Skip to content

Fix API spec to match the actual hexpm implementation and add CI#45

Merged
ericmj merged 5 commits intomainfrom
ericmj/fix-api-spec-and-add-ci
Apr 8, 2026
Merged

Fix API spec to match the actual hexpm implementation and add CI#45
ericmj merged 5 commits intomainfrom
ericmj/fix-api-spec-and-add-ci

Conversation

@ericmj
Copy link
Copy Markdown
Member

@ericmj ericmj commented Apr 8, 2026

Spec fixes:

  • OAuth2 tokens use Bearer prefix in Authorization header
  • Short URL returns 201 with {url}, not 200 with {short_code, short_url}
  • Delete all keys returns 200 with body, not 204
  • Document downloads as alias for total_downloads sort
  • Fix API Blueprint violations (body on 204 response, duplicate Body blocks)

CI:

  • Validate apiary.apib with drafter (errors and warnings fail the build)
  • CodeQL and zizmor for Actions security scanning
  • Dependabot for keeping pinned action versions current

ericmj added 3 commits April 8, 2026 10:58
@ericmj
Fix API spec to match hexpm implementation
eed33e3 
- OAuth2 tokens use Bearer prefix in Authorization header
- Short URL endpoint returns 201 with {url}, not 200 with {short_code, short_url}
- Delete all keys returns 200 with authing key body, not 204
- Document downloads as alias for total_downloads sort option
- Remove body text from 204 response (HTTP spec violation)
- Remove duplicate Body blocks in OAuth token request (API Blueprint violation)
@ericmj
Add CI to validate API Blueprint syntax
e6e1bfa 
Builds drafter from source and runs it against apiary.apib.
Fails on both errors and warnings.

Pin checkout action to SHA, restrict permissions, and disable
credential persistence.
@ericmj
Add CodeQL, zizmor, and Dependabot for GitHub Actions
98aa64d 
- CodeQL scans Actions workflows for security issues
- Zizmor audits workflow security
- Dependabot keeps pinned action versions current
@github-advanced-security
Copy link
Copy Markdown

github-advanced-security bot commented Apr 8, 2026

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

ericmj added 2 commits April 8, 2026 12:34
@ericmj
Fix drafter build on Ubuntu 24.04
26ba1e0 
Add missing <cstdint> include for GCC 13+ compatibility.
@ericmj
Fix drafter binary path in CI
b46e701 
The cmake build places the binary in a subdirectory, not
directly in the build root.
@ericmj ericmj merged commit 2ae15f3 into main Apr 8, 2026
5 checks passed
@ericmj ericmj deleted the ericmj/fix-api-spec-and-add-ci branch April 8, 2026 12:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ericmj @github-advanced-security