hidi release

SECURITY.md

@@ -0,0 +1,41 @@
+<!-- BEGIN MICROSOFT SECURITY.MD V0.0.6 BLOCK -->
+
+## Security
+
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/previous-versions/tn-archive/cc751383(v=technet.10)), please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report).
+
+If you prefer to submit without logging in, send email to [[email protected]](mailto:[email protected]).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/msrc/pgp-key-msrc).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). 
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+  * Full paths of source file(s) related to the manifestation of the issue
+  * The location of the affected source code (tag/branch/commit or direct URL)
+  * Any special configuration required to reproduce the issue
+  * Step-by-step instructions to reproduce the issue
+  * Proof-of-concept or exploit code (if possible)
+  * Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Policy
+
+Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/msrc/cvd).
+
+<!-- END MICROSOFT SECURITY.MD BLOCK -->

src/Microsoft.OpenApi.Hidi/Microsoft.OpenApi.Hidi.csproj

@@ -15,14 +15,15 @@
     <PackageId>Microsoft.OpenApi.Hidi</PackageId>
     <ToolCommandName>hidi</ToolCommandName>
     <PackageOutputPath>./../../artifacts</PackageOutputPath>
-    <Version>1.0.0-preview4</Version>
+    <Version>1.0.0-preview5</Version>
     <Description>OpenAPI.NET CLI tool for slicing OpenAPI documents</Description>
     <Copyright>© Microsoft Corporation. All rights reserved.</Copyright>
     <PackageTags>OpenAPI .NET</PackageTags>
     <RepositoryUrl>https://github.com/Microsoft/OpenAPI.NET</RepositoryUrl>
     <PackageReleaseNotes>
 - Enables discriminator values
 - Adds new OpenAPI convert setting, ExpandDerivedTypesNavigationProperties and sets it to false
+- Bumps up the Microsoft.OpenApi.OData library to v1.0.11-preview2
     </PackageReleaseNotes>
     <AssemblyName>Microsoft.OpenApi.Hidi</AssemblyName>
     <RootNamespace>Microsoft.OpenApi.Hidi</RootNamespace>
@@ -46,7 +47,7 @@
     <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="6.0.0" />
     <PackageReference Include="System.CommandLine" Version="2.0.0-beta3.22114.1" />
     <PackageReference Include="Microsoft.OData.Edm" Version="7.11.0" />
-    <PackageReference Include="Microsoft.OpenApi.OData" Version="1.0.10" />
+    <PackageReference Include="Microsoft.OpenApi.OData" Version="1.0.11-preview2" />
   </ItemGroup>
 
   <ItemGroup>

src/Microsoft.OpenApi.Hidi/OpenApiService.cs

@@ -54,7 +54,8 @@ public static async Task<int> TransformOpenApiDocument(
             CancellationToken cancellationToken
            )
         {
-            var logger = ConfigureLoggerInstance(loglevel);
+            using var loggerFactory = ConfigureLoggerInstance(loglevel);
+            var logger = loggerFactory.CreateLogger<OpenApiService>();
 
             try
             {
@@ -258,7 +259,8 @@ public static async Task<int> ValidateOpenApiDocument(
             LogLevel loglevel, 
             CancellationToken cancellationToken)
         {
-            var logger = ConfigureLoggerInstance(loglevel);
+            using var loggerFactory = ConfigureLoggerInstance(loglevel);
+            var logger = loggerFactory.CreateLogger<OpenApiService>();
 
             try
             {
@@ -573,14 +575,14 @@ private static OpenApiFormat GetOpenApiFormat(string input, ILogger logger)
             return !input.StartsWith("http") && Path.GetExtension(input) == ".json" ? OpenApiFormat.Json : OpenApiFormat.Yaml;
         }
 
-        private static ILogger ConfigureLoggerInstance(LogLevel loglevel)
+        private static ILoggerFactory ConfigureLoggerInstance(LogLevel loglevel)
         {
             // Configure logger options
 #if DEBUG
             loglevel = loglevel > LogLevel.Debug ? LogLevel.Debug : loglevel;
 #endif
 
