This is a great library that you have going on here.
Unfortunately, it doesn't play well with a lot of serverless environments, such as Google Cloud Functions. Mainly because that environment wants to start the GCP server itself.

It might be worth making the starting of a server optional. Since you expose the app, that allows the serverless controller to start it up the way it needs.

We recently upgraded to express-zod-api v10. This, in general, massively cleaned up our OpenAPI schema and made it work much better with code generation tools (thanks for that! 🙏). Still, it seems like it also introduced a new bug or potentially a new gotcha we weren't aware of.

Here's how to reproduce the problem:

1. Create an endpoint or middleware that has an input with a description:

export const testEndpoint = endpointFactory.build({
  input: z.object({
    cursor: z
      .string()
      .optional()
      .describe(
        'An optional cursor string used for pagination.' +
          ' This can be retrieved from the `next` property of the previous page response.',
      ),
  }),
  output: z.object({}),
  handler: async () => {
    return {}
  },
})

2. Generate the OpenAPI schema and look at the output:

parameters:
  - name: cursor
    in: query
    required: false
    description: GET /hris/employees parameter
    schema:
      $ref: "#/components/schemas/GetHrisEmployeesParameterCursor"

GetHrisEmployeesParameterCursor:
  type: string
  description: An optional cursor string used for pagination. This can be
    retrieved from the `next` property of the previous page response.

The custom description is outputted, but only on the referenced schema, not the actual parameter. On the parameter, the description is not only missing (which might cause documentation tools to pull the description from the schema), but specifically set to something generic (GET /hris/employees parameter).

The result is that no helpful information makes it all the way through to the docs:

I'm wondering: Is this expected behavior, and there's a workaround, or is this a bug introduced by the new major release? 🤔

Originally posted by @McMerph in #931 (comment)

Let's make an option to control the depiction of optional props.

I get this error when using a custom express instance:
Argument of type '{ app: Express; }' is not assignable to parameter of type '(AppConfig | ServerConfig) & CommonConfig'.
Type '{ app: Express; }' is not assignable to type 'AppConfig & CommonConfig'.
Type '{ app: Express; }' is missing the following properties from type 'CommonConfig': cors, logger [2345]

We recently upgraded our express-zod-api major version and only now realized a bug with one of our lesser-used endpoints. It seems like the update changed how inputs on DELETE endpoints are interpreted.

Previously, the inputs were interpreted to come from the request body, and the OpenAPI schema also reflected that.

Now, the inputs are interpreted to come from the query parameters, with the OpenAPI schema also reflecting that.

I'm wondering: Was this a conscious change in behavior? Is there a way to revert back to using the request body?

Let me know if I should provide any more detailed examples!

If output uses z.array().notempty, Open API won't start with the message Zod type ZodNonEmptyArray is unsupported
ZodUndefined also does not work
express-zod-api version is 2.3.0

Hi, I've run into some trouble with OpenAPI spec generation of input and output payloads. My goal is to accept an arbitrary object as input. The way I've found that I can accomplish this is with z.record(z.any()) and that works just fine functionality wise. The issue I run into is that when I generate the docs, I get the following YAML in the OpenAPI spec that's generated:

type: object
additionalProperties:
  format: any
  nullable: true

When I check the validity of this using a tool like Redocly's CLI, I get the following error:

The `type` field must be defined when the `nullable` field is used.

687 |   additionalProperties:
688 |     format: any
689 |     nullable: true

From looking at the OpenAPI spec, this is an accurate error. I was wondering if there was a known workaround/better way to handle a schema field for accepting an arbitrary object. Just using z.any() results in the same error as above.

If I manually edit the spec and add type: object to the additionalProperties, the spec stops throwing that error. Here's an example:

type: object
additionalProperties:
  format: any
  nullable: true
  type: object

I'm wondering if this is an issue with spec generation, or if I'm just trying to tackle this problem the wrong way. If you have any advice on how I should be using Zod to accept an arbitrary object that passes the OpenAPI spec, I'd love to hear.

Thank you!

The locked package creates this error
The inferred type of 'courierEndpoint' cannot be named without a reference to 'express-zod-api/node_modules/zod'. This is likely not portable. A type annotation is necessary.

