Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: add openapi-ts and hey-api/client-fetch #47

Merged
merged 2 commits into from
Jan 11, 2025
Merged

chore: add openapi-ts and hey-api/client-fetch #47

merged 2 commits into from
Jan 11, 2025

Conversation

peppescg
Copy link
Collaborator

Autogenerate types from codegate openapi.json with openapi-ts.
Create fetch client wrapper with hey-api/client-fetch

@peppescg peppescg self-assigned this Jan 10, 2025
@stacklok-cloud-staging Stacklok Cloud (Staging)
Copy link

Minder Vulnerability Report ✅

Minder analyzed this PR and found it does not add any new vulnerable dependencies.

Vulnerability scan of cf90bd1c:

  • 🐞 vulnerable packages: 0
  • 🛠 fixes available for: 0

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 10, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @hey-api/client-fetch

Trusty Score: 0

Alternatives
Package Score Description
axios 0
isomorphic-fetch 0

📦 Dependency: @hey-api/json-schema-ref-parser

Trusty Score: 0

Scoring details
Component Score
Package activity 4.2
Repository activity 0.2
User activity 8.3
Provenance unknown

📦 Dependency: @hey-api/openapi-ts

Trusty Score: 0

📦 Dependency: @jsdevtools/ono

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.8
User activity 6.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 7
Number of git tags or releases 59
Versions matched to tags or releases 6

📦 Dependency: c12

Trusty Score: 0

Scoring details
Component Score
Package activity 1.9
Repository activity 3.9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 45
Number of git tags or releases 42
Versions matched to tags or releases 41
Alternatives
Package Score Description
dotenv 0
config 0

📦 Dependency: chokidar

Trusty Score: 0

Scoring details
Component Score
Package activity 8.2
Repository activity 6.5
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 110
Number of git tags or releases 103
Versions matched to tags or releases 96

📦 Dependency: chownr

Trusty Score: 0

Scoring details
Component Score
Package activity 5
Repository activity 2.2
User activity 7.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 10
Number of git tags or releases 10
Versions matched to tags or releases 9

📦 Dependency: citty

Trusty Score: 0

Scoring details
Component Score
Package activity 6.5
Repository activity 4.4
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 10
Number of git tags or releases 7
Versions matched to tags or releases 7

📦 Dependency: commander

Trusty Score: 0

Scoring details
Component Score
Package activity 8.6
Repository activity 7.2
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 117
Number of git tags or releases 125
Versions matched to tags or releases 91

📦 Dependency: confbox

Trusty Score: 0

Scoring details
Component Score
Package activity 5.1
Repository activity 2.6
User activity 7.5
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 10
Number of git tags or releases 7
Versions matched to tags or releases 6

📦 Dependency: consola

Trusty Score: 0

Scoring details
Component Score
Package activity 7.8
Repository activity 5.9
User activity 9.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 90
Number of git tags or releases 90
Versions matched to tags or releases 83
Alternatives
Package Score Description
chalk 0
log-symbols 0

📦 Dependency: defu

Trusty Score: 0

Scoring details
Component Score
Package activity 6.4
Repository activity 3.8
User activity 8.9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 28
Number of git tags or releases 26
Versions matched to tags or releases 25

📦 Dependency: destr

Trusty Score: 0

Scoring details
Component Score
Package activity 6.1
Repository activity 3.6
User activity 8.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 22
Number of git tags or releases 20
Versions matched to tags or releases 20
Alternatives
Package Score Description
flatted 0

📦 Dependency: dotenv

Trusty Score: 0

Scoring details
Component Score
Package activity 7.8
Repository activity 6.4
User activity 9.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 88
Number of git tags or releases 80
Versions matched to tags or releases 77
Alternatives
Package Score Description
dotenv-flow 0
dotenv-safe 0

📦 Dependency: fs-minipass

Trusty Score: 0

Scoring details
Component Score
Package activity 5.6
Repository activity 2.5
User activity 8.7
Provenance verified_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 15
Number of git tags or releases 15
Versions matched to tags or releases 14

