Comments (4)
@agmikhailov Please can you close the ticket since the fix for the issue has been merged.
from spec.
I've inspected the fix (commit e8e27ff) and it is dubious. Would require another round of more thorough testing here. On it.
from spec.
@agmikhailov
I've attempted unsuccessfully to reproduce this issue. I am missing some context.
What I can assert is that:
* go-openapi/spec
(unpatched) can load on windows (or unix) with "(" or blanks in space (or other escape characters)
go-openapi/validate
can validate a spec on such a path- the patch from commit e8e27ff disables the cache in some cases by removing the scheme when loading documents
I understand this patch made things work for your use case, but the root cause lies in some other part of go-openapi (perhaps go-openapi/loads, perhaps go-openapi/runtime).
Could you please expose more details about the failing app mentioned above, so I get a change to understand how the failing spec got to be loaded in the first place into the runtime shown in the stack?
from spec.
@agmikhailov , cc: @casualjim , @ChandanChainani
I've tried to reproduce this, building a server on windows 11 with go-swagger, pinning a version of go-openapi/spec without the change that came with commit e8e27ff (with --exclude-spec) and loading it from a path just like the one suggested by the O.P.
The server starts just fine and validates the spec when starting the runtime middleware stack as expected.
I am not denying that a problem may occur, but the root cause analysis provided with this issue is not correct.
Therefore, I am proposing:
- a patch to revert the change from this commit
- a change to ensure that we never have to open the root pseudo-root document: we should never get something like : open c:\program files (x86)\AppName.root: The system cannot find the file specified.
- I assume that what is wrong in this issue is the way the spec document is being loaded. I've inspected go-openapi/loads, but nothing could trigger the aforementioned panic.
from spec.
Related Issues (20)
- Bearer Auth Security Scheme HOT 4
- Spec file is not correctly generated for map to list in struct HOT 2
- Heavy init() calls dramatically slow down tests HOT 3
- heads up: codecov.io security incident - https://about.codecov.io/security-update/ HOT 1
- `AdditionalProperties` doesn't differ empty schema or explicit `false` HOT 1
- High vulnerability in golang.org/x/text
- Description for API Key Security Scheme
- spec OrderSchemaItems.Less panic on reflect.ValueOf(ii).Int()
- [Q] swag dependency HOT 2
- Add Notice file to complete the Apache-2.0 requirements HOT 3
- github.com/go-openapi/[email protected]: verifying module: checksum mismatch HOT 4
- TestNormalize fails with Go 1.19
- Vulnerability Reported for Slack Webhook by Gitleaks Secret Detection HOT 1
- `x-order` require value of `number` to be in quotes
- YAML declarations in SchemaProps struct HOT 1
- Spec parser ignores response entries when there's an extension
- Is this an exposed secret? HOT 2
- Expander: the expanded spec is unusable to resolve circular $ref
- Expander: when expanding with SkipSchema, the relative path is lost
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spec.