizationName string `json:"organizationName,omitempty"` - CaseReferenceID string `json:"caseReferenceId,omitempty"` - ContactEmail string `json:"contactEmail,omitempty"` - DateOfBirth string `json:"dateOfBirth"` - LastName string `json:"lastName"` - FirstName string `json:"firstName"` - SSN string `json:"ssn,omitempty"` - IdentityDetails []IdentityDetails `json:"identityDetails,omitempty"` - EndClient string `json:"endClient"` - PreviousNames []PreviousName `json:"previousNames,omitempty"` - Terms string `json:"terms"` + FirstName string `json:"firstName"` + MiddleName string `json:"middleName,omitempty"` + LastName string `json:"lastName"` + DateOfBirth string `json:"dateOfBirth"` + SSN string `json:"ssn,omitempty"` + Address *Address `json:"address,omitempty"` } ``` -### NSC Submit Response model (`pkg/education/models_response.go`) +### Education response model (`pkg/education/models_response.go`) ```go type Response struct { - ClientData ClientDataResponse `json:"clientData"` - IdentityDetails []IdentityDetailsResponse `json:"identityDetails"` - Status StatusResponse `json:"status"` - StudentInfoProvided StudentInfoProvidedResponse `json:"studentInfoProvided"` - TransactionDetails TransactionDetailsResponse `json:"transactionDetails"` + EnrollmentStatus EnrollmentStatus `json:"enrollmentStatus"` } ``` @@ -84,18 +66,26 @@ type Response struct { curl -i http://localhost:8000/health ``` -### `/api-spec/v1/verify` +## Example: `/api-spec/v1/verify` ```bash curl -i http://localhost:8000/api-spec/v1/verify ``` -Returns the checked-in bundled OpenAPI JSON artifact with `Content-Type: application/json`. +Returns the checked-in bundled OpenAPI artifact with `Content-Type: +application/json`. -## Example: `/api/edu` (auth skipped locally) +## Example: `/api/v0/education-enrollments` ```bash -curl -i http://localhost:8000/api/edu +curl -i --request POST http://localhost:8000/api/v0/education-enrollments \ + --header 'Content-Type: application/json' \ + --data '{ + "firstName": "Lynette", + "lastName": "Oyola", + "dateOfBirth": "1988-10-24", + "ssn": "123-45-6789" + }' ``` ## Example: `/api/v0/veteran-disability-ratings` @@ -103,7 +93,6 @@ curl -i http://localhost:8000/api/edu ```bash curl -i --request POST http://localhost:8000/api/v0/veteran-disability-ratings \ --header 'Content-Type: application/json' \ - --header 'Authorization: Bearer ' \ --data '{ "firstName": "Lynette", "lastName": "Oyola", @@ -120,14 +109,14 @@ curl -i --request POST http://localhost:8000/api/v0/veteran-disability-ratings \ ## Current-State Caveats -- `/api/edu` currently does not accept caller-provided payload; it submits a hardcoded sample request from handler code. - `main` now injects Redis into `api.New`, so the health route has the Redis client it expects. -- The intended public contract for this branch is versioned under `api-spec/v0/`, and the veteran disability route matches that contract while `/api/edu` remains a runtime-only scaffold. +- The intended public contract for this branch is versioned under `api-spec/v0/`, and both versioned POST routes are registered in the current runtime. +- The current runtime docs do not imply active bearer-token enforcement because no Cognito or bearer verification middleware is wired on this branch. - Error response bodies come from Fiber error handling and may be plain text. ## Assumptions - **High confidence:** This page is a runtime reference, not the public API contract reference. -- **Medium confidence:** `/api/edu` will be removed or reshaped as the runtime - converges on the published v0 contract. +- **Medium confidence:** The checked-in contract and runtime auth behavior are + still converging, so future auth-related docs may need another refresh. diff --git a/docs/architecture.md b/docs/architecture.md index cd17991..1ae847b 100644 --- a/docs/architecture.md +++ b/docs/architecture.md @@ -48,7 +48,7 @@ flowchart LR ## Interfaces and Abstractions - `pkg/education/service.go` - - `type EducationService interface { Submit(ctx context.Context, req Request) (Response, error) }` + - `type Service interface { LookupEnrollmentStatus(ctx context.Context, req Request) (Response, error) }` - `type HTTPTransport interface { Do(req *http.Request) (*http.Response, error) }` - `pkg/core/otel.go` - `type OtelService interface { SpanFromContext; LoggerProvider; Shutdown }` @@ -64,7 +64,7 @@ without route-layer rewrites. - `runServer` starts `app.Listen` in a goroutine and selects on server error or signal context cancellation. - graceful shutdown uses `app.ShutdownWithTimeout(5 * time.Second)`. - Request lifecycle: - - handlers create per-request contexts with timeout (`/health`: 2s, `/api/edu`: 5s, `/api/v0/veteran-disability-ratings`: 5s). + - handlers create per-request contexts with timeout (`/health`: 2s, `/api/v0/education-enrollments`: 30s, `/api/v0/veteran-disability-ratings`: 5s). - Circuit-breaker middleware: - breaker registry map guarded with `sync.RWMutex`. - lazy breaker initialization via double-check lock pattern. @@ -82,11 +82,12 @@ without route-layer rewrites. Ordered middleware in `api.New`: -1. Recover -2. CORS (`*` origin/headers/methods) -3. OpenTelemetry Fiber middleware -4. Structured request logging (trace/span/request IDs) -5. Conditional Cognito auth middleware +1. Request ID propagation +2. Structured request logging (trace/span/request IDs) +3. Recover +4. CORS (`*` origin/headers/methods) +5. OpenTelemetry Fiber middleware +6. Optional `SkipAuthMiddleware` when `SKIP_AUTH=true` ## Dependency Injection Pattern @@ -102,10 +103,9 @@ injects it. ## Technical Caveats (Current State) -- `/api/edu` handler builds a hardcoded request payload instead of binding user input. -- `/health` is registered before the auth middleware, so it remains a runtime-only unauthenticated health route. -- Current runtime routes are a mix of scaffold and contract-aligned paths: `GET /`, `GET /health`, `GET /api/edu`, and `POST /api/v0/veteran-disability-ratings`. -- `GET /api/edu` remains runtime scaffolding, while `POST /api/v0/veteran-disability-ratings` matches the checked-in v0 contract in `api-spec/v0/openapi.yaml`. +- `/health` is registered before the optional skip-auth middleware, so it remains unauthenticated in the current runtime. +- Current runtime routes are `GET /`, `GET /health`, `GET /api-spec/v1/verify`, `POST /api/v0/education-enrollments`, and `POST /api/v0/veteran-disability-ratings`. +- The education and veteran handlers both accept caller-provided JSON bodies, but the checked-in OpenAPI contract still documents auth expectations separately from the currently wired Go middleware stack. - Some tests require local Redis and fail when unavailable. ## Assumptions diff --git a/docs/audit/2026-04-09_11:17:37.md b/docs/audit/2026-04-09_11:17:37.md new file mode 100644 index 0000000..af462d8 --- /dev/null +++ b/docs/audit/2026-04-09_11:17:37.md @@ -0,0 +1,129 @@ +# Documentation Accuracy Review (as of April 09, 2026) + +## Section A: Executive Summary + +**Report date:** `2026-04-09_11:17:37` +**Scope:** `root docs + docs/**/*.md` +**Overall accuracy score:** **68/100** +**Completion gate status:** **FAIL** + +**Risk statement:** + +- Primary runtime docs still describe retired scaffold behavior such as `GET /api/edu`, omit the live `POST /api/v0/education-enrollments` route, and repeat outdated auth and Redis wiring notes that no longer match the current branch. +- Contributor-facing spec-maintenance docs still instruct readers to run shell wrappers that do not exist in `scripts/`, which creates friction for contract work even when the intended `mise` tasks are available. +- The remaining setup drift is narrower: one local-compose note still understates the checked-in stack by omitting Redis. + +## Section B: Severity-Ranked Findings + +| Severity | Doc location | Observed mismatch | Source-of-truth evidence on current branch | Recommended fix | +|---|---|---|---|---| +| `P1` | `docs/api.md:13`; `docs/api.md:22`; `docs/api.md:28`; `docs/api.md:40`; `docs/api.md:46`; `docs/api.md:95`; `docs/api.md:123`; `docs/overview.md:24`; `docs/overview.md:31`; `docs/overview.md:64`; `docs/overview.md:107`; `docs/architecture.md:67`; `docs/architecture.md:89`; `docs/architecture.md:105`; `docs/architecture.md:107`; `docs/features/infrastructure/redis.md:78`; `docs/features/security/cognito-auth.md:5`; `docs/features/security/cognito-auth.md:9`; `docs/features/security/cognito-auth.md:22`; `docs/features/security/cognito-auth.md:44`; `docs/features/security/cognito-auth.md:53` | Runtime docs still say Cognito middleware validates access tokens, that auth and circuit-breaker behavior apply to `GET /api/edu`, that `/status` is a live route, that the education handler uses a hardcoded payload, and that `api.New` may receive nil Redis. The current branch registers `GET /health`, `GET /api-spec/v1/verify`, `POST /api/v0/education-enrollments`, and `POST /api/v0/veteran-disability-ratings`; the education handler parses caller JSON; `main` passes Redis into `api.New`; and the only auth-related middleware wired in `api/app.go` is `SkipAuthMiddleware` when `SKIP_AUTH=true`. | `api/routes/router.go:24`; `api/routes/router.go:45`; `api/routes/router.go:46`; `api/routes/status_router.go:24`; `api/handlers/education_handler.go:43`; `api/app.go:124`; `api/app.go:126`; `api/middleware/middleware.go:23`; `api/middleware/middleware.go:29`; `main.go:100`; `main.go:102` | Rewrite the runtime-facing docs so they describe the current route inventory, current education request handling, the now-correct Redis injection path, and the actual `SKIP_AUTH` development middleware behavior. | +| `P2` | `README.md:32`; `README.md:37`; `README.md:40`; `README.md:43`; `README.md:46`; `README.md:49`; `README.md:52`; `README.md:55`; `api-spec/README.md:45`; `api-spec/README.md:48`; `api-spec/README.md:49`; `api-spec/README.md:50`; `docs/planning/public-api-data-model-design-first.md:160`; `docs/planning/public-api-data-model-design-first.md:164`; `docs/planning/public-api-data-model-design-first.md:167`; `docs/planning/public-api-data-model-design-first.md:170` | Multiple docs instruct contributors to run helper scripts such as `./scripts/bundle-api-spec`, `./scripts/validate-api-spec`, `./scripts/lint-api-spec`, `./scripts/lint-yaml-files`, and `./scripts/check-openapi-breaking`, but those wrapper files are not present under `scripts/`. | `mise.toml:5`; `mise.toml:9`; `mise.toml:13`; `mise.toml:17`; `mise.toml:31`; `mise.toml:45`; `scripts/check-format-contract-files:1`; `scripts/check-json-schemas:1`; `package.json:4`; `package.json:5`; `package.json:6` | Replace missing wrapper references with the supported `mise run ...