Route path params in OpenAPI / Swagger specification should use curly braces notation instead of colon notation used by Express.

https://swagger.io/specification/
see "Path Templating"

Path templating refers to the usage of template expressions, delimited by curly braces ({}), to mark a section of a URL path as replaceable using path parameters.

Reported in PR #201

Steps to reproduce:

• Add test (e.g. at tests/unit/open-api.spec.ts):

test("should pass over the multiple examples of an object", () => {
  const zodSchema = z.object({ a: z.string() });
  const spec = new OpenAPI({
    config: sampleConfig,
    routing: {
      v1: {
        addSomething: defaultEndpointsFactory.build({
          method: "post",
          input: withMeta(zodSchema).example({ a: "first" }),
          output: withMeta(zodSchema.extend({ b: z.string() }))
            .example({ a: "first", b: "prefix_first" })
            .example({ a: "second", b: "prefix_second" }),
          handler: async ({ input: { a } }) => ({ a, b: `prefix_${a}` }),
        }),
      },
    },
    version: "3.4.5",
    title: "Testing Metadata:example on IO parameter",
    serverUrl: "http://example.com",
  }).getSpecAsYaml();
  expect(spec).toMatchSnapshot();
});

• Add snapshot (e.g. at tests/unit/__snapshots__/open-api.spec.ts.snap):

exports[`Open API generator Metadata should pass over the multiple examples of an object 1`] = `
"openapi: 3.0.0
info:
  title: Testing Metadata:example on IO parameter
  version: 3.4.5
paths:
  /v1/addSomething:
    post:
      responses:
        "200":
          description: POST /v1/addSomething Successful response
          content:
            application/json:
              schema:
                type: object
                properties:
                  status:
                    type: string
                    enum:
                      - success
                  data:
                    type: object
                    properties:
                      a:
                        type: string
                      b:
                        type: string
                    required:
                      - a
                      - b
                    example:
                      a: first
                      b: prefix_first
                required:
                  - status
                  - data
              examples:
                example1:
                  value:
                    status: success
                    data:
                      a: first
                      b: prefix_first
                example2:
                  value:
                    status: success
                    data:
                      a: second
                      b: prefix_second
        "400":
          description: POST /v1/addSomething Error response
          content:
            application/json:
              schema:
                type: object
                properties:
                  status:
                    type: string
                    enum:
                      - error
                  error:
                    type: object
                    properties:
                      message:
                        type: string
                    required:
                      - message
                required:
                  - status
                  - error
              examples:
                example1:
                  value:
                    status: error
                    error:
                      message: Sample error message
      requestBody:
        content:
          application/json:
            schema:
              description: POST /v1/addSomething request body
              type: object
              properties:
                a:
                  type: string
              required:
                - a
            examples:
              example1:
                value:
                  a: first
components:
  schemas: {}
  responses: {}
  parameters: {}
  examples: {}
  requestBodies: {}
  headers: {}
  securitySchemes: {}
  links: {}
  callbacks: {}
tags: []
servers:
  - url: http://example.com
"
`;

• run test

Actual behaviour:

The above test fails because there are extra generated examples in the endpoint requestBody:

                  - a
                  examples:
                    example1:
                      value:
                        a: first
    +               example2:
    +                 value:
    +                   a: first
    +                   b: prefix_first
    +               example3:
    +                 value:
    +                   a: second
    +                   b: prefix_second
    +               example4:
    +                 value:
    +                   a: first
    +                   b: prefix_first
    +               example5:
    +                 value:
    +                   a: first
    +                   b: prefix_first
    +               example6:
    +                 value:
    +                   a: second
    +                   b: prefix_second
    +               example7:
    +                 value:
    +                   a: first
    +                   b: prefix_second
    +               example8:
    +                 value:
    +                   a: first
    +                   b: prefix_first
    +               example9:
    +                 value:
    +                   a: second
    +                   b: prefix_second
      components:
        schemas: {}
        responses: {}
        parameters: {}
        examples: {}

Expected behaviour

The above test passes.

