npx @pactflow/swagger-mock-validator@latest security.oas.yml security.pact.json <aws:pactflow-dev-admin>
TypeError: Cannot read properties of undefined (reading 'type')
at isApiKeySecuritySchemeInHeaderOrQuery (file:///Users/matthew.fellows/.npm/_npx/102906fda511f716/node_modules/@pactflow/swagger-mock-validator/dist/swagger-mock-validator-6f145e61.js:15762:17)
at isSupportedRequirementDefinition (file:///Users/matthew.fellows/.npm/_npx/102906fda511f716/node_modules/@pactflow/swagger-mock-validator/dist/swagger-mock-validator-6f145e61.js:15768:10)
at getCredential (file:///Users/matthew.fellows/.npm/_npx/102906fda511f716/node_modules/@pactflow/swagger-mock-validator/dist/swagger-mock-validator-6f145e61.js:15746:10)
at toParsedSpecSecurityRequirement (file:///Users/matthew.fellows/.npm/_npx/102906fda511f716/node_modules/@pactflow/swagger-mock-validator/dist/swagger-mock-validator-6f145e61.js:15755:44)
at file:///Users/matthew.fellows/.npm/_npx/102906fda511f716/node_modules/@pactflow/swagger-mock-validator/dist/swagger-mock-validator-6f145e61.js:15781:12
at Array.map (<anonymous>)
at parseSecurityRequirementGroup (file:///Users/matthew.fellows/.npm/_npx/102906fda511f716/node_modules/@pactflow/swagger-mock-validator/dist/swagger-mock-validator-6f145e61.js:15780:6)
at file:///Users/matthew.fellows/.npm/_npx/102906fda511f716/node_modules/@pactflow/swagger-mock-validator/dist/swagger-mock-validator-6f145e61.js:15786:12
at Array.map (<anonymous>)
at parseAllSecurityRequirements (file:///Users/matthew.fellows/.npm/_npx/102906fda511f716/node_modules/@pactflow/swagger-mock-validator/dist/swagger-mock-validator-6f145e61.js:15785:67)
The issue is that foo is not a defined security scheme. A better error message would help.
We could also consider a behaviour where we actually ignore an invalid security definition if provided (i.e. be tolerant). SwaggerHub doesn't error in this case, for example.
Given the following OAS and pact
security.oas.yml
security.pact.json:
The following error is given:
The issue is that
foo
is not a defined security scheme. A better error message would help.We could also consider a behaviour where we actually ignore an invalid security definition if provided (i.e. be tolerant). SwaggerHub doesn't error in this case, for example.