Forum Discussion

GAskefalk's avatar
GAskefalk
New Contributor
7 months ago

Bugs with Annotations?

My Stack.
Java 17/Jakarta EE10/Wildfly 21/ Swagger-core-jakarta 2.2.19. Using swagger-annotations.

Bug 1. @Schema inside @Arrayschema.
I am using @Arrayschema but i will also need to define the schema for the items and add some validations to it. If i use items= @Schema it gets worse, then the items class is not even generated..
Example:

@JsonProperty("causes")
@ArraySchema(maxItems = 4096, minItems = 0, schema = @Schema(implementation = String.class, description = "causes", pattern = "\\P{Cc}\\P{Cn}\\P{Cs}\\P{Cf}", minLength = 1, maxLength = 4096))
private List<String> causes;

The only thing that makes is way to my OPENAPI.json file is that
Items are of String.class.
None of my validatons like min/max lenght, pattern etc is rendered.

This creates a huge problem as my OWASP Top Ten static analyzer renders this a serious issue.

Am i doing this wrong? Are there bugs?Do i need to add something?

Bug 2. AdditionalProperties not set to false.

I can not get the AdditionalProperties  flag set. Ever

Example
@Schema(name = "CMSResponseError",
description = "CMSResponseError",
additionalProperties = Schema.AdditionalPropertiesValue.FALSE
)
public class CMSResponseError implements CmsObject {

This is again a red flag for my OWASP checks, as this poses a security threat.


Am i doing this wrong? Are there bugs?Do i need to add something?

 

 

5 Replies

    • ayyjayy2's avatar
      ayyjayy2
      New Contributor

      I'm more so here to figure out how you're using swagger-annotations with Java 17. Mine only works with 11

      • GAskefalk's avatar
        GAskefalk
        New Contributor

        V3? 

         

        Works well i use 2.2.20 and jakarta specfic 

        Deps. No issues at all. 

        What does not work?