DefectDojo / django-DefectDojo

DevSecOps, ASPM, Vulnerability Management. All on one platform.
https://defectdojo.com
BSD 3-Clause "New" or "Revised" License
3.69k stars 1.55k forks source link

Switch API v2 to OpenAPI Specification v3.x #3569

Closed damiencarol closed 2 years ago

damiencarol commented 3 years ago

Is your feature request related to a problem? Please describe The API v2 generate currently OpenAPI v2 definitions.

Describe the solution you'd like As a User, I want to have an API that supports v3 of OpenAPI

Describe alternatives you've considered Tried to convert schema file from /api/v2/doc/?format=openapi with some online tools without success.

Additional context The current module used (drf-yasg) for the API v2 could be a problem in the long term as it is not in the roadmap.

More details here

valentijnscholten commented 3 years ago

image

valentijnscholten commented 3 years ago

I believe @xens and @RomainJufer are doing lots of work on the API and also on getting the swagger spec to work correctly. I haven't hear them about openapi v3, would be interesting to hear their opinion. I believe there are some issues with drf-yasg that we are now working around, so maybe using drf-spectacular could help?

damiencarol commented 3 years ago

I think you are right. I read in a ticket of drf-yasg project that supporting 3.0 will need to much work and it's not very clear if they really can/want to do this job.

valentijnscholten commented 3 years ago

I made a start in https://github.com/DefectDojo/django-DefectDojo/pull/4541 but it seems drf-spectacular has some rough edges . So for now I think I will concentrate on fixing the wrong schema's in our current Swagger/OpenAPIv2 spec.

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.