The workaround is to use

input: withMeta(zodSchema.extend({})).example(...

instead of

input: withMeta(zodSchema).example(...

So my guess is that the reason for this behaviour is that withMeta mutates its argument

I was trying express-zod-api and found errors with CORS.

For request with methods different of GET and POST, it looks like the CORS middleware doesn't exits, similar to #514

Reproduction repository https://github.com/leosuncin/express-zod-api-cors-error

This is basically the same issue as #178, just a new version of it.

Because express-zod-api specifies that it is only compatible with zod version 3.20.2 you will get errors if try to use it in an app that uses any other version of zod.

This is all that is needed to reproduce it:

mkdir repro && cd repro
yarn init -y
yarn add typescript zod express-zod-api

cat <<'END' > index.ts
import { z } from 'zod';
import { defaultEndpointsFactory } from 'express-zod-api';

defaultEndpointsFactory.build( {
  method: 'get',
  input: z.object({}),
  output: z.object({}),
  async handler() {},
} );
END

./node_modules/.bin/tsc ./index.ts

This is the error that is produced:

repro.ts:6:3 - error TS2322: Type 'ZodObject<{}, "strip", ZodTypeAny, {}, {}>' is not assignable to type 'IOSchema<any>'.
  Type 'ZodObject<{}, "strip", ZodTypeAny, {}, {}>' is not assignable to type 'ZodObject<any, any, ZodTypeAny, { [x: string]: any; }, { [x: string]: any; }>'.
    Types have separate declarations of a private property '_cached'.

6   input: z.object({}),
    ~~~~~

This happens because locking the version of zod means that unless every package in the project that uses zod also locks it to the exact same version, you are going to end up with a situation like this:

❯ find node_modules -type d -name zod
node_modules/zod
node_modules/express-zod-api/node_modules/zod

This means that the zod being used by express-zod-api is not the same as the zod being used in the rest of the app.

Pretty much the title. I wan to save myself to to run another express process and rather let express-zod-api run within SvelteKit, e.g. launched in the hook.ts file

Is this possible?

Hello and thanks for building this package, i was looking for something like this since a while.
It looks like i'm unable to use a zod array as an endpoint return type.

 const updateUserEndpoint = basicEndpointsFactory.build({
    method: "put",
    input: z.object({}),
    output: z.object({ test: z.string() }).array(),
    handler: async ({ options, logger, input }) => {
//.....
}
)}

gives me a typerror on the output key, with the following output

Type 'ZodArray<ZodObject<{ test: ZodString; }, "strip", ZodTypeAny, { test: string; }, { test: string; }>, "many">' is not assignable to type 'IOSchema<any>'.
  Type 'ZodArray<ZodObject<{ test: ZodString; }, "strip", ZodTypeAny, { test: string; }, { test: string; }>, "many">' is missing the following properties from type 'ZodDiscriminatedUnion<string, Primitive, ZodObject<any, any, ZodTypeAny, { [x: string]: any; }, { [x: string]: any; }>>': discriminator, validDiscriminatorValues, optionsts(2322)
endpoints-factory.d.ts(12, 5): The expected type comes from property 'output' which is declared here on type 'BuildProps<ZodObject<{}, "strip", ZodTypeAny, {}, {}>, IOSchema<any>, ZodObject<{}, "strip", ZodTypeAny, {}, {}>, { ...; }, "put", string>'

Unfortunately, .array does not exist on type ZodObject, if i remember correctly AnyZodObject should be the right type in order to accept every zod schema.
Am i doing something wrong or this is an intended behavior?
Thanks in advance!

It would be great to have the possibility to use the .superRefine() method in the endpoint's inputs. It will allow validating the input object in a more advanced way and return all issues found. To build the OpenAPI spec it's possible to use .InnerType() I think.

Since Node 12 is no longer supported, it's time to move forward with the best modern approaches.

https://gist.github.com/sindresorhus/a39789f98801d908bbc7ff3ecc99d99c

Another small bug my team discovered:

Right now, it's not possible to define a middleware with a dateIn input. Calling an endpoint using such a middleware always results in a <field_name>: Expected string, received date error.