` or `pnpm run ...` commands that actually exist on this branch. | +| `P2` | `docs/setup.md:16`; `docs/setup.md:18` | Setup docs still list Cognito environment variables that are not read by `core.NewConfigFromEnv`, which can mislead operators about what runtime auth configuration exists on this branch. | `pkg/core/model.go:33`; `pkg/core/config.go:92`; `pkg/core/config.go:110`; `api/app.go:126` | Remove the nonexistent Cognito config row and note that `SKIP_AUTH` controls the current local development identity middleware. | +| `P3` | `docs/setup.md:6` | Setup docs still say the committed compose file provides “API and observability services only,” but the checked-in compose file also includes Redis as a first-class local dependency. | `docker-compose.yml:1`; `docker-compose.yml:12`; `docs/setup.md:83` | Reword the requirements note so it describes the compose stack as API, Redis, and observability services. | + +## Section C: Update Backlog Checklist by Doc File + +### `docs/api.md` + +- [ ] Replace the stale `/api/edu` and `/status` runtime descriptions with the current live routes and examples. +- [ ] Remove the outdated hardcoded-payload caveat and describe caller-provided education request bodies instead. + +### `docs/overview.md` + +- [ ] Update the route inventory and request-flow diagram to use `POST /api/v0/education-enrollments` instead of `GET /api/edu`. + +### `docs/architecture.md` + +- [ ] Refresh concurrency and technical-caveat notes so they align with the current education route and request parsing behavior. + +### `docs/features/infrastructure/redis.md` + +- [ ] Remove the stale nil-Redis wiring caveat now that `main` injects Redis into `api.New`. + +### `docs/features/security/cognito-auth.md` + +- [ ] Replace the stale Cognito verifier description with the currently wired `SkipAuthMiddleware` behavior. + +### `README.md` + +- [ ] Replace missing shell wrapper examples with the supported `mise run ...` and `pnpm run ...` contract workflow commands. + +### `api-spec/README.md` + +- [ ] Replace the missing bundle/validate/lint script examples with supported task-runner commands. + +### `docs/planning/public-api-data-model-design-first.md` + +- [ ] Update the bundle/validate/lint examples so every command exists on this branch. + +### `docs/setup.md` + +- [ ] Correct the compose-stack summary so it includes Redis. +- [ ] Remove nonexistent Cognito env vars from the runtime-config table and explain the current `SKIP_AUTH` behavior. + +## Section D: Hygiene Appendix + +### Commands run + +- `date '+%Y-%m-%d_%H:%M:%S'` +- `git status --short --branch` +- `git log --oneline -n 10` +- `rg --files docs | sort` +- `sed -n '1,260p' README.md` +- `sed -n '1,260p' AGENTS.md` +- `sed -n '1,260p' docs/overview.md` +- `sed -n '1,260p' docs/setup.md` +- `sed -n '1,260p' docs/api.md` +- `sed -n '1,260p' docs/architecture.md` +- `sed -n '1,260p' api-spec/README.md` +- `sed -n '140,230p' docs/planning/public-api-data-model-design-first.md` +- `sed -n '1,220p' api/routes/router.go` +- `sed -n '1,220p' api/routes/status_router.go` +- `sed -n '80,150p' api/app.go` +- `sed -n '1,220p' api/handlers/education_handler.go` +- `sed -n '1,240p' docs/features/infrastructure/redis.md` +- `ls scripts` +- `sed -n '1,240p' mise.toml` +- `sed -n '1,260p' package.json` +- `rg -n "(/api/edu|/status|/api-spec/v1/verify|education-enrollments|veteran-disability-ratings|bundle-api-spec|validate-api-spec|lint-api-spec|check-api-spec|check-contract-files|API and observability services only)" README.md AGENTS.md api-spec/README.md docs/**/*.md` +- `rg -n "hardcoded request payload|hard-coded|does not accept caller-provided payload|GET /api/edu|/status route|nil Redis|receive nil Redis|API and observability services only|./scripts/bundle-api-spec|./scripts/validate-api-spec|./scripts/lint-api-spec" README.md AGENTS.md api-spec/README.md docs/**/*.md` +- `nl -ba api/routes/router.go | sed -n '1,120p'` +- `nl -ba api/routes/status_router.go | sed -n '1,120p'` +- `nl -ba api/app.go | sed -n '80,150p'` +- `nl -ba api/handlers/education_handler.go | sed -n '1,140p'` +- `nl -ba README.md | sed -n '20,110p'` +- `nl -ba api-spec/README.md | sed -n '30,90p'` +- `nl -ba docs/planning/public-api-data-model-design-first.md | sed -n '150,210p'` +- `nl -ba docs/api.md | sed -n '1,170p'` +- `nl -ba docs/overview.md | sed -n '20,130p'` +- `nl -ba docs/architecture.md | sed -n '40,140p'` +- `nl -ba docs/setup.md | sed -n '1,130p'` +- `nl -ba docs/features/infrastructure/redis.md | sed -n '60,100p'` + +### Sensitive-file scan findings + +- A targeted scan of tracked Markdown files found no live private-key or credential material. +- The only token-like value observed during the audit came from the repository's configured `origin` remote URL output, not from tracked documentation content. + +### Markdown link/reference/path validation findings + +- Link/path validation had not been rerun at report-generation time, so this report does not claim a clean markdown hygiene pass yet. +- A follow-up validation pass is required after applying the backlog fixes. + +### Hygiene verdict + +- **Blocker:** The audit remains `FAIL` because unresolved `P1` and `P2` findings are present in runtime and contributor-facing documentation. + +## Section E: Deferred Watchlist (Non-blocking) + +- If the runtime begins serving versioned OpenAPI artifacts from a different path than `GET /api-spec/v1/verify`, update: + - `docs/api.md` + - `docs/overview.md` +- If shell wrappers are later added back under `scripts/`, update: + - `README.md` + - `api-spec/README.md` + - `docs/planning/public-api-data-model-design-first.md` +- If the auth middleware is re-enabled for all routes instead of only when `SKIP_AUTH=true`, update: + - `docs/api.md` + - `docs/features/security/cognito-auth.md` diff --git a/docs/features/README.md b/docs/features/README.md index d19f278..7e59744 100644 --- a/docs/features/README.md +++ b/docs/features/README.md @@ -24,7 +24,7 @@ controls, and resilience patterns without scanning a single flat list. | Component | Purpose | Functionality | |---|---|---| -| [Cognito Auth](security/cognito-auth.md) | Document Cognito access-token validation middleware. | Covers token header/claims checks, local context propagation, and auth-related edge cases. | +| [Skip Auth Middleware](security/cognito-auth.md) | Document the current local development identity middleware. | Covers `SKIP_AUTH` behavior, local identity locals, and current auth-related caveats. | ## Resilience diff --git a/docs/features/core/nsc-education.md b/docs/features/core/nsc-education.md index 94f1644..ce11f88 100644 --- a/docs/features/core/nsc-education.md +++ b/docs/features/core/nsc-education.md @@ -22,7 +22,7 @@ Provides education verification through NSC by submitting a structured JSON requ ## Key Structs and Interfaces -- `EducationService` +- `Service` - `HTTPTransport` - `Options` - `Request` @@ -60,11 +60,11 @@ if err != nil { ## Future Improvements -- Accept caller-provided request payload in HTTP handler. - Add validation for required request fields before submit. - Introduce retry policy with bounded backoff for transient 5xx errors. - Add contract tests against NSC sandbox with fixtures. ## Assumptions -- **Medium confidence:** Current handler payload is a scaffold for integration testing, not final business API behavior. +- **High confidence:** The current HTTP handler accepts caller-provided identity + payloads and passes them into the NSC service layer. diff --git a/docs/features/infrastructure/redis.md b/docs/features/infrastructure/redis.md index d0bbedd..473d788 100644 --- a/docs/features/infrastructure/redis.md +++ b/docs/features/infrastructure/redis.md @@ -75,7 +75,7 @@ if err := redisotel.InstrumentMetrics(rdb); err != nil { ## Assumptions - **High confidence:** Redis is an operational dependency for current startup and status-check behavior. -- **High confidence:** There is an active wiring caveat on `main` where status route setup may receive nil Redis via `api.New` config path until Redis injection is corrected there. +- **High confidence:** `main` now injects Redis into `api.New`, so the health route and circuit-breaker middleware share the same client dependency. --- @@ -95,4 +95,4 @@ if err := redisotel.InstrumentMetrics(rdb); err != nil { `redis-server` -- [ ] Replace with docker container option +- [ ] Replace with docker container option \ No newline at end of file diff --git a/docs/features/security/cognito-auth.md b/docs/features/security/cognito-auth.md index 08f79e6..2d59beb 100644 --- a/docs/features/security/cognito-auth.md +++ b/docs/features/security/cognito-auth.md @@ -1,16 +1,19 @@ -# Feature: Cognito Auth +# Feature: Skip Auth Middleware ## Feature Overview -Validates AWS Cognito access tokens for incoming requests when auth is enabled. +Provides a stable local development identity when `SKIP_AUTH=true`. ## Business Logic -- Read token from `x-amzn-oidc-accesstoken`. -- Load JWKS from Cognito issuer URL. -- Parse and validate JWT claims/signature. -- Enforce `client_id` match with configured app client. -- Add selected claims (`sub`, `username`, `scope`, `groups`) to Fiber locals. +- Read optional override headers: + - `x-skip-auth-sub` + - `x-skip-auth-username` + - `x-skip-auth-scope` + - `x-skip-auth-groups` +- Fall back to deterministic local defaults when override headers are absent. +- Add `sub`, `username`, `scope`, and `groups` values to Fiber locals. +- Continue request handling without external token verification. ## Package Location @@ -19,45 +22,44 @@ Validates AWS Cognito access tokens for incoming requests when auth is enabled. ## Key Structs and Interfaces -- `CognitoConfig` -- `CognitoVerifier` -- `NewCognitoVerifier` -- `FiberMiddleware` +- `SkipAuthMiddleware` +- `parseGroups` ## Real Code Excerpt ```go -tok, err := jwt.Parse( - []byte(raw), - jwt.WithKeySet(keyset), - jwt.WithValidate(true), - jwt.WithIssuer(v.issuer), - jwt.WithClaimValue("token_use", "access"), -) -if err != nil { - return fiber.ErrUnauthorized +scope := c.Get(skipAuthHeaderScope) +if scope == "" { + scope = defaultSkipAuthScope } + +c.Locals("sub", sub) +c.Locals("username", username) +c.Locals("scope", scope) +c.Locals("groups", groups) ``` ## Edge Cases Handled Today -- Missing token header returns `401`. -- JWKS retrieval failures return unauthorized error. -- Invalid or mismatched `client_id` returns `401`. -- Config validation blocks startup