-            var logger = LoggerFactory.Create((builder) => {
+            return LoggerFactory.Create((builder) => {
                 builder
                     .AddSimpleConsole(c => {
                         c.IncludeScopes = true;
@@ -589,9 +591,7 @@ private static ILogger ConfigureLoggerInstance(LogLevel loglevel)
                     .AddDebug()
 #endif
                     .SetMinimumLevel(loglevel);
-            }).CreateLogger<OpenApiService>();
-
-            return logger;
+            });
         }
     }
 }

src/Microsoft.OpenApi.Hidi/Program.cs

@@ -22,16 +22,16 @@ static async Task Main(string[] args)
             descriptionOption.AddAlias("-d");
 
             var csdlOption = new Option<string>("--csdl", "Input CSDL file path or URL");
-            csdlOption.AddAlias("-cs");
+            csdlOption.AddAlias("--cs");
 
             var csdlFilterOption = new Option<string>("--csdl-filter", "Comma delimited list of EntitySets or Singletons to filter CSDL on. e.g. tasks,accounts");
-            csdlFilterOption.AddAlias("-csf");
+            csdlFilterOption.AddAlias("--csf");
 
             var outputOption = new Option<FileInfo>("--output", () => new FileInfo("./output"), "The output directory path for the generated file.") { Arity = ArgumentArity.ZeroOrOne };
             outputOption.AddAlias("-o");
 
             var cleanOutputOption = new Option<bool>("--clean-output", "Overwrite an existing file");
-            cleanOutputOption.AddAlias("-co");
+            cleanOutputOption.AddAlias("--co");
 
             var versionOption = new Option<string?>("--version", "OpenAPI specification version");
             versionOption.AddAlias("-v");
@@ -40,25 +40,25 @@ static async Task Main(string[] args)
             formatOption.AddAlias("-f");
 
             var terseOutputOption = new Option<bool>("--terse-output", "Produce terse json output");
-            terseOutputOption.AddAlias("-to");
+            terseOutputOption.AddAlias("--to");
 
-            var logLevelOption = new Option<LogLevel>("--loglevel", () => LogLevel.Information, "The log level to use when logging messages to the main output.");
-            logLevelOption.AddAlias("-ll");
+            var logLevelOption = new Option<LogLevel>("--log-level", () => LogLevel.Information, "The log level to use when logging messages to the main output.");
+            logLevelOption.AddAlias("--ll");
 
             var filterByOperationIdsOption = new Option<string>("--filter-by-operationids", "Filters OpenApiDocument by comma delimited list of OperationId(s) provided");
-            filterByOperationIdsOption.AddAlias("-op");
+            filterByOperationIdsOption.AddAlias("--op");
 
             var filterByTagsOption = new Option<string>("--filter-by-tags", "Filters OpenApiDocument by comma delimited list of Tag(s) provided. Also accepts a single regex.");
-            filterByTagsOption.AddAlias("-t");
+            filterByTagsOption.AddAlias("--t");
 
             var filterByCollectionOption = new Option<string>("--filter-by-collection", "Filters OpenApiDocument by Postman collection provided. Provide path to collection file.");
             filterByCollectionOption.AddAlias("-c");
 
-            var inlineLocalOption = new Option<bool>("--inlineLocal", "Inline local $ref instances");
-            inlineLocalOption.AddAlias("-il");
+            var inlineLocalOption = new Option<bool>("--inline-local", "Inline local $ref instances");
+            inlineLocalOption.AddAlias("--il");
 
-            var inlineExternalOption = new Option<bool>("--inlineExternal", "Inline external $ref instances");
-            inlineExternalOption.AddAlias("-ie");
+            var inlineExternalOption = new Option<bool>("--inline-external", "Inline external $ref instances");
+            inlineExternalOption.AddAlias("--ie");
 
