Skip to content

Bugfix for remote specs with params #21634

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 28, 2025
Merged

Bugfix for remote specs with params #21634

merged 2 commits into from
Jul 28, 2025

Conversation

@Hobbesgoblin
Copy link
Contributor

@Hobbesgoblin Hobbesgoblin commented Jul 26, 2025
edited
Loading

Fixes #19724
[BUG] openapi-generator-maven-plugin 7.7.0 or 7.8.0 on Windows

The issue was originally introduced in PR #18576

The Issue

Due to the changed If statement in CodeGenMojo.java the code in the block would never be entered for remote URLs, resulting in any parameters being part of the hashFileName.
The result of this was that the special characters would make the code generation fail on Windows (as the hashfile would never be saved, resulting in a FileNotFoundException) as well as leaking potentially sensitve inrformation, like parameter submitted access tokens, in the log (via the thrown expcetion on the filename in windows) or the filename of the hashfile on systems where the filename was still legal.

My changes

I reverted the condition to its previous state. This fixes the issue without breaking the loading of specs from jar files, for which it was added in the first place.

I added new or changed existing tests for this testcase with against a file in the repo, with some useless parameters, as currently github seems to ignore paramters for raw.githubusercontent.com URLs.

The change in the Gradle Plugin test is just for completeness.
The issue does not appear in the gradle plugin.

PR checklist

  • Read the contribution guidelines.
  • Pull Request title clearly describes the work in the pull request and Pull Request description provides details about how to validate the work. Missing information here may result in delayed response from the community.
  • Run the following to build the project and update samples: 
    ./mvnw clean package || exit
./bin/generate-samples.sh ./bin/configs/*.yaml || exit
./bin/utils/export_docs_generators.sh || exit
    (For Windows users, please run the script in WSL)
    Commit all changed files.
    This is important, as CI jobs will verify all generator outputs of your HEAD commit as it would merge with master.
    These must match the expectations made by your contribution.
    You may regenerate an individual generator by passing the relevant config(s) as an argument to the script, for example ./bin/generate-samples.sh bin/configs/java*.
    IMPORTANT: Do NOT purge/delete any folders/files (e.g. tests) when regenerating the samples as manually written tests may be removed.
  • File the PR against the correct branch: master (upcoming 7.x.0 minor release - breaking changes with fallbacks), 8.0.x (breaking changes without fallbacks)
  • If your PR is targeting a particular programming language, @mention the technical committee members, so they are more likely to review the pull request.

@Hobbesgoblin
[Bugfix][Maven-Plugin] Bugfix for remote input specs with parameters
b7b8da5 
If the inputSpec was a web address that contained parameters, code generation would fail, because the filepath would contain illegal characters, since the code inside the if-block would be skipped. A side effect of this was, that in the log and in the filename in linux the parameters would be leaked, which could potentially sensitive information like Gitlab Access Tokens
@Hobbesgoblin
[Test][Gradle Plugin] Update GenerateTaskDslTest.kt
4a6ebec 
Extended the Test for testing remote inputSpecs with urlParams, a case that caused problems in the maven plugin.
@wing328
Copy link
Member

wing328 commented Jul 27, 2025

@Hobbesgoblin thanks for the fix

cc @parenko (the author of #18576)

@wing328 wing328 merged commit 1c2ef33 into OpenAPITools:master Jul 28, 2025
16 checks passed
@wing328
Copy link
Member

wing328 commented Jul 28, 2025

thanks for the fix. let's give it a try

@wing328 wing328 added this to the 7.15.0 milestone Aug 9, 2025
Goopher pushed a commit to Goopher/openapi-generator that referenced this pull request Sep 9, 2025
@Hobbesgoblin
Bugfix for remote specs with params (OpenAPITools#21634)
779bc08 
* [Bugfix][Maven-Plugin] Bugfix for remote input specs with parameters

If the inputSpec was a web address that contained parameters, code generation would fail, because the filepath would contain illegal characters, since the code inside the if-block would be skipped. A side effect of this was, that in the log and in the filename in linux the parameters would be leaked, which could potentially sensitive information like Gitlab Access Tokens

* [Test][Gradle Plugin] Update GenerateTaskDslTest.kt

Extended the Test for testing remote inputSpecs with urlParams, a case that caused problems in the maven plugin.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Issue: Bug

Projects

None yet

Milestone

7.15.0

Development

Successfully merging this pull request may close these issues.

[BUG] openapi-generator-maven-plugin 7.7.0 or 7.8.0 on Windows

2 participants

@Hobbesgoblin @wing328