search

blst-security / cherrybomb

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
https://www.blstsecurity.com/cherrybomb
Apache License 2.0
1.08k stars 78 forks source link

Publish crate as a library #126

Closed Kinrany closed 7 months ago

Kinrany commented 1 year ago

Is your feature request related to a problem? Please describe. I'd like to apply the tool in CI to an API written in Rust.

Describe the solution you'd like Publish the crate as a library on crates.io. This will allow using the library in tests in-process, without having to compile or install it separately and without having to expose an internal schema.

GuyL99 commented 1 year ago

Hi @Kinrany Cherrybomb is already published as a crate in crates.io. Here is the link: https://crates.io/crates/cherrybomb

Kinrany commented 1 year ago

The request was for publishing as a library.

GuyL99 commented 1 year ago

I'm sorry, I misunderstood. Which part of cherrybomb did you want posted as a library?

Kinrany commented 1 year ago

Hopefully everything that can be done with the CLI! Even just the top-level Clap type would be nice, assuming that's what you use.

jayvdb commented 12 months ago

This would be fantastic. For me it would allow me to workaround https://github.com/blst-security/cherrybomb/pull/117 , and force running of cherrybomb within the tools I used to generate or read the openapi, such as https://github.com/oxidecomputer/progenitor , so I can first have cherrybomb sanity check the input before handing it to other libraries which are going to fail badly if the input is broken.

jayvdb commented 12 months ago

Looks like most of this app is published as https://crates.io/crates/cherrybomb-engine