I didn't have time to look into the source code here, but it seems like inputs might be parsed/validated multiple times (once at the middleware and then again at the endpoint), and by the time they're checked for the second time the date string has already been parsed to a date (which is not the expected input type of dateIn). Could that be the case?

Hi! I was looking for something that enforced zod types to my input body/query params and automatically caught exceptions thrown from my async handlers and i found this. Looks awesome and at first glance it functions well. After diving a bit deeper though i've run into some problems:

• I can't find any documentation on how you access & validate express route path values. E.g. express.get('/users/:id', ...) - how do i set a schema for id and access its value?
• I can't find any documentation on how you work with array outputs [1]
• I can't seem to create an endpoint without any inputs, e.g. a GET route with not query params - is this a conscious decision that you always have to define an input schema? Can't find any documentation on it.
• When using DependsOnMethod i can specify a certain endpoint for e certain method, but i still have to set the method property of the endpoint. Concious decision? [2]
• There is no example of a POST with query parameters. Is this not supported? I know of several APIs that use this and since im doing some vetting i just want to know :-)

1. Array output error

2. DependsOnMethod

const post = defaultEndpointsFactory.build({
  description: 'Create todo',
  method: 'post', // explicitly have to say that it is a post method
  input: CreateTodoInput,
  output: CreateTodoOutput,
  handler: async ({ input: todo}) => {
    todos.push({ ...todo, id })
    id++;
    return {...todo, id }
  },
})

export default new DependsOnMethod({
  post,
})

Most of these questions probably have a simple answer, and this issue is not about the problem themselves (if any) but the lack of documentation. Not trying to sound like a jerk here, i'm just happy i found this. Great work 👍

Suddenly I found out that yarn does NOT respect yarn.lock files of sub-dependencies. So the version of zod defined in my yarn.lock file does not actually mean anything when doing yarn add express-zod-api.

Related issue: yarnpkg/yarn#4928

https://classic.yarnpkg.com/blog/2016/11/24/lockfiles-for-all/

When you publish a package that contains a yarn.lock, any user of that library will not be affected by it. When you install dependencies in your application or library, only your own yarn.lock file is respected. Lockfiles within your dependencies will be ignored.

Holy Moly!

The version of Zod 3.10.x seems to have some breaking changes and it should not be installed according to my lock file included to the package distribution, but yarn installs this version along with my library and it causes the following error.

/node_modules/zod/lib/types.js:82
           path: params?.path || [],
                        ^

SyntaxError: Unexpected token '.'

Whenever I try to generate OpenAPI spec using:

const yamlString = new OpenAPI({
  routing: routes, // the same routing and config that you use to start the server
  config,
  version: '1',
  title: 'Posterr API',
  serverUrl: 'https://localhost:8080'
}).getSpecAsYaml();

I get the following error:

Error: Zod type ZodDate is unsupported
    at depictSchema (/Users/gmcouto/code/strider-backend/node_modules/express-zod-api/src/open-api-helpers.ts:652:11)
    at /Users/gmcouto/code/strider-backend/node_modules/express-zod-api/src/open-api-helpers.ts:124:46
    at Array.map (<anonymous>)
    at depictUnion (/Users/gmcouto/code/strider-backend/node_modules/express-zod-api/src/open-api-helpers.ts:124:18)

Typescript reports an error when using z.coerce or .transform in output.

Additionally generating an OpenAPI spec fails at runtime when using z.coere.bigint in input

Minimal reproducible example

import { defaultEndpointsFactory, z } from "express-zod-api";

const testEndpoint = defaultEndpointsFactory.build({
  method: "get",
  input: z.object({}),
  output: z.object({
    name: z.coerce.string(),
    id: z.coerce.bigint().
  }),
  handler: async () => {
    return { name: 1, id: "1" };  // <-  Type 'number' is not assignable to type 'string'
  },
});

Edit: Reading a bit through issues and discussions the behavior for output transforms seems intended?
Anyhow generating a OpenAPI spec still fails with z.coerce.bigint in input.

