Skip to content

JS-1597 support OpenAPI generated-source outputs#7137

Draft
francois-mora-sonarsource wants to merge 4 commits into
fix/generated-code-detection-02-graphql-foundationfrom
fix/generated-code-detection-03-openapi-detector
Draft

JS-1597 support OpenAPI generated-source outputs#7137
francois-mora-sonarsource wants to merge 4 commits into
fix/generated-code-detection-02-graphql-foundationfrom
fix/generated-code-detection-03-openapi-detector

Conversation

@francois-mora-sonarsource
Copy link
Copy Markdown
Contributor

@francois-mora-sonarsource francois-mora-sonarsource commented May 29, 2026

Summary

  • add an openapi-generator-cli generated-source detector based on literal -o / --output paths
  • restrict detection to explicit JS/TS OpenAPI generators
  • keep the detector shallow by classifying only immediate child source files under the declared output directory
  • watch declared output paths even when they do not exist yet so later-created files are reclassified on refresh

Why

  • PR JS-1597 support GraphQL near-operation-file outputs #7133 added the GraphQL foundation for generated-source metadata; this stacked PR extends the same approach to OpenAPI outputs
  • the initial OpenAPI shape needed the same conservative path-watching behavior as GraphQL to avoid missing outputs created after the first scan
  • current Peachee evidence supports top-level generated files under dedicated API output directories, not recursive nested source discovery

Impact

  • committed JS/TS OpenAPI client outputs can now be recognized as generated sources from package script metadata
  • non-JS generators remain out of scope
  • nested directories without evidence remain out of scope for now

Validation

  • npx tsx --tsconfig packages/tsconfig.test.json --test packages/analysis/tests/jsts/project-metadata/generated-sources.test.ts
  • npm run bbf
  • git diff --check

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 29, 2026

Agentic Analysis: Early Results

Agentic Analysis and Context Augmentation are available on your project. Here are some issues that could have been prevented. Follow the links to learn how to put them into action.

1 issue(s) found across 1 file(s):

Rule File Line Message
typescript:S6564 packages/analysis/src/jsts/rules/helpers/generated-sources/contracts.ts 25 Remove this redundant type alias and replace its occurrences with "string".

Analyzed by SonarQube Agentic Analysis in 3.4 s

@hashicorp-vault-sonar-prod
Copy link
Copy Markdown

hashicorp-vault-sonar-prod Bot commented May 29, 2026
edited by atlassian Bot
Loading

JS-1597

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 29, 2026

Ruling Report

No changes to ruling expected issues in this PR

@sonarqube-next
Copy link
Copy Markdown

sonarqube-next Bot commented May 29, 2026

Quality Gate failed Quality Gate failed

Failed conditions
1 New issue

See analysis details on SonarQube

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE SonarQube for IDE

@gitar-bot
Copy link
Copy Markdown

gitar-bot Bot commented May 29, 2026

Code Review ✅ Approved

Implements an OpenAPI generated-source detector that identifies JS/TS client outputs via package metadata and watches declared output paths for new files. No issues found.

Options

Auto-apply is off → Gitar will not commit updates to this branch.
Display: compact → Showing less information.

Comment with these commands to change:

Auto-apply Compact 
gitar auto-apply:on         

gitar display:verbose

Was this helpful? React with 👍 / 👎 | Gitar

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@francois-mora-sonarsource