if required cognito settings are missing. +- Missing override headers still produce a stable local identity. +- Empty `x-skip-auth-groups` values are filtered out after splitting on commas. +- The middleware is only attached when `cfg.Core.SkipAuth` is true. ## Performance and Operational Considerations -- JWKS uses `jwk.Cache` to avoid repeated key fetches. -- Request-time auth check includes a 5-second context timeout. -- Middleware is globally applied unless `SKIP_AUTH=true`. +- The middleware is fully in-process and does not call an external identity + provider. +- Local identity defaults make test and dev workflows deterministic. +- The current branch does not implement Cognito JWT verification middleware. ## Future Improvements -- Add explicit middleware unit/integration tests. -- Support configurable token header name for proxy variations. -- Improve unauthorized response detail for operator troubleshooting while preserving security posture. +- Add a separate production auth middleware once runtime auth enforcement is + implemented. +- Document how local identity locals should map to any future bearer-token + claims model. ## Assumptions -- **High confidence:** Current claim checks are intentionally minimal and focused on access-token validity plus client binding. +- **High confidence:** This page reflects the only auth-related middleware + currently wired in the Go application. diff --git a/docs/guides/01-getting-started.md b/docs/guides/01-getting-started.md index 4fcbcd3..5f90f60 100644 --- a/docs/guides/01-getting-started.md +++ b/docs/guides/01-getting-started.md @@ -13,7 +13,7 @@ You must be able to: | Requirement | Details | | --------------------------- |---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| Obtain Credentials | Reach out to [emmy@cms.hhs.gov](emmy@cms.hhs.gov), requesting a sandbox credential and working with the CMS emmy team to get onboarded and receive your client ID and secret via encrypted channel. | +| Obtain Credentials | Reach out to [emmy@cms.hhs.gov](mailto:emmy@cms.hhs.gov), requesting a sandbox credential and working with the CMS Emmy team to get onboarded and receive your client ID and secret via encrypted channel. | | Access Emmy API Endpoints | The onboarding process will have provided you the endpoint URL. You must have outbound network/firewall access to this host. | | Make HTTP POST (REST) Calls | Your system (or testing tool) must be capable of making HTTP POST calls where you can supply specific headers in the request. | diff --git a/docs/overview.md b/docs/overview.md index 4a81059..b966c03 100644 --- a/docs/overview.md +++ b/docs/overview.md @@ -3,8 +3,8 @@ ## Purpose The Verification Service API provides a unified HTTP interface for eligibility -verification workflows, currently focused on a runtime education scaffold, a -Redis-backed health check, and the checked-in v0 veteran disability contract. +verification workflows, currently focused on versioned education and veteran +verification routes plus Redis-backed health/status behavior. This service evolved from consent-based verification work and is intended to reduce manual burden during benefits eligibility evaluation. @@ -21,16 +21,16 @@ Runtime dependencies in current implementation: - Fiber (`github.com/gofiber/fiber/v2`) for HTTP server and routing. - Redis (`github.com/redis/go-redis/v9`) for health checks and distributed circuit-breaker state. - NSC endpoints (`NSC_TOKEN_URL`, `NSC_SUBMIT_URL`) for education verification. -- AWS Cognito JWKS/JWT validation for request authentication (when `SKIP_AUTH=false`). +- Optional local identity injection via `SkipAuthMiddleware` when `SKIP_AUTH=true`. - OpenTelemetry OTLP exporter for tracing/metrics/log fanout. ## Key Packages - `main`: process bootstrap, env/config load, OTel startup, Redis client init, route registration, graceful shutdown. - `api`: Fiber app construction and shared middleware setup. -- `api/routes`: endpoint registration (`/`, `/health`, `/api/edu`, `/api/v0/veteran-disability-ratings`). -- `api/handlers`: HTTP handlers for Redis health, education scaffolding, and veteran verification. -- `api/middleware`: Cognito auth and circuit-breaker middleware. +- `api/routes`: endpoint registration (`/`, `/health`, `/api-spec/v1/verify`, `/api/v0/education-enrollments`, `/api/v0/veteran-disability-ratings`). +- `api/handlers`: HTTP handlers for Redis health, spec serving, education verification, and veteran verification. +- `api/middleware`: development identity injection and circuit-breaker middleware. - `pkg/core`: configuration, logger, OTel service abstractions/utilities. - `pkg/education`: NSC service abstraction and HTTP/OAuth submit flow. - `pkg/veteran`: VA service abstraction and JWT client-assertion flow. @@ -40,7 +40,7 @@ Runtime dependencies in current implementation: ## Design Principles (Observed) - Explicit startup configuration from environment via `core.NewConfigFromEnv()`. -- Interface-driven boundaries for integration points (`EducationService`, `HTTPTransport`, `OtelService`, `Breaker`). +- Interface-driven boundaries for integration points (`Service`, `HTTPTransport`, `OtelService`, `Breaker`). - Middleware-first cross-cutting concerns (recovery, CORS, tracing, request logging, auth, circuit breaking). - Operational defaults favoring availability in unknown breaker state (`FailOpen=true` by default). @@ -49,9 +49,9 @@ Runtime dependencies in current implementation: ```mermaid flowchart TD A[Client] --> B[Fiber App] - B --> C[Recover + CORS + OTel + Slog middleware] - C --> D{SKIP_AUTH == false?} - D -->|Yes| E[Cognito JWT Verifier] + B --> C[Request ID + Slog + Recover + CORS + OTel middleware] + C --> D{SKIP_AUTH == true?} + D -->|Yes| E[SkipAuthMiddleware] D -->|No| F[Route Handler] E --> F @@ -61,7 +61,7 @@ flowchart TD G -->|Yes: /health| I[Redis Ping] I --> J[200 OK or Fiber Error] - G -->|Yes: /api/edu| K[EducationService.Submit] + G -->|Yes: POST /api/v0/education-enrollments| K[EducationHandler parses JSON] K --> L[OAuth2 client credentials token] L --> M[NSC submit endpoint] M --> N[JSON response] @@ -104,8 +104,9 @@ Initial requirements referenced `/docs/planing`; this repo standardizes on - **High confidence:** Redis is the only persistent/shared runtime store currently used by this service. -- **High confidence:** `/api/edu` is presently implementation scaffolding and - should not be treated as the public contract for this branch. +- **High confidence:** `POST /api/v0/education-enrollments` and + `POST /api/v0/veteran-disability-ratings` are the live versioned verification + routes in the current runtime. - **High confidence:** `POST /api/v0/veteran-disability-ratings` is the current checked-in v0 contract path for veteran verification. - **Medium confidence:** Additional verification domains beyond the current diff --git a/docs/planning/public-api-data-model-design-first.md b/docs/planning/public-api-data-model-design-first.md index 2fc14ce..80645c5 100644 --- a/docs/planning/public-api-data-model-design-first.md +++ b/docs/planning/public-api-data-model-design-first.md @@ -160,26 +160,25 @@ service behavior or superseded response envelopes. ### 2. Bundle, Validate, and Lint ```bash -# 1. Bundle the checked-in YAML and JSON artifacts (required for multi-file refs) -./scripts/bundle-api-spec - -# 2. Validate OpenAPI structure -./scripts/validate-api-spec +# Install the pinned toolchain +mise install -# 3. Lint style and governance rules -./scripts/lint-api-spec +# Bundle, validate, and lint the checked-in spec artifacts +mise run check-api-spec ``` Using `mise`, the same workflow is available as: ```bash -mise install mise run bundle-api-spec mise run validate-api-spec mise run lint-api-spec mise run check-api-spec ``` +The underlying package scripts are `pnpm run bundle:api-spec`, +`pnpm run validate:api-spec`, and `pnpm run lint:api-spec`. + Starter `.spectral.yaml` (commit and version in repo): ```yaml diff --git a/docs/setup.md b/docs/setup.md index e345c32..6d6c0dc 100644 --- a/docs/setup.md +++ b/docs/setup.md @@ -4,7 +4,7 @@ - Go `1.25.x` (`go.mod` sets `go 1.25`). - Docker and Docker Compose for containerized local workflows. The committed - compose file currently provides API and observability services only. + compose file currently provides the API, Redis, and observability services. - Local Redis at `localhost:6379` for runtime health checks and several tests. ## Environment Variables @@ -15,7 +15,6 @@ |---|---|---| | Service | `ENVIRONMENT`, `PORT`, `SKIP_AUTH` | `development`, `3000`, `false` | | OTel | `OTEL_DISABLE`, `OTEL_OTLP_EXPORTER_ENDPOINT`, `OTEL_OTLP_EXPORTER_INSECURE` | `true`, `localhost:4317`, `false` | -| Cognito | `COGNITO_REGION`, `COGNITO_USER_POOL_ID`, `COGNITO_APP_CLIENT_ID` | `us-east-1`, `UNSET`, `UNSET` | | Redis | `REDIS_ADDR`, `REDIS_PASSWORD`, `REDIS_DB`, `REDIS_USE_TLS`, `REDIS_INSECURE_SKIP_VERIFY` | `localhost:6379`, empty, `0`, `true`, `false` | | NSC | `NSC_SUBMIT_URL`, `NSC_TOKEN_URL`, `NSC_CLIENT_SECRET`, `NSC_CLIENT_ID`, `NSC_ACCOUNT_ID` | empty | | VA | `VA_BASE_URL`, `VA_TOKEN_URL`, `VA_CLIENT_ID`, `VA_AUD`, `VA_PRIVATE_KEY_PATH`, `VA_TIMEOUT_SECONDS` | empty, empty, empty, empty, empty, `5` | @@ -23,6 +22,9 @@ - The table above reflects code defaults from `pkg/core/config.go`. - `.env.example` overrides the local example port to `PORT=8000` and includes placeholders for VA veteran-verification credentials. +- The current branch does not wire Cognito-specific config or auth middleware at + runtime; `SKIP_AUTH=true` enables the local development identity middleware in + `api/middleware/middleware.go`. - VA authentication uses a signed JWT client assertion, so the configured private key path must point to a readable RSA PEM file on disk. - Populate the VA values before exercising diff --git a/package.json b/package.json index 94036e0..a8c746a 100644 --- a/package.json +++ b/package.json @@ -35,15 +35,22 @@ "@cspell/dict-software-terms": "^5.2.2", "@cspell/dict-sql": "^2.2.1", "@cspell/dict-typescript": "^3.2.3", - "@redocly/cli": "^1.34.5", + "@redocly/cli": "^2.25.4", "@stoplight/spectral-cli": "^6.15.0", "ajv": "^8.18.0", - "ajv-cli": "^5.0.0", "ajv-formats": "^3.0.1", "cspell": "^9.7.0", "glob": "^13.0.6", "markdownlint-cli2": "^0.22.0", - "prettier": "^3.6.2", + "prettier": "^3.8.1", "typescript": "^6.0.2" + }, + "pnpm": { + "overrides": { + "markdownlint-cli2>smol-toml": "1.6.1", + "@stoplight/spectral-ruleset-bundler>rollup": "2.80.0", + "@stoplight/spectral-core>minimatch": "3.1.5", + "lodash": "4.18.0" + } } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 