Originally posted by @McMerph in #951

TS4023: Exported variable 'getFileStreamingEndpointsFactory' has or is using name 'ZodFileDef' from external module "{{some path}}/node_modules/.pnpm/[email protected]_n5zqmeauuo4jduap7lnbjtm454/node_modules/express-zod-api/dist/index" but cannot be named.

since 10.0.0-beta1

Doing .addExpressMiddleware(cors()) has no effect since it's not run for the OPTIONS request. This example is also in Readme, so it should be fixed.

Originally posted by @HardCoreQual in #500 (reply in thread)

Can be bug that
ExpressZodEndpoidFactory.addExpressMiddleware(cors()) don't work // createServer
and is necessary to use expressApp.use(cors()) // attachRouting
or it work like expected ?

Currently, there is no way to do refinements on the entire input object, only on it's properties. It would be great if there was a way to support this:

example:

body is

{
  type: 'type1',
  dynamicValue: { 
     type1Attribute: 1,
  } 
}

{
  type: 'type2',
  dynamicValue: { 
     type2Attribute: '1',
  } 
}

I want to be able to do:

defaultEndpointsFactory.build({
   input: z.object({ 
      type: z.union([z.literal('type1'), z.literal('type2')]),
      dynamicValue: z.union([
        z.object({ type1Attribute: z.number() }),
        z.object({ type2Attribute: z.string() })
      ]),
    }).refine(data => {
       if (data.type === "type1") {
          return !!(data.dynamicValue as any).type1Attribute
       }
       return true;
    }, { message: 'type1Attribute is required if type is type1', path: ['dynamicValue']]),
   ...
});

but I get an error like this..

type ZodEffects<....> is not assignable to type IOSchema<any>

As a workaround, I could change my input to be something like..

z.object({ data: z.object(...).refine(...) })

But I don't want to have to define my inputs like that.

If I'm trying to create an endpoint with an output that contains a field with type z.record() or z.any(), the OpenAPI builder fails with the message:

error: Cannot convert undefined or null to object
error: TypeError: Cannot convert undefined or null to object

Given that express-zod-api is currently able to generate swagger documentation would it be possible to add test-data generation too or even full jest test generation?
not as a replacement for tests but as a way to remove the majority of the boilerplate usually required when writing tests for express controllers.
I'm happy to write the code for this myself if needed.

Would it be possible to expose the default 404 handler so it can be used when using a custom express instance to provide a consistent api interface with minimal effort?

Currently the package provides a logger in a sort of DI way which is extremely useful.
I believe it should be possible to generalise this so users could add their own dependancy objects to pass to handlers when building endpoints.
I've got some code that can sort of do this already however it is not perfect yet and would be a breaking change when it shouldn't be so not ready for a pull request yet.
An example usage would be

new EndPointFactory(...)
  .addDependancy({db:SomeDataBaseObject})
  .build({
    input:...
    output:...
    handler: async ({input, db, logger})=>{
      db.query();
      return ...;
    }),
  });

Sorry for any mistakes, its 04:00 am here.
What do you think of this?
I'd also like to expand it to add dependancies that get created with a function on each request too for stuff like specific database connections instead of a single database object.

Hello,

I'm following documentation https://github.com/RobinTail/express-zod-api#connect-to-your-own-express-app and it states Please note that in this case you probably need to parse request.body

What I do is:

import bodyParser from "body-parser";

export const postUserEndpointInput = z.object({
  id: z.number(),
  ids: z.number().array(),
});

export const postUserEndpoint = defaultEndpointsFactory
  .use(bodyParser.json()) // <-- express middleware to parse body
  .build({
    method: "post",
    input: postUserEndpointInput,
    output: z.object({
      id: z.number().optional(),
      ids: z.number().array().optional(),
    }),
    handler: async ({ input: { id, ids }, logger }) => {
      logger.debug("id", id); // type: number
      logger.debug("ids", ids); // type: number[]
      return { id, ids };
    },
  });

type PostUserEndpointInput = z.infer<typeof postUserEndpointInput>;

const postInput: PostUserEndpointInput = {
  id: 123,
  ids: [1, 2, 3, 4, 5]
}

fetch('/v1/post-user', {
  method: 'POST',
  headers: {
    'Accept': 'application/json',
    'Content-Type': 'application/json'
  },
  body: JSON.stringify(postInput)
})
  .then((res) => res.json())
  .then((json) => (data.value = json))
  .catch((err) => (error.value = err))

But POST request always fail the validation. Looks like body is never parsed.