This package has been digitally signed using sigtore.
Source repository https://github.com/npm/fs-minipass
Cerificate Issuer CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow .github/workflows/release.yml
Rekor (public ledger) entry https://search.sigstore.dev/?logIndex=31256097

📦 Dependency: giget

Trusty Score: 0

Scoring details
Component Score
Package activity 6.6
Repository activity 4.2
User activity 9.1
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 22
Number of git tags or releases 20
Versions matched to tags or releases 20

📦 Dependency: handlebars

Trusty Score: 0

Scoring details
Component Score
Package activity 8.6
Repository activity 8
User activity 9.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 81
Number of git tags or releases 89
Versions matched to tags or releases 75

📦 Dependency: jiti

Trusty Score: 0

Scoring details
Component Score
Package activity 7.2
Repository activity 4.5
User activity 9.9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 99
Number of git tags or releases 97
Versions matched to tags or releases 95
Alternatives
Package Score Description
ts-node 0

📦 Dependency: minimist

Trusty Score: 0

Scoring details
Component Score
Package activity 1.9
Repository activity 3.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 30
Number of git tags or releases 30
Versions matched to tags or releases 29
Alternatives
Package Score Description
argparse 0

📦 Dependency: minipass

Trusty Score: 0

Scoring details
Component Score
Package activity 6.1
Repository activity 3
User activity 9.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 68
Number of git tags or releases 68
Versions matched to tags or releases 68
Alternatives
Package Score Description
readable-stream 0
through2 0
stream 0

📦 Dependency: minizlib

Trusty Score: 0

Scoring details
Component Score
Package activity 5.2
Repository activity 2.4
User activity 8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 20
Number of git tags or releases 20
Versions matched to tags or releases 19

📦 Dependency: mkdirp

Trusty Score: 0

Scoring details
Component Score
Package activity 6
Repository activity 2.6
User activity 9.4
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 30
Number of git tags or releases 25
Versions matched to tags or releases 24
Alternatives
Package Score Description
make-dir 0
mkdirp-then 0

📦 Dependency: mlly

Trusty Score: 0

Scoring details
Component Score
Package activity 6.8
Repository activity 4.2
User activity 9.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 78
Number of git tags or releases 75
Versions matched to tags or releases 75

📦 Dependency: neo-async

Trusty Score: 0

Scoring details
Component Score
Package activity 6.9
Repository activity 3.8
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 77
Number of git tags or releases 88
Versions matched to tags or releases 83

📦 Dependency: node-fetch-native

Trusty Score: 0

Scoring details
Component Score
Package activity 6.2
Repository activity 3.1
User activity 9.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 29
Number of git tags or releases 26
Versions matched to tags or releases 26

📦 Dependency: nypm

Trusty Score: 0

Scoring details
Component Score
Package activity 2
Repository activity 3.9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 19
Number of git tags or releases 16
Versions matched to tags or releases 16
Alternatives
Package Score Description
pnpm 0
yarn 0

📦 Dependency: ohash

Trusty Score: 0

Scoring details
Component Score
Package activity 1.7
Repository activity 3.4
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 12
Number of git tags or releases 10
Versions matched to tags or releases 7
Alternatives
Package Score Description
murmurhash-js 0
murmurhash 0

📦 Dependency: perfect-debounce

Trusty Score: 0

Scoring details
Component Score
Package activity 5.9
Repository activity 3.1
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 7
Number of git tags or releases 5
Versions matched to tags or releases 5
Alternatives
Package Score Description
debounce 0
throttle-debounce 0
lodash.debounce 0

📦 Dependency: pkg-types

Trusty Score: 0

Scoring details
Component Score
Package activity 6
Repository activity 3.5
User activity 8.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 28
Number of git tags or releases 26
Versions matched to tags or releases 26
Alternatives
Package Score Description
tsconfig-paths 0
tsconfig-paths-webpack-plugin 0
tsconfig 0