56e2583..88b3b1f 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -4,6 +4,12 @@ settings: autoInstallPeers: true excludeLinksFromLockfile: false +overrides: + markdownlint-cli2>smol-toml: 1.6.1 + '@stoplight/spectral-ruleset-bundler>rollup': 2.80.0 + '@stoplight/spectral-core>minimatch': 3.1.5 + lodash: 4.18.0 + importers: .: @@ -78,17 +84,14 @@ importers: specifier: ^3.2.3 version: 3.2.3 '@redocly/cli': - specifier: ^1.34.5 - version: 1.34.11(ajv@8.18.0) + specifier: ^2.25.4 + version: 2.25.4(@opentelemetry/api@1.9.0)(core-js@3.32.1) '@stoplight/spectral-cli': specifier: ^6.15.0 version: 6.15.0 ajv: specifier: ^8.18.0 version: 8.18.0 - ajv-cli: - specifier: ^5.0.0 - version: 5.0.0 ajv-formats: specifier: ^3.0.1 version: 3.0.1(ajv@8.18.0) @@ -102,7 +105,7 @@ importers: specifier: ^0.22.0 version: 0.22.0 prettier: - specifier: ^3.6.2 + specifier: ^3.8.1 version: 3.8.1 typescript: specifier: ^6.0.2 @@ -410,10 +413,6 @@ packages: resolution: {integrity: sha512-RE815I4arJFtt+FVeU1Tgp9/Xvecacji8w/V6XtXsWWH/wz/eNkNbhb+ny/+PlVZjV0rxQpRSQKNKE3lcktHEA==} engines: {node: '>=10.10.0'} - '@jest/schemas@29.6.3': - resolution: {integrity: sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA==} - engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} - '@jsdevtools/ono@7.1.3': resolution: {integrity: sha512-4JQNk+3mVzK3xh2rqd6RB4J46qUR19azEHBneZyTZM+c456qOrbbM/5xcR8huNCCcbVt7+UmizG6GuUvPvKUYg==} @@ -435,6 +434,10 @@ packages: peerDependencies: jsep: ^0.4.0||^1.0.0 + '@noble/hashes@1.8.0': + resolution: {integrity: sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A==} + engines: {node: ^14.21.3 || >=16} + '@nodelib/fs.scandir@2.1.5': resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} engines: {node: '>= 8'} @@ -447,88 +450,76 @@ packages: resolution: {integrity: sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==} engines: {node: '>= 8'} - '@opentelemetry/api-logs@0.53.0': - resolution: {integrity: sha512-8HArjKx+RaAI8uEIgcORbZIPklyh1YLjPSBus8hjRmvLi6DeFzgOcdZ7KwPabKj8mXF8dX0hyfAyGfycz0DbFw==} - engines: {node: '>=14'} + '@opentelemetry/api-logs@0.202.0': + resolution: {integrity: sha512-fTBjMqKCfotFWfLzaKyhjLvyEyq5vDKTTFfBmx21btv3gvy8Lq6N5Dh2OzqeuN4DjtpSvNT1uNVfg08eD2Rfxw==} + engines: {node: '>=8.0.0'} '@opentelemetry/api@1.9.0': resolution: {integrity: sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==} engines: {node: '>=8.0.0'} - '@opentelemetry/context-async-hooks@1.26.0': - resolution: {integrity: sha512-HedpXXYzzbaoutw6DFLWLDket2FwLkLpil4hGCZ1xYEIMTcivdfwEOISgdbLEWyG3HW52gTq2V9mOVJrONgiwg==} - engines: {node: '>=14'} + '@opentelemetry/context-async-hooks@2.0.1': + resolution: {integrity: sha512-XuY23lSI3d4PEqKA+7SLtAgwqIfc6E/E9eAQWLN1vlpC53ybO3o6jW4BsXo1xvz9lYyyWItfQDDLzezER01mCw==} + engines: {node: ^18.19.0 || >=20.6.0} peerDependencies: '@opentelemetry/api': '>=1.0.0 <1.10.0' - '@opentelemetry/core@1.26.0': - resolution: {integrity: sha512-1iKxXXE8415Cdv0yjG3G6hQnB5eVEsJce3QaawX8SjDn0mAS0ZM8fAbZZJD4ajvhC15cePvosSCut404KrIIvQ==} - engines: {node: '>=14'} + '@opentelemetry/core@2.0.1': + resolution: {integrity: sha512-MaZk9SJIDgo1peKevlbhP6+IwIiNPNmswNL4AF0WaQJLbHXjr9SrZMgS12+iqr9ToV4ZVosCcc0f8Rg67LXjxw==} + engines: {node: ^18.19.0 || >=20.6.0} peerDependencies: '@opentelemetry/api': '>=1.0.0 <1.10.0' - '@opentelemetry/exporter-trace-otlp-http@0.53.0': - resolution: {integrity: sha512-m7F5ZTq+V9mKGWYpX8EnZ7NjoqAU7VemQ1E2HAG+W/u0wpY1x0OmbxAXfGKFHCspdJk8UKlwPGrpcB8nay3P8A==} - engines: {node: '>=14'} - peerDependencies: - '@opentelemetry/api': ^1.0.0 - - '@opentelemetry/otlp-exporter-base@0.53.0': - resolution: {integrity: sha512-UCWPreGQEhD6FjBaeDuXhiMf6kkBODF0ZQzrk/tuQcaVDJ+dDQ/xhJp192H9yWnKxVpEjFrSSLnpqmX4VwX+eA==} - engines: {node: '>=14'} - peerDependencies: - '@opentelemetry/api': ^1.0.0 - - '@opentelemetry/otlp-transformer@0.53.0': - resolution: {integrity: sha512-rM0sDA9HD8dluwuBxLetUmoqGJKSAbWenwD65KY9iZhUxdBHRLrIdrABfNDP7aiTjcgK8XFyTn5fhDz7N+W6DA==} - engines: {node: '>=14'} + '@opentelemetry/exporter-trace-otlp-http@0.202.0': + resolution: {integrity: sha512-/hKE8DaFCJuaQqE1IxpgkcjOolUIwgi3TgHElPVKGdGRBSmJMTmN/cr6vWa55pCJIXPyhKvcMrbrya7DZ3VmzA==} + engines: {node: ^18.19.0 || >=20.6.0} peerDependencies: '@opentelemetry/api': ^1.3.0 - '@opentelemetry/propagator-b3@1.26.0': - resolution: {integrity: sha512-vvVkQLQ/lGGyEy9GT8uFnI047pajSOVnZI2poJqVGD3nJ+B9sFGdlHNnQKophE3lHfnIH0pw2ubrCTjZCgIj+Q==} - engines: {node: '>=14'} + '@opentelemetry/otlp-exporter-base@0.202.0': + resolution: {integrity: sha512-nMEOzel+pUFYuBJg2znGmHJWbmvMbdX5/RhoKNKowguMbURhz0fwik5tUKplLcUtl8wKPL1y9zPnPxeBn65N0Q==} + engines: {node: ^18.19.0 || >=20.6.0} peerDependencies: - '@opentelemetry/api': '>=1.0.0 <1.10.0' + '@opentelemetry/api': ^1.3.0 - '@opentelemetry/propagator-jaeger@1.26.0': - resolution: {integrity: sha512-DelFGkCdaxA1C/QA0Xilszfr0t4YbGd3DjxiCDPh34lfnFr+VkkrjV9S8ZTJvAzfdKERXhfOxIKBoGPJwoSz7Q==} - engines: {node: '>=14'} + '@opentelemetry/otlp-transformer@0.202.0': + resolution: {integrity: sha512-5XO77QFzs9WkexvJQL9ksxL8oVFb/dfi9NWQSq7Sv0Efr9x3N+nb1iklP1TeVgxqJ7m1xWiC/Uv3wupiQGevMw==} + engines: {node: ^18.19.0 || >=20.6.0} peerDependencies: - '@opentelemetry/api': '>=1.0.0 <1.10.0' + '@opentelemetry/api': ^1.3.0 - '@opentelemetry/resources@1.26.0': - resolution: {integrity: sha512-CPNYchBE7MBecCSVy0HKpUISEeJOniWqcHaAHpmasZ3j9o6V3AyBzhRc90jdmemq0HOxDr6ylhUbDhBqqPpeNw==} - engines: {node: '>=14'} + '@opentelemetry/resources@2.0.1': + resolution: {integrity: sha512-dZOB3R6zvBwDKnHDTB4X1xtMArB/d324VsbiPkX/Yu0Q8T2xceRthoIVFhJdvgVM2QhGVUyX9tzwiNxGtoBJUw==} + engines: {node: ^18.19.0 || >=20.6.0} peerDependencies: - '@opentelemetry/api': '>=1.0.0 <1.10.0' + '@opentelemetry/api': '>=1.3.0 <1.10.0' - '@opentelemetry/sdk-logs@0.53.0': - resolution: {integrity: sha512-dhSisnEgIj/vJZXZV6f6KcTnyLDx/VuQ6l3ejuZpMpPlh9S1qMHiZU9NMmOkVkwwHkMy3G6mEBwdP23vUZVr4g==} - engines: {node: '>=14'} + '@opentelemetry/sdk-logs@0.202.0': + resolution: {integrity: sha512-pv8QiQLQzk4X909YKm0lnW4hpuQg4zHwJ4XBd5bZiXcd9urvrJNoNVKnxGHPiDVX/GiLFvr5DMYsDBQbZCypRQ==} + engines: {node: ^18.19.0 || >=20.6.0} peerDependencies: '@opentelemetry/api': '>=1.4.0 <1.10.0' - '@opentelemetry/sdk-metrics@1.26.0': - resolution: {integrity: sha512-0SvDXmou/JjzSDOjUmetAAvcKQW6ZrvosU0rkbDGpXvvZN+pQF6JbK/Kd4hNdK4q/22yeruqvukXEJyySTzyTQ==} - engines: {node: '>=14'} + '@opentelemetry/sdk-metrics@2.0.1': + resolution: {integrity: sha512-wf8OaJoSnujMAHWR3g+/hGvNcsC16rf9s1So4JlMiFaFHiE4HpIA3oUh+uWZQ7CNuK8gVW/pQSkgoa5HkkOl0g==} + engines: {node: ^18.19.0 || >=20.6.0} peerDependencies: - '@opentelemetry/api': '>=1.3.0 <1.10.0' + '@opentelemetry/api': '>=1.9.0 <1.10.0' - '@opentelemetry/sdk-trace-base@1.26.0': - resolution: {integrity: sha512-olWQldtvbK4v22ymrKLbIcBi9L2SpMO84sCPY54IVsJhP9fRsxJT194C/AVaAuJzLE30EdhhM1VmvVYR7az+cw==} - engines: {node: '>=14'} + '@opentelemetry/sdk-trace-base@2.0.1': + resolution: {integrity: sha512-xYLlvk/xdScGx1aEqvxLwf6sXQLXCjk3/1SQT9X9AoN5rXRhkdvIFShuNNmtTEPRBqcsMbS4p/gJLNI2wXaDuQ==} + engines: {node: ^18.19.0 || >=20.6.0} peerDependencies: - '@opentelemetry/api': '>=1.0.0 <1.10.0' + '@opentelemetry/api': '>=1.3.0 <1.10.0' - '@opentelemetry/sdk-trace-node@1.26.0': - resolution: {integrity: sha512-Fj5IVKrj0yeUwlewCRwzOVcr5avTuNnMHWf7GPc1t6WaT78J6CJyF3saZ/0RkZfdeNO8IcBl/bNcWMVZBMRW8Q==} - engines: {node: '>=14'} + '@opentelemetry/sdk-trace-node@2.0.1': + resolution: {integrity: sha512-UhdbPF19pMpBtCWYP5lHbTogLWx9N0EBxtdagvkn5YtsAnCBZzL7SjktG+ZmupRgifsHMjwUaCCaVmqGfSADmA==} + engines: {node: ^18.19.0 || >=20.6.0} peerDependencies: '@opentelemetry/api': '>=1.0.0 <1.10.0' - '@opentelemetry/semantic-conventions@1.27.0': - resolution: {integrity: sha512-sAay1RrB+ONOem0OZanAR1ZI/k7yDpnOQSQmTMuGImUQb2y8EbSaCJ94FQluM74xoU03vlb2d2U90hZluL6nQg==} + '@opentelemetry/semantic-conventions@1.34.0': + resolution: {integrity: sha512-aKcOkyrorBGlajjRdVoJWHTxfxO1vCNHLJVlSDaRHDIdjU+pX8IYQPvPDkYiujKLbRnWU+1TBwEt0QRgSm4SGA==} engines: {node: '>=14'} '@protobufjs/aspromise@1.1.2': @@ -564,21 +555,34 @@ packages: '@redocly/ajv@8.11.2': resolution: {integrity: sha512-io1JpnwtIcvojV7QKDUSIuMN/ikdOUd1ReEnUnMKGfDVridQZ31J0MmIuqwuRjWDZfmvr+Q0MqCcfHM2gTivOg==} - '@redocly/cli@1.34.11': - resolution: {integrity: sha512-NTFegt2uQ0A4xewDPcTadsZYSlmEUzF7wnvRgmFI8Ftvjpq/coIdr9EQPmCF6wjrh9UBKdz2rMNckxLo/jhViA==} - engines: {node: '>=18.17.0', npm: '>=9.5.0'} + '@redocly/ajv@8.18.0': + resolution: {integrity: sha512-F+LMD2IDIXuHxgpLJh3nkLj9+tSaEzoUWd+7fONGq5pe2169FUDjpEkOfEpoGLz1sbZni/69p07OsecNfAOpqA==} + + '@redocly/cli-otel@0.1.2': + resolution: {integrity: sha512-Bg7BoO5t1x3lVK+KhA5aGPmeXpQmdf6WtTYHhelKJCsQ+tRMiJoFAQoKHoBHAoNxXrhlS3K9lKFLHGmtxsFQfA==} + + '@redocly/cli@2.25.4': + resolution: {integrity: sha512-ypBv8ZhckTzcOfsFH2VILsLqk00bJ1tI0POtlaEf8z0rDsnmD8auUETkMzw8wlUB+aQM7+VSzpSsmcmqeSgzWQ==} + engines: {node: '>=22.12.0 || >=20.19.0 <21.0.0', npm: '>=10'} hasBin: true '@redocly/config@0.22.0': resolution: {integrity: sha512-gAy93Ddo01Z3bHuVdPWfCwzgfaYgMdaZPcfL7JZ7hWJoK9V0lXDbigTWkhiPFAaLWzbOJ+kbUQG1+XwIm0KRGQ==} + '@redocly/config@0.46.0': + resolution: {integrity: sha512-FZEprNEkmLITKKdv5blIai1qiCcc4dn5+96AjWnmFQmH/oz/OyBiXBSi752/M+Wmype7aH2uRywSCuYlu4CgVA==} + '@redocly/openapi-core@1.34.11': resolution: {integrity: sha512-V09ayfnb5GyysmvARbt+voFZAjGcf7hSYxOYxSkCc4fbH/DTfq5YWoec8cflvmHHqyIFbqvmGKmYFzqhr9zxDg==} engines: {node: '>=18.17.0', npm: '>=9.5.0'} - '@redocly/respect-core@1.34.11': - resolution: {integrity: sha512-0USZA1iRkyCZN/o5ZmgJ9vFVfWe5dE6m2IabF4g7s8EWJErbRFc8LoJ20hfoR75yGUfde+0vTPNOG5T9dlqq1g==} - engines: {node: '>=18.17.0', npm: '>=9.5.0'} + '@redocly/openapi-core@2.25.4': + resolution: {integrity: sha512-zYdKQEsowPNtkTixrfbn5DySWBLQpTsISthVBBEPAa3OZC75UI76CbHXEamJ8Kmlead9IkD5RbgeJvxqJ5/H6Q==} + engines: {node: '>=22.12.0 || >=20.19.0 <21.0.0', npm: '>=10'} + + '@redocly/respect-core@2.25.4': + resolution: {integrity: sha512-0xMbcSft+9Q2sO1wSJMxo510Aqc/kGF/AmUK3OaLQvGvKUgOqq2Op/0aorNQJk6s8WBEH4UN4eFt7fUzUeXs8g==} + engines: {node: '>=22.12.0 || >=20.19.0 <21.0.0', npm: '>=10'} '@rollup/plugin-commonjs@22.0.2': resolution: {integrity: sha512-//NdP6iIwPbMTcazYsiBMbJW7gfmpHom33u1beiIoHDEM0Q9clvtQB1T0efvMqHeKsGohiHo97BCPCkBXdscwg==} @@ -592,9 +596,6 @@ packages: peerDependencies: rollup: ^1.20.0||^2.0.0 - '@sinclair/typebox@0.27.10': - resolution: {integrity: sha512-MTBk/3jGLNB2tVxv6uLlFh1iu64iYOQ2PbdOSK3NW8JZsmlaOh2q6sdtKowBhfw8QFLmYNzTW4/oK4uATIi6ZA==} - '@sindresorhus/merge-streams@4.0.0': resolution: {integrity: sha512-tlqY9xq5ukxTUZBmoOp+m61cqwQD5pHJtFY3Mn8CA8ps6yghLH/Hw8UPdqg4OLmFW3IFlcXnQNmo/dh8HzXYIQ==} engines: {node: '>=18'} @@ -746,15 +747,6 @@ packages: resolution: {integrity: sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==} engines: {node: '>= 14'} - ajv-cli@5.0.0: - resolution: {integrity: sha512-LY4m6dUv44HTyhV+u2z5uX4EhPYTM38Iv1jdgDJJJCyOOuqB8KtZEGjPZ2T+sh5ZIJrXUfgErYx/j3gLd3+PlQ==} - hasBin: true - peerDependencies: - ts-node: '>=9.0.0' - peerDependenciesMeta: - ts-node: - optional: true - ajv-draft-04@1.0.0: resolution: {integrity: sha512-mv00Te6nmYbRp5DCwclxtt7yV/joXJPGS7nM+97GdxvuttCOfgI3K4U25zboyeX0O+myI8ERluxQe5wljMmVIw==} peerDependencies: @@ -799,14 +791,6 @@ packages: resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} engines: {node: '>=8'} - ansi-styles@5.2.0: - resolution: {integrity: sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==} - engines: {node: '>=10'} - - anymatch@3.1.3: - resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==} - engines: {node: '>= 8'} - argparse@1.0.10: resolution: {integrity: sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==} @@ -839,9 +823,6 @@ packages: resolution: {integrity: sha512-hsU18Ae8CDTR6Kgu9DYf0EbCr/a5iGL0rytQDobUcdpYOKokk8LEjVphnXkDkgpi0wYVsqrXuP0bZxJaTqdgoA==} engines: {node: '>= 0.4'} - asynckit@0.4.0: - resolution: {integrity: sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==} - available-typed-arrays@1.0.7: resolution: {integrity: sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==} engines: {node: '>= 0.4'} @@ -859,10 +840,6 @@ packages: peerDependencies: ajv: 4.11.8 - 8 - binary-extensions@2.3.0: - resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} - engines: {node: '>=8'} - brace-expansion@1.1.13: resolution: {integrity: sha512-9ZLprWS6EENmhEOpjCYW2c8VkmOvckIJZfkr7rBW6dObmfgJ/L1GpSYW5Hpo9lDz4D1+n0Ckz8rU7FwHDQiG/w==} @@ -877,16 +854,9 @@ packages: resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} engines: {node: '>=8'} - buffer-from@1.1.2: - resolution: {integrity: sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==} - builtins@1.0.3: resolution: {integrity: sha512-uYBjakWipfaO/bXI7E8rq6kpwHRZK5cNYrUv2OzZSI/FvmdMyXJ2tG9dKcjEC5YHmHpUAwsargWIZNWdxb/bnQ==} - bundle-name@4.1.0: - resolution: {integrity: sha512-tjwM5exMg6BGRI+kNmTntNsvdZS1X8BFYS6tnJ2hdH0kVxM6/eVZ2xy+FqStSWvYmtfFMDLIxurorHwDKfDz5Q==} - engines: {node: '>=18'} - call-bind-apply-helpers@1.0.2: resolution: {integrity: sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==} engines: {node: '>= 0.4'} @@ -934,10 +904,6 @@ packages: character-reference-invalid@2.0.1: resolution: {integrity: sha512-iBZ4F4wRbyORVsu0jPV7gXkOsGYjGHPmAyv+HiHG8gi5PtC9KI2j1+v8/tlibRvjoWX027ypmG/n0HtO5t7unw==} - chokidar@3.5.3: - resolution: {integrity: sha512-Dr3sfKRP6oTcjf2JmUmFJfeVMvXBdegxB0iVQ5eb2V10uFJUCAS8OByZdVAyVb8xXNz3GjjTgj9kLWsZTqE6kw==} - engines: {node: '>= 8.10.0'} - classnames@2.5.1: resolution: {integrity: sha512-saHYOzhIQs6wy2sVxTM6bUDsQO4F50V9RQ22qBpEdCW+I+/Wmke2HOl6lS6dTpdxVhb88/I6+Hs+438c3lfUow==} @@ -972,10 +938,6 @@ packages: colorette@2.0.20: resolution: {integrity: sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==} - combined-stream@1.0.8: - resolution: {integrity: sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==} - engines: {node: '>= 0.8'} - commander@14.0.3: resolution: {integrity: sha512-H+y0Jo/T1RZ9qPP4Eh1pkcQcLRglraJaSLoyOtHxu6AapkjWVCy2Sit1QQ4x3Dng8qDlSsZEet7g5Pq06MvTgw==} engines: {node: '>=20'} @@ -994,10 +956,6 @@ packages: concat-map@0.0.1: resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} - concat-stream@2.0.0: - resolution: {integrity: sha512-MWufYdFw53ccGjCA+Ol7XJYpAlW6/prSMzuPOTRnJGcGzuhLn4Scrz7qf6o8bROZ514ltazcIFJZevcfbo0x7A==} - engines: {'0': node >= 6.0} - cookie@0.7.2: resolution: {integrity: sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==} engines: {node: '>= 0.6'} @@ -1090,30 +1048,14 @@ packages: decode-named-character-reference@1.3.0: resolution: {integrity: sha512-GtpQYB283KrPp6nRw50q3U9/VfOutZOe103qlN7BPP6Ad27xYnOIWv4lPzo8HCAL+mMZofJ9KEy30fq6MfaK6Q==} - default-browser-id@5.0.1: - resolution: {integrity: sha512-x1VCxdX4t+8wVfd1so/9w+vQ4vx7lKd2Qp5tDRutErwmR85OgmfX7RlLRMWafRMY7hbEiXIbudNrjOAPa/hL8Q==} - engines: {node: '>=18'} - - default-browser@5.5.0: - resolution: {integrity: sha512-H9LMLr5zwIbSxrmvikGuI/5KGhZ8E2zH3stkMgM5LpOWDutGM2JZaj460Udnf1a+946zc7YBgrqEWwbk7zHvGw==} - engines: {node: '>=18'} - define-data-property@1.1.4: resolution: {integrity: sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==} engines: {node: '>= 0.4'} - define-lazy-prop@3.0.0: - resolution: {integrity: sha512-N+MeXYoqr3pOgn8xfyRPREN7gHakLYjhsHhWGT3fWAiL4IkAt0iDw14QiiEm2bE30c5XX5q0FtAA3CK5f9/BUg==} - engines: {node: '>=12'} - define-properties@1.2.1: resolution: {integrity: sha512-8QmQKqEASLd5nx0U1B1okLElbUuuttJ/AnYmRXbbbGDWh6uS208EjD4Xqq/I9wK7u0v6O08XhTWnt5XtEbR6Dg==} engines: {node: '>= 0.4'} - delayed-stream@1.0.0: - resolution: {integrity: sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==} - engines: {node: '>=0.4.0'} - dependency-graph@0.11.0: resolution: {integrity: sha512-JeMq7fEshyepOWDfcfHK06N3MhyPhz++vtqWhMT5O9A3K42rdsEDpfdVqjaqaAhsw6a+ZqeDvQVtD0hFHQWrzg==} engines: {node: '>= 0.6.0'} @@ -1125,10 +1067,6 @@ packages: devlop@1.1.0: resolution: {integrity: sha512-RWmIqhcFf1lRYBvNmr7qTNuyCt/7/ns2jbpp1+PalgE/rDQcBT0fioSMUpJ93irlUhC5hrg4cYqe6U+0ImW0rA==} - diff-sequences@29.6.3: - resolution: {integrity: sha512-EjePK1srD3P08o2j4f0ExnylqRs5B9tJjcp9t1krH2qRi8CCdsYfwe9JgSLurFBWwq4uOlipzfk5fHNvwFKr8Q==} - engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} - dompurify@3.3.3: resolution: {integrity: sha512-Oj6pzI2+RqBfFG+qOaOLbFXLQ90ARpcGG6UePL82bJLtdsa6CYJD7nmiU8MW9nQNOtCHV3lZ/Bzq1X0QYbBZCA==} @@ -1204,9 +1142,6 @@ packages: eventemitter3@5.0.4: resolution: {integrity: sha512-mlsTRyGaPBjPedk6Bvw+aqbsXDtoAyAzm5MO7JgU+yVRyMQ5O8bD4Kcci7BS85f93veegeCPkL8R4GLClnjLFw==} - fast-deep-equal@2.0.1: - resolution: {integrity: sha512-bCK/2Z4zLidyB4ReuIsvALH6w31YfAQDmXMqMx6FyfHqvBxtjC0eRumeSu4Bs3XtXwpyIywtSTrVT99BxY1f9w==} - fast-deep-equal@3.1.3: resolution: {integrity: sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==} @@ -1222,10 +1157,6 @@ packages: resolution: {integrity: sha512-7MptL8U0cqcFdzIzwOTHoilX9x5BrNqye7Z/LuC7kCMRio1EMSyqRK3BEAUD7sXRq4iT4AzTVuZdhgQ2TCvYLg==} engines: {node: '>=8.6.0'} - fast-json-patch@2.2.1: - resolution: {integrity: sha512-4j5uBaTnsYAV5ebkidvxiLUYOwjQ+JSFljeqfTxCrH9bDmlCQaOJFS84oDJ2rAXZq2yskmk3ORfoP9DCwqFNig==} - engines: {node: '>= 0.4.0'} - fast-json-stable-stringify@2.1.0: resolution: {integrity: sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==} @@ -1275,10 +1206,6 @@ packages: foreach@2.0.6: resolution: {integrity: sha512-k6GAGDyqLe9JaebCsFCoudPPWfihKu8pylYXRlqP1J7ms39iPoTtk2fviNglIeQEwdh0bQeKJ01ZPyuyQvKzwg==} - form-data@4.0.4: - resolution: {integrity: sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow==} - engines: {node: '>= 6'} - fs-extra@10.1.0: resolution: {integrity: sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==} engines: {node: '>=12'} @@ -1321,9 +1248,6 @@ packages: resolution: {integrity: sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==} engines: {node: '>= 0.4'} - get-port-please@3.0.1: - resolution: {integrity: sha512-R5pcVO8Z1+pVDu8Ml3xaJCEkBiiy1VQN9za0YqH8GIi1nIqD4IzQhzY6dDzMRtdS1lyiGlucRzm8IN8wtLIXng==} - get-proto@1.0.1: resolution: {integrity: sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==} engines: {node: '>= 0.4'} @@ -1366,8 +1290,8 @@ packages: graceful-fs@4.2.11: resolution: {integrity: sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==} - handlebars@4.7.8: - resolution: {integrity: sha512-vafaFqs8MZkRrSX7sFVUdo3ap/eNiLnb4IakshzvP56X5Nr1iGKAIqdX6tMlm6HcNRIkr6AxO5jFEoJzzpT8aQ==} + handlebars@4.7.9: + resolution: {integrity: sha512-4E71E0rpOaQuJR2A3xDZ+GM1HyWYv1clR58tC8emQNeQe3RH7MAzSbat+V0wG78LQBo6m6bzSG/L4pBuCsgnUQ==} engines: {node: '>=0.4.7'} hasBin: true @@ -1456,10 +1380,6 @@ packages: resolution: {integrity: sha512-n4ZT37wG78iz03xPRKJrHTdZbe3IicyucEtdRsV5yglwc3GyUfbAfpSeD0FJ41NbUNSt5wbhqfp1fS+BgnvDFQ==} engines: {node: '>= 0.4'} - is-binary-path@2.1.0: - resolution: {integrity: sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==} - engines: {node: '>=8'} - is-boolean-object@1.2.2: resolution: {integrity: sha512-wa56o2/ElJMYqjCjGkXri7it5FbebW5usLw/nPmCMs5DeZ7eziSYZhSmPRn0txqeW4LnAmQQU7FgqLpsEFKM4A==} engines: {node: '>= 0.4'} @@ -1483,11 +1403,6 @@ packages: is-decimal@2.0.1: resolution: {integrity: sha512-AAB9hiomQs5DXWcRB1rqsxGUstbRroFOPPVAomNk/3XHR5JyEZChOyTWe2oayKnsSsr/kcGqF+z6yuH6HHpN0A==} - is-docker@3.0.0: - resolution: {integrity: sha512-eljcgEDlEns/7AXFosB5K/2nCM4P7FQPkGc/DWLy5rmFEWvZayGrik1d9/QIY5nJ4f9YsVvBkA6kJpHn9rISdQ==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - hasBin: true - is-extglob@2.1.1: resolution: {integrity: sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==} engines: {node: '>=0.10.0'} @@ -1511,11 +1426,6 @@ packages: is-hexadecimal@2.0.1: resolution: {integrity: sha512-DgZQp241c8oO6cA1SbTEWiXeoxV42vlcJxgH+B3hi1AiqqKruZR3ZGF8In3fj4+/y/7rHvlOZLZtgJ/4ttYGZg==} - is-inside-container@1.0.0: - resolution: {integrity: sha512-KIYLCCJghfHZxqjYBE7rEy0OBuTd5xCHS7tHVgvCLkx7StIoaxwNW3hCALgEUjFfeRk+MG/Qxmp/vtETEF3tRA==} - engines: {node: '>=14.16'} - hasBin: true - is-map@2.0.3: resolution: {integrity: sha512-1Qed0/Hr2m+YqxnM09CjA2d/i6YZNfF6R2oRAOj36eUdS6qIV/huPJNSEpKbupewFs+ZsJlxsjjPbc0/afW6Lw==} engines: {node: '>= 0.4'} @@ -1579,25 +1489,9 @@ packages: resolution: {integrity: sha512-mfcwb6IzQyOKTs84CQMrOwW4gQcaTOAWJ0zzJCl2WSPDrWk/OzDaImWFH3djXhb24g4eudZfLRozAvPGw4d9hQ==} engines: {node: '>= 0.4'} - is-wsl@3.1.1: - resolution: {integrity: sha512-e6rvdUCiQCAuumZslxRJWR/Doq4VpPR82kqclvcS0efgt430SlGIk05vdCN58+VrzgtIcfNODjozVielycD4Sw==} - engines: {node: '>=16'} - isarray@2.0.5: resolution: {integrity: sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw==} - jest-diff@29.7.0: - resolution: {integrity: sha512-LMIgiIrhigmPrs03JHpxUh2yISK3vLFPkAodPeo0+BuF7wA2FoQbkEg1u8gBYBThncu7e1oEDUfIXVuTqLRUjw==} - engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} - - jest-get-type@29.6.3: - resolution: {integrity: sha512-zrteXnqYxfQh7l5FHyL38jL39di8H8rHoecLH3JNxH3BwOrBsNeabdap5e0I23lD4HHI8W5VFBZqG4Eaq5LNcw==} - engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} - - jest-matcher-utils@29.7.0: - resolution: {integrity: sha512-sBkD+Xi9DtcChsI3L3u0+N0opgPYnCRPtGcQYrgXmR+hmt/fYfWAL0xRXYU8eWOdfuLgBe0YCW3AFtnRLagq/g==} - engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} - js-levenshtein@1.1.6: resolution: {integrity: sha512-X2BB11YZtrRqY4EnQcLX5Rh373zbK4alC1FW7D7MBhL2gtcC17cTnr6DmfHZeS0s2rTHjUTMMHfG7gO8SSdw+g==} engines: {node: '>=0.10.0'} @@ -1609,10 +1503,6 @@ packages: resolution: {integrity: sha512-PMSmkqxr106Xa156c2M265Z+FTrPl+oxd/rgOQy2tijQeK5TxQ43psO1ZCwhVOSdnn+RzkzlRz/eY4BgJBYVpg==} hasBin: true - js-yaml@4.1.0: - resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} - hasBin: true - js-yaml@4.1.1: resolution: {integrity: sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==} hasBin: true @@ -1624,17 +1514,13 @@ packages: json-pointer@0.6.2: resolution: {integrity: sha512-vLWcKbOaXlO+jvRy4qNd+TI1QUPZzfJj1tpJ3vAXDych5XJf93ftpUKe5pKCrzyIIwgBJcOcCVRUfqQP25afBw==} - json-schema-migrate@2.0.0: - resolution: {integrity: sha512-r38SVTtojDRp4eD6WsCqiE0eNDt4v1WalBXb9cyZYw9ai5cGtBwzRNWjHzJl38w6TxFkXAIA7h+fyX3tnrAFhQ==} + json-schema-to-ts@2.7.2: + resolution: {integrity: sha512-R1JfqKqbBR4qE8UyBR56Ms30LL62/nlhoz+1UkfI/VE7p54Awu919FZ6ZUPG8zIa3XB65usPJgr1ONVncUGSaQ==} + engines: {node: '>=16'} json-schema-traverse@1.0.0: resolution: {integrity: sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==} - json5@2.2.3: - resolution: {integrity: sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==} - engines: {node: '>=6'} - hasBin: true - jsonc-parser@2.2.1: resolution: {integrity: sha512-o6/yDBYccGvTz1+QFevz6l6OBZ2+fMVu2JZ9CIhzsYRX4mjaK5IyX9eldUdCmga16zlgQxyrj5pt9kzuj2C02w==} @@ -1644,16 +1530,15 @@ packages: jsonfile@6.2.0: resolution: {integrity: sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==} - jsonpath-plus@10.3.0: - resolution: {integrity: sha512-8TNmfeTCk2Le33A3vRRwtuworG/L5RrgMvdjhKZxvyShO+mBu2fP50OWUjRLNtvw344DdDarFh9buFAZs5ujeA==} - engines: {node: '>=18.0.0'} - hasBin: true - jsonpath-plus@10.4.0: resolution: {integrity: sha512-T92WWatJXmhBbKsgH/0hl+jxjdXrifi5IKeMY02DWggRxX0UElcbVzPlmgLTbvsPeW1PasQ6xE2Q75stkhGbsA==} engines: {node: '>=18.0.0'} hasBin: true + jsonpath-rfc9535@1.3.0: + resolution: {integrity: sha512-3jFHya7oZ45aDxIIdx+/zQARahHXxFSMWBkcBUldfXpLS9VCXDJyTKt35kQfEXLqh0K3Ixw/9xFnvcDStaxh7Q==} + engines: {node: '>=20'} + jsonpointer@5.0.1: resolution: {integrity: sha512-p/nXbhSEcu3pZRdkW1OfJhpsVtW1gd4Wa1fnQc9YLiTfAjn0312eMKimbdIQzuZl9aa9xUGaRlP9T/CJE/ditQ==} engines: {node: '>=0.10.0'} @@ -1676,8 +1561,9 @@ packages: lodash.topath@4.5.2: resolution: {integrity: sha512-1/W4dM+35DwvE/iEd1M9ekewOSTlpFekhw9mhAtrwjVqUr83/ilQiyAvmg4tVX7Unkcfl1KC+i9WdaT4B6aQcg==} - lodash@4.17.23: - resolution: {integrity: sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==} + lodash@4.18.0: + resolution: {integrity: sha512-l1mfj2atMqndAHI3ls7XqPxEjV2J9ZkcNyHpoZA3r2T1LLwDB69jgkMWh71YKwhBbK0G2f4WSn05ahmQXVxupA==} + deprecated: Bad release. Please use lodash@4.17.21 instead. long@5.3.2: resolution: {integrity: sha512-mNAgZ1GmyNhD7AuqnTG3/VQ26o760+ZYBPKjPvugO8+nLbYfX6TVpJPseBvopbdY+qpZ/lKUnmEc1LeZYS3QAA==} @@ -1815,21 +1701,10 @@ packages: resolution: {integrity: sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==} engines: {node: '>=8.6'} - mime-db@1.52.0: - resolution: {integrity: sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==} - engines: {node: '>= 0.6'} - - mime-types@2.1.35: - resolution: {integrity: sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==} - engines: {node: '>= 0.6'} - minimatch@10.2.4: resolution: {integrity: sha512-oRjTw/97aTBN0RHbYCdtF1MQfvusSIBQM0IZEgzl6426+8jSC0nF1a/GmnVLpfB9yyr6g6FTqWqiZVbxrtaCIg==} engines: {node: 18 || 20 || >=22} - minimatch@3.1.2: - resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} - minimatch@3.1.5: resolution: {integrity: sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==} @@ -1857,8 +1732,8 @@ packages: react-native: optional: true - mobx-react@9.2.1: - resolution: {integrity: sha512-WJNNm0FB2n0Z0u+jS1QHmmWyV8l2WiAj8V8I/96kbUEN2YbYCoKW+hbbqKKRUBqElu0llxM7nWKehvRIkhBVJw==} + mobx-react@9.2.0: + resolution: {integrity: sha512-dkGWCx+S0/1mfiuFfHRH8D9cplmwhxOV5CkXMp38u6rQGG2Pv3FWYztS0M7ncR6TyPRQKaTG/pnitInoYE9Vrw==} peerDependencies: mobx: ^6.9.0 react: ^16.8.0 || ^17 || ^18 || ^19 @@ -1908,10 +1783,6 @@ packages: resolution: {integrity: sha512-Pzr3rol8fvhG/oJjIq2NTVB0vmdNNlz22FENhhPojYRZ4/ee08CfK4YuKmuL54V9MLhI1kpzxfOJ/63LzmZzDg==} engines: {node: '>=14'} - normalize-path@3.0.0: - resolution: {integrity: sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==} - engines: {node: '>=0.10.0'} - oas-kit-common@1.0.8: resolution: {integrity: sha512-pJTS2+T0oGIwgjGpw7sIRU8RQMcUoKCDWFLdBqKB2BNmGpbBMH2sdqAaOXUg8OzonZHU0L7vfJu1mJFEiYDWOQ==} @@ -1947,13 +1818,6 @@ packages: once@1.4.0: resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} - open@10.1.0: - resolution: {integrity: sha512-mnkeQ1qP5Ue2wd+aivTD3NHd/lZ96Lu0jgf0pwktLPtx6cTZiH7tyeGRRHs0zX0rbrahXPnXlUnbeXyaBBuIaw==} - engines: {node: '>=18'} - - openapi-sampler@1.7.0: - resolution: {integrity: sha512-fWq32F5vqGpgRJYIarC/9Y1wC9tKnRDcCOjsDJ7MIcSv2HsE7kNifcXIZ8FVtNStBUWxYrEk/MKqVF0SwZ5gog==} - openapi-sampler@1.7.2: resolution: {integrity: sha512-OKytvqB5XIaTgA9xtw8W8UTar+uymW2xPVpFN0NihMtuHPdPTGxBEhGnfFnJW5g/gOSIvkP+H0Xh3XhVI9/n7g==} @@ -2054,10 +1918,6 @@ packages: engines: {node: '>=14'} hasBin: true - pretty-format@29.7.0: - resolution: {integrity: sha512-Pdlw/oPxN+aXdmM9R00JVC9WVFoCLTKJvDVLgmJ+qAffBMxsV85l/Lu7sNx4zSzPyoL2euImuEwHhOXdEgNFZQ==} - engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} - printable-characters@1.0.42: resolution: {integrity: sha512-dKp+C4iXWK4vVYZmYSd0KBH5F/h1HoZRsbJ82AVKRO3PEo8L4lBS/vLwhVtpwwuYcoIsVY+1JYKR268yn480uQ==} @@ -2090,9 +1950,6 @@ packages: react-is@16.13.1: resolution: {integrity: sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==} - react-is@18.3.1: - resolution: {integrity: sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==} - react-tabs@6.1.1: resolution: {integrity: sha512-CPiuKoMFf89B7QlbFfdBD9XmUWiE3qudQputMVZB8GQvPJZRX/gqjDaDWOPDwGinEfpJKEuBCkGt83Tt4efeyA==} peerDependencies: @@ -2106,12 +1963,8 @@ packages: resolution: {integrity: sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==} engines: {node: '>= 6'} - readdirp@3.6.0: - resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} - engines: {node: '>=8.10.0'} - - redoc@2.5.0: - resolution: {integrity: sha512-NpYsOZ1PD9qFdjbLVBZJWptqE+4Y6TkUuvEOqPUmoH7AKOmPcE+hYjotLxQNTqVoWL4z0T2uxILmcc8JGDci+Q==} + redoc@2.5.1: + resolution: {integrity: sha512-LmqA+4A3CmhTllGG197F0arUpmChukAj9klfSdxNRemT9Hr07xXr7OGKu4PHzBs359sgrJ+4JwmOlM7nxLPGMg==} engines: {node: '>=6.9', npm: '>=3.0.0'} peerDependencies: core-js: ^3.1.4 @@ -2163,15 +2016,11 @@ packages: resolution: {integrity: sha512-g6QUff04oZpHs0eG5p83rFLhHeV00ug/Yf9nZM6fLeUrPguBTkTQOdpAWWspMh55TZfVQDPaN3NQJfbVRAxdIw==} engines: {iojs: '>=1.0.0', node: '>=0.10.0'} - rollup@2.79.2: - resolution: {integrity: sha512-fS6iqSPZDs3dr/y7Od6y5nha8dW1YnbgtsyotCVvoFGKbERG++CVRFv1meyGDE1SNItQA8BrnCw7ScdAhRJ3XQ==} + rollup@2.80.0: + resolution: {integrity: sha512-cIFJOD1DESzpjOBl763Kp1AH7UE/0fcdHe6rZXUdQ9c50uvgigvW97u3IcSeBwOkgqL/PXPBktBCh0KEu5L8XQ==} engines: {node: '>=10.0.0'} hasBin: true - run-applescript@7.1.0: - resolution: {integrity: sha512-DPe5pVFaAsinSaV6QjQ6gdiedWDcRCbUuiQfQa2wmWV7+xC9bGulGI8+TdRmoFkAPaBXk8CrAbnlY2ISniJ47Q==} - engines: {node: '>=18'} - run-parallel@1.2.0: resolution: {integrity: sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==} @@ -2271,10 +2120,6 @@ packages: resolution: {integrity: sha512-tf+h5W1IrjNm/9rKKj0JU2MDMruiopx0jjVA5zCdBtcGjfp0+c5rHw/zADLC3IeKlGHtVbHtpfzvYA0OYT+HKg==} engines: {node: '>=8.0.0'} - smol-toml@1.6.0: - resolution: {integrity: sha512-4zemZi0HvTnYwLfrpk/CF9LOd9Lt87kAt50GnqhMpyF9U3poDAP2+iukq2bZsO/ufegbYehBkqINbsWxj4l4cw==} - engines: {node: '>= 18'} - smol-toml@1.6.1: resolution: {integrity: sha512-dWUG8F5sIIARXih1DTaQAX4SsiTXhInKf1buxdY9DIg4ZYPZK5nGM1VRIYmEbDbsHt7USo99xSLFu5Q1IqTmsg==} engines: {node: '>= 18'} @@ -2377,6 +2222,9 @@ packages: tr46@0.0.3: resolution: {integrity: sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==} + ts-algebra@1.2.2: + resolution: {integrity: sha512-kloPhf1hq3JbCPOTYoOWDKxebWjNb2o/LKnNfkWhxVVisFFmMJPPdJeGoGmM+iRLyoXAR61e08Pb+vUXINg8aA==} + tslib@1.14.1: resolution: {integrity: sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==} @@ -2399,9 +2247,6 @@ packages: resolution: {integrity: sha512-3KS2b+kL7fsuk/eJZ7EQdnEmQoaho/r6KUef7hxvltNA5DR8NAUM+8wJMbJyZ4G9/7i3v5zPBIMN5aybAh2/Jg==} engines: {node: '>= 0.4'} - typedarray@0.0.6: - resolution: {integrity: sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA==} - typescript@6.0.2: resolution: {integrity: sha512-bGdAIrZ0wiGDo5l8c++HWtbaNCWTS4UTv7RaTH/ThVIgjkveJt83m74bBHMJkuCbslY8ixgLBVZJIOiQlQTjfQ==} engines: {node: '>=14.17'} @@ -2415,6 +2260,14 @@ packages: engines: {node: '>=0.8.0'} hasBin: true + ulid@2.4.0: + resolution: {integrity: sha512-fIRiVTJNcSRmXKPZtGzFQv9WRrZ3M9eoptl/teFJvjOzmpU+/K/JH6HZ8deBfb5vMEpicJcLn7JmvdknlMq7Zg==} + hasBin: true + + ulid@3.0.2: + resolution: {integrity: sha512-yu26mwteFYzBAot7KVMqFGCVpsF6g8wXfJzQUHvu1no3+rRRSFcSV2nKeYvNPLD2J4b08jYBDhHUjeH0ygIl9w==} + hasBin: true + unbox-primitive@1.1.0: resolution: {integrity: sha512-nWJ91DjeOkej/TA8pXQ3myruKpKEYgqvpw9lz4OPHj/NWFNluYrjbz9j01CJ8yKQd2g4jFoOkINCTW2I5LEEyw==} engines: {node: '>= 0.4'} @@ -2422,8 +2275,8 @@ packages: undici-types@7.18.2: resolution: {integrity: sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==} - undici@6.24.1: - resolution: {integrity: sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==} + undici@6.24.0: + resolution: {integrity: sha512-lVLNosgqo5EkGqh5XUDhGfsMSoO8K0BAN0TyJLvwNRSl4xWGZlCVYsAIpa/OpA3TvmnM01GWcoKmc3ZWo5wKKA==} engines: {node: '>=18.17'} unicorn-magic@0.4.0: @@ -2850,10 +2703,6 @@ snapshots: '@humanwhocodes/momoa@2.0.4': {} - '@jest/schemas@29.6.3': - dependencies: - '@sinclair/typebox': 0.27.10 - '@jsdevtools/ono@7.1.3': {} '@jsep-plugin/assignment@1.3.0(jsep@1.4.0)': @@ -2868,6 +2717,8 @@ snapshots: dependencies: jsep: 1.4.0 + '@noble/hashes@1.8.0': {} + '@nodelib/fs.scandir@2.1.5': dependencies: '@nodelib/fs.stat': 2.0.5 @@ -2880,94 +2731,81 @@ snapshots: '@nodelib/fs.scandir': 2.1.5 fastq: 1.20.1 - '@opentelemetry/api-logs@0.53.0': + '@opentelemetry/api-logs@0.202.0': dependencies: '@opentelemetry/api': 1.9.0 '@opentelemetry/api@1.9.0': {} - '@opentelemetry/context-async-hooks@1.26.0(@opentelemetry/api@1.9.0)': + '@opentelemetry/context-async-hooks@2.0.1(@opentelemetry/api@1.9.0)': dependencies: '@opentelemetry/api': 1.9.0 - '@opentelemetry/core@1.26.0(@opentelemetry/api@1.9.0)': + '@opentelemetry/core@2.0.1(@opentelemetry/api@1.9.0)': dependencies: '@opentelemetry/api': 1.9.0 - '@opentelemetry/semantic-conventions': 1.27.0 + '@opentelemetry/semantic-conventions': 1.34.0 - '@opentelemetry/exporter-trace-otlp-http@0.53.0(@opentelemetry/api@1.9.0)': + '@opentelemetry/exporter-trace-otlp-http@0.202.0(@opentelemetry/api@1.9.0)': dependencies: '@opentelemetry/api': 1.9.0 - '@opentelemetry/core': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/otlp-exporter-base': 0.53.0(@opentelemetry/api@1.9.0) - '@opentelemetry/otlp-transformer': 0.53.0(@opentelemetry/api@1.9.0) - '@opentelemetry/resources': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/sdk-trace-base': 1.26.0(@opentelemetry/api@1.9.0) + '@opentelemetry/core': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/otlp-exporter-base': 0.202.0(@opentelemetry/api@1.9.0) + '@opentelemetry/otlp-transformer': 0.202.0(@opentelemetry/api@1.9.0) + '@opentelemetry/resources': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/sdk-trace-base': 2.0.1(@opentelemetry/api@1.9.0) - '@opentelemetry/otlp-exporter-base@0.53.0(@opentelemetry/api@1.9.0)': + '@opentelemetry/otlp-exporter-base@0.202.0(@opentelemetry/api@1.9.0)': dependencies: '@opentelemetry/api': 1.9.0 - '@opentelemetry/core': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/otlp-transformer': 0.53.0(@opentelemetry/api@1.9.0) + '@opentelemetry/core': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/otlp-transformer': 0.202.0(@opentelemetry/api@1.9.0) - '@opentelemetry/otlp-transformer@0.53.0(@opentelemetry/api@1.9.0)': + '@opentelemetry/otlp-transformer@0.202.0(@opentelemetry/api@1.9.0)': dependencies: '@opentelemetry/api': 1.9.0 - '@opentelemetry/api-logs': 0.53.0 - '@opentelemetry/core': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/resources': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/sdk-logs': 0.53.0(@opentelemetry/api@1.9.0) - '@opentelemetry/sdk-metrics': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/sdk-trace-base': 1.26.0(@opentelemetry/api@1.9.0) + '@opentelemetry/api-logs': 0.202.0 + '@opentelemetry/core': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/resources': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/sdk-logs': 0.202.0(@opentelemetry/api@1.9.0) + '@opentelemetry/sdk-metrics': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/sdk-trace-base': 2.0.1(@opentelemetry/api@1.9.0) protobufjs: 7.5.4 - '@opentelemetry/propagator-b3@1.26.0(@opentelemetry/api@1.9.0)': + '@opentelemetry/resources@2.0.1(@opentelemetry/api@1.9.0)': dependencies: '@opentelemetry/api': 1.9.0 - '@opentelemetry/core': 1.26.0(@opentelemetry/api@1.9.0) + '@opentelemetry/core': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/semantic-conventions': 1.34.0 - '@opentelemetry/propagator-jaeger@1.26.0(@opentelemetry/api@1.9.0)': + '@opentelemetry/sdk-logs@0.202.0(@opentelemetry/api@1.9.0)': dependencies: '@opentelemetry/api': 1.9.0 - '@opentelemetry/core': 1.26.0(@opentelemetry/api@1.9.0) + '@opentelemetry/api-logs': 0.202.0 + '@opentelemetry/core': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/resources': 2.0.1(@opentelemetry/api@1.9.0) - '@opentelemetry/resources@1.26.0(@opentelemetry/api@1.9.0)': + '@opentelemetry/sdk-metrics@2.0.1(@opentelemetry/api@1.9.0)': dependencies: '@opentelemetry/api': 1.9.0 - '@opentelemetry/core': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/semantic-conventions': 1.27.0 + '@opentelemetry/core': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/resources': 2.0.1(@opentelemetry/api@1.9.0) - '@opentelemetry/sdk-logs@0.53.0(@opentelemetry/api@1.9.0)': + '@opentelemetry/sdk-trace-base@2.0.1(@opentelemetry/api@1.9.0)': dependencies: '@opentelemetry/api': 1.9.0 - '@opentelemetry/api-logs': 0.53.0 - '@opentelemetry/core': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/resources': 1.26.0(@opentelemetry/api@1.9.0) + '@opentelemetry/core': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/resources': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/semantic-conventions': 1.34.0 - '@opentelemetry/sdk-metrics@1.26.0(@opentelemetry/api@1.9.0)': + '@opentelemetry/sdk-trace-node@2.0.1(@opentelemetry/api@1.9.0)': dependencies: '@opentelemetry/api': 1.9.0 - '@opentelemetry/core': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/resources': 1.26.0(@opentelemetry/api@1.9.0) + '@opentelemetry/context-async-hooks': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/core': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/sdk-trace-base': 2.0.1(@opentelemetry/api@1.9.0) - '@opentelemetry/sdk-trace-base@1.26.0(@opentelemetry/api@1.9.0)': - dependencies: - '@opentelemetry/api': 1.9.0 - '@opentelemetry/core': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/resources': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/semantic-conventions': 1.27.0 - - '@opentelemetry/sdk-trace-node@1.26.0(@opentelemetry/api@1.9.0)': - dependencies: - '@opentelemetry/api': 1.9.0 - '@opentelemetry/context-async-hooks': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/core': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/propagator-b3': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/propagator-jaeger': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/sdk-trace-base': 1.26.0(@opentelemetry/api@1.9.0) - semver: 7.7.4 - - '@opentelemetry/semantic-conventions@1.27.0': {} + '@opentelemetry/semantic-conventions@1.34.0': {} '@protobufjs/aspromise@1.1.2': {} @@ -2999,37 +2837,52 @@ snapshots: require-from-string: 2.0.2 uri-js-replace: 1.0.1 - '@redocly/cli@1.34.11(ajv@8.18.0)': + '@redocly/ajv@8.18.0': dependencies: - '@opentelemetry/api': 1.9.0 - '@opentelemetry/exporter-trace-otlp-http': 0.53.0(@opentelemetry/api@1.9.0) - '@opentelemetry/resources': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/sdk-trace-node': 1.26.0(@opentelemetry/api@1.9.0) - '@opentelemetry/semantic-conventions': 1.27.0 - '@redocly/config': 0.22.0 - '@redocly/openapi-core': 1.34.11 - '@redocly/respect-core': 1.34.11(ajv@8.18.0) + fast-deep-equal: 3.1.3 + fast-uri: 3.1.0 + json-schema-traverse: 1.0.0 + require-from-string: 2.0.2 + + '@redocly/cli-otel@0.1.2': + dependencies: + ulid: 2.4.0 + + '@redocly/cli@2.25.4(@opentelemetry/api@1.9.0)(core-js@3.32.1)': + dependencies: + '@opentelemetry/exporter-trace-otlp-http': 0.202.0(@opentelemetry/api@1.9.0) + '@opentelemetry/resources': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/sdk-trace-node': 2.0.1(@opentelemetry/api@1.9.0) + '@opentelemetry/semantic-conventions': 1.34.0 + '@redocly/cli-otel': 0.1.2 + '@redocly/openapi-core': 2.25.4 + '@redocly/respect-core': 2.25.4 abort-controller: 3.0.0 - chokidar: 3.5.3 + ajv: '@redocly/ajv@8.18.0' + ajv-formats: 3.0.1(@redocly/ajv@8.18.0) colorette: 1.4.0 - core-js: 3.32.1 + cookie: 0.7.2 dotenv: 16.4.7 - form-data: 4.0.4 - get-port-please: 3.0.1 - glob: 7.2.3 - handlebars: 4.7.8 + glob: 13.0.6 + handlebars: 4.7.9 + https-proxy-agent: 7.0.6 mobx: 6.12.3 + picomatch: 4.0.4 pluralize: 8.0.0 react: 19.2.4 react-dom: 19.2.4(react@19.2.4) - redoc: 2.5.0(core-js@3.32.1)(mobx@6.12.3)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(styled-components@6.3.9(react-dom@19.2.4(react@19.2.4))(react@19.2.4)) + redoc: 2.5.1(core-js@3.32.1)(mobx@6.12.3)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(styled-components@6.3.9(react-dom@19.2.4(react@19.2.4))(react@19.2.4)) semver: 7.7.4 + set-cookie-parser: 2.7.1 simple-websocket: 9.1.0 styled-components: 6.3.9(react-dom@19.2.4(react@19.2.4))(react@19.2.4) + ulid: 3.0.2 + undici: 6.24.0 yargs: 17.0.1 transitivePeerDependencies: - - ajv + - '@opentelemetry/api' - bufferutil + - core-js - encoding - react-native - supports-color @@ -3037,6 +2890,10 @@ snapshots: '@redocly/config@0.22.0': {} + '@redocly/config@0.46.0': + dependencies: + json-schema-to-ts: 2.7.2 + '@redocly/openapi-core@1.34.11': dependencies: '@redocly/ajv': 8.11.2 @@ -3051,50 +2908,51 @@ snapshots: transitivePeerDependencies: - supports-color - '@redocly/respect-core@1.34.11(ajv@8.18.0)': + '@redocly/openapi-core@2.25.4': + dependencies: + '@redocly/ajv': 8.18.0 + '@redocly/config': 0.46.0 + ajv: '@redocly/ajv@8.18.0' + ajv-formats: 3.0.1(@redocly/ajv@8.18.0) + colorette: 1.4.0 + js-levenshtein: 1.1.6 + js-yaml: 4.1.1 + picomatch: 4.0.4 + pluralize: 8.0.0 + yaml-ast-parser: 0.0.43 + + '@redocly/respect-core@2.25.4': dependencies: '@faker-js/faker': 7.6.0 - '@redocly/ajv': 8.11.2 - '@redocly/openapi-core': 1.34.11 - better-ajv-errors: 1.2.0(ajv@8.18.0) + '@noble/hashes': 1.8.0 + '@redocly/ajv': 8.18.0 + '@redocly/openapi-core': 2.25.4 + ajv: '@redocly/ajv@8.18.0' + better-ajv-errors: 1.2.0(@redocly/ajv@8.18.0) colorette: 2.0.20 - concat-stream: 2.0.0 - cookie: 0.7.2 - dotenv: 16.4.7 - form-data: 4.0.4 - jest-diff: 29.7.0 - jest-matcher-utils: 29.7.0 - js-yaml: 4.1.0 json-pointer: 0.6.2 - jsonpath-plus: 10.3.0 - open: 10.1.0 - openapi-sampler: 1.7.0 + jsonpath-rfc9535: 1.3.0 + openapi-sampler: 1.7.2 outdent: 0.8.0 - set-cookie-parser: 2.7.1 - undici: 6.24.1 - transitivePeerDependencies: - - ajv - - supports-color + picomatch: 4.0.4 - '@rollup/plugin-commonjs@22.0.2(rollup@2.79.2)': + '@rollup/plugin-commonjs@22.0.2(rollup@2.80.0)': dependencies: - '@rollup/pluginutils': 3.1.0(rollup@2.79.2) + '@rollup/pluginutils': 3.1.0(rollup@2.80.0) commondir: 1.0.1 estree-walker: 2.0.2 glob: 7.2.3 is-reference: 1.2.1 magic-string: 0.25.9 resolve: 1.22.11 - rollup: 2.79.2 + rollup: 2.80.0 - '@rollup/pluginutils@3.1.0(rollup@2.79.2)': + '@rollup/pluginutils@3.1.0(rollup@2.80.0)': dependencies: '@types/estree': 0.0.39 estree-walker: 1.0.1 picomatch: 2.3.2 - rollup: 2.79.2 - - '@sinclair/typebox@0.27.10': {} + rollup: 2.80.0 '@sindresorhus/merge-streams@4.0.0': {} @@ -3120,7 +2978,7 @@ snapshots: dependency-graph: 0.11.0 fast-memoize: 2.5.2 immer: 9.0.21 - lodash: 4.17.23 + lodash: 4.18.0 tslib: 2.8.1 urijs: 1.19.11 @@ -3130,7 +2988,7 @@ snapshots: '@stoplight/path': 1.3.2 '@stoplight/types': 13.20.0 jsonc-parser: 2.2.1 - lodash: 4.17.23 + lodash: 4.18.0 safe-stable-stringify: 1.1.1 '@stoplight/ordered-object-literal@1.0.5': {} @@ -3153,7 +3011,7 @@ snapshots: chalk: 4.1.2 fast-glob: 3.2.12 hpagent: 1.2.0 - lodash: 4.17.23 + lodash: 4.18.0 pony-cause: 1.1.1 stacktracey: 2.2.0 tslib: 2.8.1 @@ -3177,9 +3035,9 @@ snapshots: ajv-formats: 2.1.1(ajv@8.18.0) es-aggregate-error: 1.0.14 jsonpath-plus: 10.4.0 - lodash: 4.17.23 + lodash: 4.18.0 lodash.topath: 4.5.2 - minimatch: 3.1.2 + minimatch: 3.1.5 nimma: 0.2.3 pony-cause: 1.1.1 simple-eval: 1.0.1 @@ -3205,7 +3063,7 @@ snapshots: '@types/markdown-escape': 1.1.3 chalk: 4.1.2 cliui: 7.0.4 - lodash: 4.17.23 + lodash: 4.18.0 markdown-escape: 2.0.0 node-sarif-builder: 2.0.3 strip-ansi: 6.0.1 @@ -3225,7 +3083,7 @@ snapshots: ajv-draft-04: 1.0.0(ajv@8.18.0) ajv-errors: 3.0.0(ajv@8.18.0) ajv-formats: 