How to handle body in a correct way with custom express integration?

Hi and first of all thanks for express-zod-api.
To avoid redundant code it would be useful in my case to reuse an endpoint handler.
I explain better the use case, suppose you have two endpoints:

• api/company/create that create a company record and the owner profile
• api/profile/create that create a profile in the company, regardless of its role.

Calling the first endpoint I have to provide also the data to create the first profile, so in the first endpoint's handle I would like to use the functionality offered by the second endpoint.
I know that I can workaround this by export the handle function directly and use it, but in this case I will lose some features like the parsing of the input and the output, access to options, etc.

do you have any suggestions?
Thanks

Hello,

First of all, thank you very much for your package!

I'm starting using it and I'm running into an issue. I have a piece of code that looks like this:

input: z.object({
        username: z.string().nonempty().max(100).refine(async username => {
            return await someAsyncFunction(username} == 0
       })
}),

I'm doing an async refinement, which should be allowed according to Zod docs. But I am getting this error:
Async refinement encountered during synchronous parse operation. Use .parseAsync instead..

It looks like my username is not being parsed with parseAsync() but with parse(). Is the fact that we can't use async refinements on purpose?

Hi,

I've started trying to use this module to manage my endpoints since I love the philosophy of how it's setup. I have a question about a use case.

For an endpoint with multiple methods (i.e. post and get) is it possible to have an input and output for post that is different than the input and output for get? Or, I guess a way to attach different endpoint definitions to the same route would also work?

I'm looking at moving my apis over to use express-zod-api however one endpoint returns large zipped files using res.sendFile() .
The example says that this is possible but doesn't explain what sort of output validation / typing information I should give for streamed responses.
Do I just use string or is there a better option?

It looks like OpenAPI spec forbids a request body for DELETE operations:

• According to https://www.rfc-editor.org/rfc/rfc9110.html#name-delete:

Although request message framing is independent of the method used, content received in a DELETE request has no generally defined semantics, cannot alter the meaning or target of the request, and might lead some implementations to reject the request and close the connection because of its potential as a request smuggling attack

• According to https://stackoverflow.com/a/54980985:

No, you cannot use the OpenAPI 3.0 Specification and Swagger tools to implement DELETE requests with a request body

Steps to reproduce:

• add endpoint with delete method like this:

defaultEndpointsFactory.build({
  methods: ["delete"],
  input: z.object({}),
...

• call new OpenAPI({...}).getSpecAsYaml()
• validate generated spec (e.g. on https://editor.swagger.io/)

Actual behaviour:

There is a semantic error DELETE operations cannot have a requestBody in OpenAPI spec

Expected behaviour

OpenApi spec generates without requestBody for DELETE operations

I need a better test for lastResortHandler in case of an error in ResultHandler

Originally posted by @RobinTail in #134 (comment)

Are there any future plans to allow refining of an input, and not just it's properties?

For example, I want to check that an input has at least one property, but I don't care which one.

endpointsFactory.build({
  method: "post",
  input: z
    .object({
      email: z.string().email().optional(),
      id: z.string().optional(),
      otherThing: z.string().optional()
    })
    .refine(
      x => Object.keys(x).length >= 1,
      'Please provide at least one property'
    ),
  output: z.object({
    /* ... */
  }),
  handler: async ({ input, logger }) => {
    /* ... */
  },
});

Currently the above will fail as the input is of type ZodEffects which cannot be assigned to IOSchema.

Or maybe there's a better solution to the above example

I have an app where we want to accept a wide number of params and query and pull it all together as a object.

