go.mod: bump github.com/getkin/kin-openapi to v0.131.0

As deepmap/oapi-codegen didn't work with this newer version, upgrade to oapi-codegen/oapi-codegen v2. Mitigating CVE-2025-30153
2025-03-21 11:50:30 +01:00 · 2025-03-21 11:50:30 +01:00 · b2700903ae
commit b2700903ae
parent c5cb0d0618
403 changed files with 44758 additions and 16347 deletions
--- a/vendor/github.com/getkin/kin-openapi/openapi3/path_item.go
+++ b/vendor/github.com/getkin/kin-openapi/openapi3/path_item.go
@ -2,16 +2,17 @@ package openapi3

 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	"net/http"
-
-	"github.com/getkin/kin-openapi/jsoninfo"
+	"sort"
 )

 // PathItem is specified by OpenAPI/Swagger standard version 3.
-// See https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#pathItemObject
+// See https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.3.md#path-item-object
 type PathItem struct {
-	ExtensionProps
+	Extensions map[string]any `json:"-" yaml:"-"`
+	Origin     *Origin        `json:"__origin__,omitempty" yaml:"__origin__,omitempty"`

 	Ref         string     `json:"$ref,omitempty" yaml:"$ref,omitempty"`
 	Summary     string     `json:"summary,omitempty" yaml:"summary,omitempty"`
@ -29,16 +30,99 @@ type PathItem struct {
 	Parameters  Parameters `json:"parameters,omitempty" yaml:"parameters,omitempty"`
 }

-func (pathItem *PathItem) MarshalJSON() ([]byte, error) {
-	return jsoninfo.MarshalStrictStruct(pathItem)
+// MarshalJSON returns the JSON encoding of PathItem.
+func (pathItem PathItem) MarshalJSON() ([]byte, error) {
+	x, err := pathItem.MarshalYAML()
+	if err != nil {
+		return nil, err
+	}
+	return json.Marshal(x)
 }

+// MarshalYAML returns the YAML encoding of PathItem.
+func (pathItem PathItem) MarshalYAML() (any, error) {
+	if ref := pathItem.Ref; ref != "" {
+		return Ref{Ref: ref}, nil
+	}
+
+	m := make(map[string]any, 13+len(pathItem.Extensions))
+	for k, v := range pathItem.Extensions {
+		m[k] = v
+	}
+	if x := pathItem.Summary; x != "" {
+		m["summary"] = x
+	}
+	if x := pathItem.Description; x != "" {
+		m["description"] = x
+	}
+	if x := pathItem.Connect; x != nil {
+		m["connect"] = x
+	}
+	if x := pathItem.Delete; x != nil {
+		m["delete"] = x
+	}
+	if x := pathItem.Get; x != nil {
+		m["get"] = x
+	}
+	if x := pathItem.Head; x != nil {
+		m["head"] = x
+	}
+	if x := pathItem.Options; x != nil {
+		m["options"] = x
+	}
+	if x := pathItem.Patch; x != nil {
+		m["patch"] = x
+	}
+	if x := pathItem.Post; x != nil {
+		m["post"] = x
+	}
+	if x := pathItem.Put; x != nil {
+		m["put"] = x
+	}
+	if x := pathItem.Trace; x != nil {
+		m["trace"] = x
+	}
+	if x := pathItem.Servers; len(x) != 0 {
+		m["servers"] = x
+	}
+	if x := pathItem.Parameters; len(x) != 0 {
+		m["parameters"] = x
+	}
+	return m, nil
+}
+
+// UnmarshalJSON sets PathItem to a copy of data.
 func (pathItem *PathItem) UnmarshalJSON(data []byte) error {
-	return jsoninfo.UnmarshalStrictStruct(data, pathItem)
+	type PathItemBis PathItem
+	var x PathItemBis
+	if err := json.Unmarshal(data, &x); err != nil {
+		return unmarshalError(err)
+	}
+	_ = json.Unmarshal(data, &x.Extensions)
+	delete(x.Extensions, originKey)
+	delete(x.Extensions, "$ref")
+	delete(x.Extensions, "summary")
+	delete(x.Extensions, "description")
+	delete(x.Extensions, "connect")
+	delete(x.Extensions, "delete")
+	delete(x.Extensions, "get")
+	delete(x.Extensions, "head")
+	delete(x.Extensions, "options")
+	delete(x.Extensions, "patch")
+	delete(x.Extensions, "post")
+	delete(x.Extensions, "put")
+	delete(x.Extensions, "trace")
+	delete(x.Extensions, "servers")
+	delete(x.Extensions, "parameters")
+	if len(x.Extensions) == 0 {
+		x.Extensions = nil
+	}
+	*pathItem = PathItem(x)
+	return nil
 }

 func (pathItem *PathItem) Operations() map[string]*Operation {
-	operations := make(map[string]*Operation, 4)
+	operations := make(map[string]*Operation)
 	if v := pathItem.Connect; v != nil {
 		operations[http.MethodConnect] = v
 	}
@ -119,11 +203,48 @@ func (pathItem *PathItem) SetOperation(method string, operation *Operation) {
 	}
 }

-func (value *PathItem) Validate(ctx context.Context) error {
-	for _, operation := range value.Operations() {
+// Validate returns an error if PathItem does not comply with the OpenAPI spec.
+func (pathItem *PathItem) Validate(ctx context.Context, opts ...ValidationOption) error {
+	ctx = WithValidationOptions(ctx, opts...)
+
+	operations := pathItem.Operations()
+
+	methods := make([]string, 0, len(operations))
+	for method := range operations {
+		methods = append(methods, method)
+	}
+	sort.Strings(methods)
+	for _, method := range methods {
+		operation := operations[method]
 		if err := operation.Validate(ctx); err != nil {
+			return fmt.Errorf("invalid operation %s: %v", method, err)
+		}
+	}
+
+	if v := pathItem.Parameters; v != nil {
+		if err := v.Validate(ctx); err != nil {
 			return err
 		}
 	}
-	return nil
+
+	return validateExtensions(ctx, pathItem.Extensions)
+}
+
+// isEmpty's introduced in 546590b1
+func (pathItem *PathItem) isEmpty() bool {
+	// NOTE: ignores pathItem.Extensions
+	// NOTE: ignores pathItem.Ref
+	return pathItem.Summary == "" &&
+		pathItem.Description == "" &&
+		pathItem.Connect == nil &&
+		pathItem.Delete == nil &&
+		pathItem.Get == nil &&
+		pathItem.Head == nil &&
+		pathItem.Options == nil &&
+		pathItem.Patch == nil &&
+		pathItem.Post == nil &&
+		pathItem.Put == nil &&
+		pathItem.Trace == nil &&
+		len(pathItem.Servers) == 0 &&
+		len(pathItem.Parameters) == 0
 }