2.1.1(ajv@8.18.0) - lodash: 4.17.23 + lodash: 4.18.0 tslib: 2.8.1 transitivePeerDependencies: - encoding @@ -3249,7 +3107,7 @@ snapshots: '@stoplight/spectral-ruleset-bundler@1.6.3': dependencies: - '@rollup/plugin-commonjs': 22.0.2(rollup@2.79.2) + '@rollup/plugin-commonjs': 22.0.2(rollup@2.80.0) '@stoplight/path': 1.3.2 '@stoplight/spectral-core': 1.21.0 '@stoplight/spectral-formats': 1.8.2 @@ -3262,7 +3120,7 @@ snapshots: '@stoplight/types': 13.20.0 '@types/node': 25.5.0 pony-cause: 1.1.1 - rollup: 2.79.2 + rollup: 2.80.0 tslib: 2.8.1 validate-npm-package-name: 3.0.0 transitivePeerDependencies: @@ -3302,7 +3160,7 @@ snapshots: ajv-formats: 2.1.1(ajv@8.18.0) json-schema-traverse: 1.0.0 leven: 3.1.0 - lodash: 4.17.23 + lodash: 4.18.0 tslib: 2.8.1 transitivePeerDependencies: - encoding @@ -3313,7 +3171,7 @@ snapshots: '@stoplight/path': 1.3.2 '@stoplight/types': 13.20.0 abort-controller: 3.0.0 - lodash: 4.17.23 + lodash: 4.18.0 node-fetch: 2.7.0 tslib: 2.8.1 transitivePeerDependencies: @@ -3393,16 +3251,6 @@ snapshots: agent-base@7.1.4: {} - ajv-cli@5.0.0: - dependencies: - ajv: 8.18.0 - fast-json-patch: 2.2.1 - glob: 7.2.3 - js-yaml: 3.14.2 - json-schema-migrate: 2.0.0 - json5: 2.2.3 - minimist: 1.2.8 - ajv-draft-04@1.0.0(ajv@8.18.0): optionalDependencies: ajv: 8.18.0 @@ -3415,6 +3263,10 @@ snapshots: optionalDependencies: ajv: 8.18.0 + ajv-formats@3.0.1(@redocly/ajv@8.18.0): + optionalDependencies: + ajv: '@redocly/ajv@8.18.0' + ajv-formats@3.0.1(ajv@8.18.0): optionalDependencies: ajv: 8.18.0 @@ -3434,13 +3286,6 @@ snapshots: dependencies: color-convert: 2.0.1 - ansi-styles@5.2.0: {} - - anymatch@3.1.3: - dependencies: - normalize-path: 3.0.0 - picomatch: 2.3.2 - argparse@1.0.10: dependencies: sprintf-js: 1.0.3 @@ -3476,8 +3321,6 @@ snapshots: async-function@1.0.0: {} - asynckit@0.4.0: {} - available-typed-arrays@1.0.7: dependencies: possible-typed-array-names: 1.1.0 @@ -3486,17 +3329,15 @@ snapshots: balanced-match@4.0.4: {} - better-ajv-errors@1.2.0(ajv@8.18.0): + better-ajv-errors@1.2.0(@redocly/ajv@8.18.0): dependencies: '@babel/code-frame': 7.29.0 '@humanwhocodes/momoa': 2.0.4 - ajv: 8.18.0 + ajv: '@redocly/ajv@8.18.0' chalk: 4.1.2 jsonpointer: 5.0.1 leven: 3.1.0 - binary-extensions@2.3.0: {} - brace-expansion@1.1.13: dependencies: balanced-match: 1.0.2 @@ -3514,14 +3355,8 @@ snapshots: dependencies: fill-range: 7.1.1 - buffer-from@1.1.2: {} - builtins@1.0.3: {} - bundle-name@4.1.0: - dependencies: - run-applescript: 7.1.0 - call-bind-apply-helpers@1.0.2: dependencies: es-errors: 1.3.0 @@ -3564,18 +3399,6 @@ snapshots: character-reference-invalid@2.0.1: {} - chokidar@3.5.3: - dependencies: - anymatch: 3.1.3 - braces: 3.0.3 - glob-parent: 5.1.2 - is-binary-path: 2.1.0 - is-glob: 4.0.3 - normalize-path: 3.0.0 - readdirp: 3.6.0 - optionalDependencies: - fsevents: 2.3.3 - classnames@2.5.1: {} clear-module@4.1.2: @@ -3613,10 +3436,6 @@ snapshots: colorette@2.0.20: {} - combined-stream@1.0.8: - dependencies: - delayed-stream: 1.0.0 - commander@14.0.3: {} commander@8.3.0: {} @@ -3630,13 +3449,6 @@ snapshots: concat-map@0.0.1: {} - concat-stream@2.0.0: - dependencies: - buffer-from: 1.1.2 - inherits: 2.0.4 - readable-stream: 3.6.2 - typedarray: 0.0.6 - cookie@0.7.2: {} core-js@3.32.1: {} @@ -3774,29 +3586,18 @@ snapshots: dependencies: character-entities: 2.0.2 - default-browser-id@5.0.1: {} - - default-browser@5.5.0: - dependencies: - bundle-name: 4.1.0 - default-browser-id: 5.0.1 - define-data-property@1.1.4: dependencies: es-define-property: 1.0.1 es-errors: 1.3.0 gopd: 1.2.0 - define-lazy-prop@3.0.0: {} - define-properties@1.2.1: dependencies: define-data-property: 1.1.4 has-property-descriptors: 1.0.2 object-keys: 1.1.1 - delayed-stream@1.0.0: {} - dependency-graph@0.11.0: {} dequal@2.0.3: {} @@ -3805,8 +3606,6 @@ snapshots: dependencies: dequal: 2.0.3 - diff-sequences@29.6.3: {} - dompurify@3.3.3: optionalDependencies: '@types/trusted-types': 2.0.7 @@ -3930,8 +3729,6 @@ snapshots: eventemitter3@5.0.4: {} - fast-deep-equal@2.0.1: {} - fast-deep-equal@3.1.3: {} fast-equals@6.0.0: {} @@ -3952,10 +3749,6 @@ snapshots: merge2: 1.4.1 micromatch: 4.0.8 - fast-json-patch@2.2.1: - dependencies: - fast-deep-equal: 2.0.1 - fast-json-stable-stringify@2.1.0: {} fast-memoize@2.5.2: {} @@ -3999,14 +3792,6 @@ snapshots: foreach@2.0.6: {} - form-data@4.0.4: - dependencies: - asynckit: 0.4.0 - combined-stream: 1.0.8 - es-set-tostringtag: 2.1.0 - hasown: 2.0.2 - mime-types: 2.1.35 - fs-extra@10.1.0: dependencies: graceful-fs: 4.2.11 @@ -4052,8 +3837,6 @@ snapshots: hasown: 2.0.2 math-intrinsics: 1.1.0 - get-port-please@3.0.1: {} - get-proto@1.0.1: dependencies: dunder-proto: 1.0.1 @@ -4111,7 +3894,7 @@ snapshots: graceful-fs@4.2.11: {} - handlebars@4.7.8: + handlebars@4.7.9: dependencies: minimist: 1.2.8 neo-async: 2.6.2 @@ -4204,10 +3987,6 @@ snapshots: dependencies: has-bigints: 1.1.0 - is-binary-path@2.1.0: - dependencies: - binary-extensions: 2.3.0 - is-boolean-object@1.2.2: dependencies: call-bound: 1.0.4 @@ -4232,8 +4011,6 @@ snapshots: is-decimal@2.0.1: {} - is-docker@3.0.0: {} - is-extglob@2.1.1: {} is-finalizationregistry@1.1.1: @@ -4256,10 +4033,6 @@ snapshots: is-hexadecimal@2.0.1: {} - is-inside-container@1.0.0: - dependencies: - is-docker: 3.0.0 - is-map@2.0.3: {} is-negative-zero@2.0.3: {} @@ -4318,28 +4091,8 @@ snapshots: call-bound: 1.0.4 get-intrinsic: 1.3.0 - is-wsl@3.1.1: - dependencies: - is-inside-container: 1.0.0 - isarray@2.0.5: {} - jest-diff@29.7.0: - dependencies: - chalk: 4.1.2 - diff-sequences: 29.6.3 - jest-get-type: 29.6.3 - pretty-format: 29.7.0 - - jest-get-type@29.6.3: {} - - jest-matcher-utils@29.7.0: - dependencies: - chalk: 4.1.2 - jest-diff: 29.7.0 - jest-get-type: 29.6.3 - pretty-format: 29.7.0 - js-levenshtein@1.1.6: {} js-tokens@4.0.0: {} @@ -4349,10 +4102,6 @@ snapshots: argparse: 1.0.10 esprima: 4.0.1 - js-yaml@4.1.0: - dependencies: - argparse: 2.0.1 - js-yaml@4.1.1: dependencies: argparse: 2.0.1 @@ -4363,14 +4112,14 @@ snapshots: dependencies: foreach: 2.0.6 - json-schema-migrate@2.0.0: + json-schema-to-ts@2.7.2: dependencies: - ajv: 8.18.0 + '@babel/runtime': 7.29.2 + '@types/json-schema': 7.0.15 + ts-algebra: 1.2.2 json-schema-traverse@1.0.0: {} - json5@2.2.3: {} - jsonc-parser@2.2.1: {} jsonc-parser@3.3.1: {} @@ -4381,18 +4130,14 @@ snapshots: optionalDependencies: graceful-fs: 4.2.11 - jsonpath-plus@10.3.0: - dependencies: - '@jsep-plugin/assignment': 1.3.0(jsep@1.4.0) - '@jsep-plugin/regex': 1.0.4(jsep@1.4.0) - jsep: 1.4.0 - jsonpath-plus@10.4.0: dependencies: '@jsep-plugin/assignment': 1.3.0(jsep@1.4.0) '@jsep-plugin/regex': 1.0.4(jsep@1.4.0) jsep: 1.4.0 + jsonpath-rfc9535@1.3.0: {} + jsonpointer@5.0.1: {} katex@0.16.44: @@ -4411,7 +4156,7 @@ snapshots: lodash.topath@4.5.2: {} - lodash@4.17.23: {} + lodash@4.18.0: {} long@5.3.2: {} @@ -4454,7 +4199,7 @@ snapshots: markdownlint: 0.40.0 markdownlint-cli2-formatter-default: 0.0.6(markdownlint-cli2@0.22.0) micromatch: 4.0.8 - smol-toml: 1.6.0 + smol-toml: 1.6.1 transitivePeerDependencies: - supports-color @@ -4657,20 +4402,10 @@ snapshots: braces: 3.0.3 picomatch: 2.3.2 - mime-db@1.52.0: {} - - mime-types@2.1.35: - dependencies: - mime-db: 1.52.0 - minimatch@10.2.4: dependencies: brace-expansion: 5.0.5 - minimatch@3.1.2: - dependencies: - brace-expansion: 1.1.13 - minimatch@3.1.5: dependencies: brace-expansion: 1.1.13 @@ -4691,7 +4426,7 @@ snapshots: optionalDependencies: react-dom: 19.2.4(react@19.2.4) - mobx-react@9.2.1(mobx@6.12.3)(react-dom@19.2.4(react@19.2.4))(react@19.2.4): + mobx-react@9.2.0(mobx@6.12.3)(react-dom@19.2.4(react@19.2.4))(react@19.2.4): dependencies: mobx: 6.12.3 mobx-react-lite: 4.1.1(mobx@6.12.3)(react-dom@19.2.4(react@19.2.4))(react@19.2.4) @@ -4734,8 +4469,6 @@ snapshots: '@types/sarif': 2.1.7 fs-extra: 10.1.0 - normalize-path@3.0.0: {} - oas-kit-common@1.0.8: dependencies: fast-safe-stringify: 2.1.1 @@ -4752,7 +4485,7 @@ snapshots: oas-kit-common: 1.0.8 reftools: 1.1.9 yaml: 1.10.3 - yargs: 17.0.1 + yargs: 17.7.2 oas-schema-walker@1.1.5: {} @@ -4786,19 +4519,6 @@ snapshots: dependencies: wrappy: 1.0.2 - open@10.1.0: - dependencies: - default-browser: 5.5.0 - define-lazy-prop: 3.0.0 - is-inside-container: 1.0.0 - is-wsl: 3.1.1 - - openapi-sampler@1.7.0: - dependencies: - '@types/json-schema': 7.0.15 - fast-xml-parser: 5.5.9 - json-pointer: 0.6.2 - openapi-sampler@1.7.2: dependencies: '@types/json-schema': 7.0.15 @@ -4886,12 +4606,6 @@ snapshots: prettier@3.8.1: {} - pretty-format@29.7.0: - dependencies: - '@jest/schemas': 29.6.3 - ansi-styles: 5.2.0 - react-is: 18.3.1 - printable-characters@1.0.42: {} prismjs@1.30.0: {} @@ -4932,8 +4646,6 @@ snapshots: react-is@16.13.1: {} - react-is@18.3.1: {} - react-tabs@6.1.1(react@19.2.4): dependencies: clsx: 2.1.1 @@ -4948,11 +4660,7 @@ snapshots: string_decoder: 1.3.0 util-deprecate: 1.0.2 - readdirp@3.6.0: - dependencies: - picomatch: 2.3.2 - - redoc@2.5.0(core-js@3.32.1)(mobx@6.12.3)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(styled-components@6.3.9(react-dom@19.2.4(react@19.2.4))(react@19.2.4)): + redoc@2.5.1(core-js@3.32.1)(mobx@6.12.3)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(styled-components@6.3.9(react-dom@19.2.4(react@19.2.4))(react@19.2.4)): dependencies: '@redocly/openapi-core': 1.34.11 classnames: 2.5.1 @@ -4965,7 +4673,7 @@ snapshots: mark.js: 8.11.1 marked: 4.3.0 mobx: 6.12.3 - mobx-react: 9.2.1(mobx@6.12.3)(react-dom@19.2.4(react@19.2.4))(react@19.2.4) + mobx-react: 9.2.0(mobx@6.12.3)(react-dom@19.2.4(react@19.2.4))(react@19.2.4) openapi-sampler: 1.7.2 path-browserify: 1.0.1 perfect-scrollbar: 1.5.6 @@ -5027,12 +4735,10 @@ snapshots: reusify@1.1.0: {} - rollup@2.79.2: + rollup@2.80.0: optionalDependencies: fsevents: 2.3.3 - run-applescript@7.1.0: {} - run-parallel@1.2.0: dependencies: queue-microtask: 1.2.3 @@ -5166,8 +4872,6 @@ snapshots: slugify@1.4.7: {} - smol-toml@1.6.0: {} - smol-toml@1.6.1: {} source-map-js@1.2.1: {} @@ -5273,7 +4977,7 @@ snapshots: oas-validator: 5.0.8 reftools: 1.1.9 yaml: 1.10.3 - yargs: 17.0.1 + yargs: 17.7.2 transitivePeerDependencies: - encoding @@ -5290,6 +4994,8 @@ snapshots: tr46@0.0.3: {} + ts-algebra@1.2.2: {} + tslib@1.14.1: {} tslib@2.8.1: {} @@ -5327,8 +5033,6 @@ snapshots: possible-typed-array-names: 1.1.0 reflect.getprototypeof: 1.0.10 - typedarray@0.0.6: {} - typescript@6.0.2: {} uc.micro@2.1.0: {} @@ -5336,6 +5040,10 @@ snapshots: uglify-js@3.19.3: optional: true + ulid@2.4.0: {} + + ulid@3.0.2: {} + unbox-primitive@1.1.0: dependencies: call-bound: 1.0.4 @@ -5345,7 +5053,7 @@ snapshots: undici-types@7.18.2: {} - undici@6.24.1: {} + undici@6.24.0: {} unicorn-magic@0.4.0: {}