📦 Dependency: rc9

Trusty Score: 0

Scoring details
Component Score
Package activity 5.7
Repository activity 3.2
User activity 8.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 20
Number of git tags or releases 18
Versions matched to tags or releases 10
Alternatives
Package Score Description
config 0

📦 Dependency: readdirp

Trusty Score: 0

Scoring details
Component Score
Package activity 6.5
Repository activity 3.9
User activity 9.1
Provenance verified_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 43
Number of git tags or releases 42
Versions matched to tags or releases 38

This package has been digitally signed using sigtore.
Source repository https://github.com/paulmillr/readdirp
Cerificate Issuer CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow .github/workflows/publish-npm.yml
Rekor (public ledger) entry https://search.sigstore.dev/?logIndex=136506020

📦 Dependency: source-map

Trusty Score: 0

Scoring details
Component Score
Package activity 8.2
Repository activity 6.3
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 62
Number of git tags or releases 43
Versions matched to tags or releases 43

📦 Dependency: tar

Trusty Score: 0

Scoring details
Component Score
Package activity 7.2
Repository activity 5.1
User activity 9.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 121
Number of git tags or releases 101
Versions matched to tags or releases 100

📦 Dependency: typescript

Trusty Score: 0

Scoring details
Component Score
Package activity 10
Repository activity 10
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3256
Number of git tags or releases 238
Versions matched to tags or releases 75
Alternatives
Package Score Description
flow-bin 0
tsc 0

📦 Dependency: ufo

Trusty Score: 0

Scoring details
Component Score
Package activity 6.8
Repository activity 4.3
User activity 9.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 57
Number of git tags or releases 67
Versions matched to tags or releases 49

📦 Dependency: uglify-js

Trusty Score: 0

Scoring details
Component Score
Package activity 8.3
Repository activity 7.3
User activity 9.4
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 288
Number of git tags or releases 105
Versions matched to tags or releases 99

📦 Dependency: wordwrap

Trusty Score: 0

Scoring details
Component Score
Provenance unknown

📦 Dependency: yallist

Trusty Score: 0

Scoring details
Component Score
Package activity 5.1
Repository activity 2.5
User activity 7.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 16
Number of git tags or releases 16
Versions matched to tags or releases 16
Alternatives
Package Score Description
linked-list 0

@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 12715085689

Details

  • 45 of 49 (91.84%) changed or added relevant lines in 9 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.5%) to 68.31%
Changes Missing Coverage Covered Lines Changed/Added Lines %
src/api/generated/sdk.gen.ts 6 7 85.71%
src/components/ui/chart.tsx 1 2 50.0%
src/hooks/useAlertsStore.ts 11 12 91.67%
src/hooks/usePromptsStore.ts 6 7 85.71%
Totals Coverage Status
Change from base Build 12708455685: 0.5%
Covered Lines: 396
Relevant Lines: 498
💛 - Coveralls

@peppescg peppescg enabled auto-merge (squash) January 10, 2025 18:31
aponcedeleonch
aponcedeleonch approved these changes Jan 11, 2025
View reviewed changes
Copy link
Collaborator

@aponcedeleonch aponcedeleonch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it makes sense.

As a second step I think we should modify the GH action in codegate repo to also post a PR when the openapi.json changes. Either that or make this repo to always take as reference the one in codegate repo (I don't know if that's possible). But basically, have a single source of truth. I'm assuming that right now you copy-pasted from the one generated in codegate.

@peppescg peppescg merged commit fb5ebf5 into main Jan 11, 2025
7 checks passed
@peppescg peppescg deleted the issues/43 branch January 11, 2025 12:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stacklok-cloud-staging stacklok-cloud-staging[bot] stacklok-cloud-staging[bot] left review comments

@aponcedeleonch aponcedeleonch aponcedeleonch approved these changes

Assignees

@peppescg peppescg

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@peppescg @coveralls @aponcedeleonch