I was wandering if i we could use input: z.record(z.string(), z.string()) it would accept them and pull those together

Existing Middleware

       const options = {};

        Object.keys(req.query).forEach(param => options[param] = req.query[param]);
        Object.keys(req.params).forEach(param => options[param] = req.params[param]);

        req.opts = options;

Discussed in #803

security: { type: "bearer", format: "JWT" }

TypeError: methods[security.type] is not a function
    at {{PROJECT_DIR}}/node_modules/express-zod-api/src/open-api-helpers.ts:801:69
    at {{PROJECT_DIR}}/node_modules/express-zod-api/src/logical-container.ts:40:15
    at Array.map (<anonymous>)
    at mapLogicalContainer ({{PROJECT_DIR}}/node_modules/express-zod-api/src/logical-container.ts:37:28)
    at depictSecurity ({{PROJECT_DIR}}/node_modules/express-zod-api/src/open-api-helpers.ts:800:29)
    at onEndpoint ({{PROJECT_DIR}}/node_modules/express-zod-api/src/open-api.ts:120:25)
    at {{PROJECT_DIR}}/node_modules/express-zod-api/src/routing-walker.ts:46:9
    at Array.forEach (<anonymous>)
    at {{PROJECT_DIR}}/node_modules/express-zod-api/src/routing-walker.ts:45:15
    at Array.forEach (<anonymous>)

security: { type: "bearer" }

security: { or: [{ type: "bearer", format: "JWT" }] }

security: { and: [{ type: "bearer", format: "JWT" }] }

Under debugger launched in VSCode on Windows the following method:

const swaggerDocument = new OpenAPI({
      routing: router,
      version: '0.0.1',
      title: 'API',
      serverUrl: 'https://example.com',
}).getSpec();

throws the error: Zod type ZodObject is unsupported

If I run the same code from the console it works fine.

NodeJS: v14.17.3
TS: v4.2.4

I get type error while declaring output from defaultEndpointsFactory build method. I couldn't find any answer in the documentation.

"typescript": "^4.7.4",
"express-zod-api": "^8.3.4",

// imports
import { Feature, FeatureService } from '@entities/feature.entity';
import { 
  createServer, 
  Routing, 
  z, 
  defaultEndpointsFactory,
  createResultHandler,
  createApiResponse,
  IOSchema,
  EndpointsFactory,
  createConfig,
} from "express-zod-api";

// code
const getFeatures = defaultEndpointsFactory.build({
  method: "get",
  output: z.any().array(),
  handler: async () => {
    const features = new FeatureService();
    const featureList = await features.list();
    return featureList;
  },
});

The type error: (property) output: z.ZodArray<z.ZodAny, "many">

Type 'ZodArray<ZodAny, "many">' is not assignable to type 'IOSchema<any>'.
  Property 'innerType' is missing in type 'ZodArray<ZodAny, "many">' but required in type 'ZodEffects<ZodObject<any, any, ZodTypeAny, { [x: string]: any; }, { [x: string]: any; }>, { [x: string]: any; }, { [x: string]: any; }>'.ts(2322)
types.d.ts(631, 5): 'innerType' is declared here.
endpoints-factory.d.ts(14, 5): The expected type comes from property 'output' which is declared here on type 'BuildProps<IOSchema<any>, IOSchema<any>, null, {}, "get", string, string>'

Hello.
I have a question, it is possible to configure route parameter in endpoint url? For example for route /user/:id i want to get id parameter somewhere in handler parameter, like it is happens for query parameters.
Thanks.

hi there.
When referencing either httpServer or httpsServer, these objects seem to miss their types.

only app and logger objects have their types

Node version: 16.17.0
TypeScript Compiler version: 4.8.4
Visual Studio Code version: 1.73.0 (user setup)
express-zod-api package version: 8.3.4

Steps to reproduce:

• use createServer with default server.jsonParser to start the server
• send request with invalid JSON. e.g.:

curl --location 'http://localhost:{{port}}/whatever-path' \
--header 'Content-Type: application/json' \
--data '{
    a: "b"
}'

Actual behaviour:

The server responds with a 500 error

Expected behaviour

The server responds with a 400 error

One possible workaround is to pass a custom jsonParser:

import { isHttpError } from "http-errors";

...
const rawJsonParser = express.json();
const jsonParser: typeof rawJsonParser = (request, response, next) => {
  rawJsonParser(request, response, (error) => {
    if (error instanceof Error) {
      response.statusCode = isHttpError(error)
        ? error.status
        : getStatusCodeFromError(error);
      response.end(getMessageFromError(error));
    } else {
      next(error);
    }
  });
};
...
createServer(createConfig({
...
server: {
  jsonParser,
  ...
}
}), routing)

Note that code above will not work without the isHttpError check, because there is no such check inside getStatusCodeFromError. @RobinTail, Is it intentional?

From discussion #361.

test("should return array of arrays", () => {
  expect(
    getExamples(
      withMeta(z.array(z.number().int())).example([1, 2]).example([3, 4]),
      false
    )
  ).toEqual([
    [1, 2],
    [3, 4],
  ]);
});

it fails with:

 FAIL  tests/unit/common-helpers.spec.ts
  ● Common Helpers › getExamples() › should return array of arrays

    expect(received).toEqual(expected) // deep equality

    - Expected  - 4
    + Received  + 0

      Array [
    -   Array [
        1,
        2,
    -   ],
    -   Array [
        3,
        4,
    -   ],
      ]

So, getExamples merges the arrays into one.
I believe it is because of concat at

Originally posted by @McMerph in #361 (reply in thread)

First of all: Great job on this library! It manages to strike an almost perfect balance between being super quick and easy to get started with while also not being too restrictive or opinionated. Kind of like tRPC but more "public-API-friendly".

Anyway, my team and I discovered a small bug in how the OpenAPI schema is being generated:

All fields with the dateIn or dateOut type don't keep the descriptions assigned using .describe(). Instead, they always have the description set to YYYY-MM-DDTHH:mm:ss.sssZ. It seems to be caused by the depictDateIn and depictDateOut functions not taking into account custom descriptions.

I want to mount express-zod-api as part of an existing express app?
How can I do it?

oh boy, i just spent the last couple hours running in circles trying to figure this one out. my API endpoint was returning {"status":"success"} with no data, which was then causing errors when my generated client was assuming "status":"success" means data should be present

the culprit is this:

1. the error is only passed to the result handler if it's instanceof Error -

   express-zod-api/src/endpoint.ts

   Lines 333 to 335 in 721a41e

   	if (e instanceof Error) {
   	error = e;
   	}

2. if there's no error passed to the result handler, it returns a 200 and a success status regardless of whether there's any real data or not -

   express-zod-api/src/result-handler.ts

   Lines 83 to 89 in 721a41e

   	if (!error) {
   	response.status(200).json({
   	status: "success" as const,
   	data: output,
   	});
   	return;
   	}

3. turns out that running prettier programmatically throws a string 😅 - this was in my code

I was about to open a PR up but I'm actually not really sure how you want to handle this since this will be a breaking change, albeit a needed one IMO (probably before the v8 release?). the two obvious choices seem to be:

1. widening the typings on the ResultHandler so you can pass in any kind of error (thus passing the onus to the default handler or the downstream consumer to handle more error cases)
2. just stringify any non-object error and create an Error object out of it

the latter seems way easier and with less breaking changes, whereas the former will certainly break any custom result handler implementations. but if you're gonna make a breaking change anyway, I think the former is the way to go because if you just coerce everything into a string then it gives downstream consumers no way to implement custom error handling based on the type of the error

so my suggestion is to change the error type in the ResultHandler to unknown, then check if it's !== undefined (or != null to handle both undefined & null?) rather than just checking if it's falsey like you currently do. but not sure if you've got some other thoughts on how to better handle this?

Hello there.
I am trying to setup a project and have tests with jest and ts-jest.
The installation of jest itself is pretty smooth.
However, whenever I try to install ts-jest, i get the following error:

Is it possible to install ts-jest along with the express-zod-api package without forcing it with either of the --force, or --legacy-peer-deps flags?

P.S., Here is some info about my environment:

OS: Windows 10 | 64 bit
Node.js Version: 16.17.0
npm Version: 8.17.0

When an API route has multiple - in the path, for example /api/test-this-one-out, generating the client-side library breaks.

Specifically, the type names that are generated include all the - characters after the first one. My guess is there is a replace that should be a replaceAll or something along those lines

An example screenshot is attached