             var validateCommand = new Command("validate")
             {

src/Microsoft.OpenApi.Hidi/readme.md

@@ -0,0 +1,92 @@
+# Overview 
+
+Hidi is a command line tool that makes it easy to work with and transform OpenAPI documents. The tool enables you validate and apply transformations to and from different file formats using various commands to do different actions on the files.
+
+## Capabilities
+Hidi has these key capabilities that enable you to build different scenarios off the tool
+
+	• Validation of OpenAPI files 
+	• Conversion of OpenAPI files into different file formats: convert files from JSON to YAML, YAML to JSON
+	• Slice or filter OpenAPI documents to smaller subsets using operationIDs and tags
+
+
+## Installation 
+
+Install [Microsoft.OpenApi.Hidi](https://www.nuget.org/packages/Microsoft.OpenApi.Hidi/1.0.0-preview4) package from NuGet by running the following command:  
+
+### .NET CLI(Global)  
+	1. dotnet tool install --global Microsoft.OpenApi.Hidi --prerelease
+
+
+### .NET CLI(local) 
+
+	1. dotnet new tool-manifest #if you are setting up the OpenAPI.NET repo 
+	2. dotnet tool install --local Microsoft.OpenApi.Hidi --prerelease 
+
+
+
+
+## How to use Hidi
+Once you've installed the package locally, you can invoke the Hidi by running: hidi [command]. 
+You can access the list of command options we have by running hidi -h 
+The tool avails the following commands: 
+
+	• Validate  
+	• Transform 
+
+### Validate 
+This command option accepts an OpenAPI document as an input parameter, visits multiple OpenAPI elements within the document and returns statistics count report on the following elements: 
+
+	• Path Items  
+	• Operations  
+	• Parameters  
+	• Request bodies 
+	• Responses 
+	• Links 
+	• Callbacks 
+	• Schemas 
+
+It accepts the following command: 
+
+	• --openapi(-d) - OpenAPI description file path or URL 
+	• --loglevel(-ll) - The log level to use when logging messages to the main output 
+
+
+**Example:** `hidi.exe validate --openapi C:\OpenApidocs\Mail.yml --loglevel trace` 
+
+Run validate -h to see the options available. 
+
+### Transform 
+Used to convert file formats from JSON to YAML and vice versa and performs slicing of OpenAPI documents. 
+
+This command accepts the following parameters:
+
+	• --openapi(-d) - OpenAPI description file path in the local filesystem or a valid URL hosted on a HTTPS server 
+	• --csdl(-cs) - CSDL file path in the local filesystem or a valid URL hosted on a HTTPS server 
+	• --csdlfilter(-csf) - a filter parameter that a user can use to select a subset of a large CSDL file. They do so by providing a comma delimited list of EntitySet and Singleton names that appear in the EntityContainer. 
+	• --output(-o) - Output directory path for the transformed document 
+	• --clean-ouput(-co) - an optional param that allows a user to overwrite an existing file.  
+	• --version(-v) - OpenAPI specification version 
+	• --format(-f) - File format 
+	• --loglevel(-ll) - The log level to use when logging messages to the main output 
+	• --inline(-i) - Inline $ref instances 
+	• --resolveExternal(-ex) - Resolve external $refs 
+	• --filterByOperationIds(-op) - Slice document based on OperationId(s) provided. Accepts a comma delimited list of operation ids. 
+	• --filterByTags(-t) - Slice document based on tag(s) provided. Accepts a comma delimited list of tags. 
+	• --filterByCollection(-c) - Slices the OpenAPI document based on the Postman Collection file generated by Resource Explorer 
+
+ **Examples:**  
+
+	1. Filtering by OperationIds  
+	hidi transform -d files\People.yml -f yaml -o files\People.yml -v OpenApi3_0 -op users_UpdateInsights -co 
+
+	2. Filtering by Postman collection 
+	hidi transform --openapi files\People.yml --format yaml --output files\People2.yml --version OpenApi3_0 --filterByCollection Graph-Collection-0017059134807617005.postman_collection.json 
+
+	3. CSDL--->OpenAPI conversion and filtering 
+	hidi transform --input Files/Todo.xml --output Files/Todo-subset.yml --format yaml --version OpenApi3_0 --filterByOperationIds Todos.Todo.UpdateTodo 
+
+	4. CSDL Filtering by EntitySets and Singletons 
+	hidi transform -cs dataverse.csdl --csdlFilter "appointments,opportunities" -o appointmentsAndOpportunities.yaml -ll trace 
+
+Run transform -h to see all the available usage options. 

src/Microsoft.OpenApi.Workbench/Microsoft.OpenApi.Workbench.csproj

@@ -8,7 +8,7 @@
   </PropertyGroup>
   <ItemGroup>
     <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.1.1" />
-    <PackageReference Include="Microsoft.DotNet.UpgradeAssistant.Extensions.Default.Analyzers" Version="0.3.310801">
+    <PackageReference Include="Microsoft.DotNet.UpgradeAssistant.Extensions.Default.Analyzers" Version="0.3.326103">
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
     <PackageReference Include="Microsoft.Windows.Compatibility" Version="6.0.0" />

test/Microsoft.OpenApi.Readers.Tests/Microsoft.OpenApi.Readers.Tests.csproj

@@ -243,7 +243,7 @@
 
     <ItemGroup>
         <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.2.0" />
-        <PackageReference Include="FluentAssertions" Version="6.6.0">
+        <PackageReference Include="FluentAssertions" Version="6.7.0">
         </PackageReference>
         <PackageReference Include="Newtonsoft.Json" Version="13.0.1">
         </PackageReference>

test/Microsoft.OpenApi.Tests/Microsoft.OpenApi.Tests.csproj

@@ -15,12 +15,12 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="FluentAssertions" Version="6.6.0" />
+    <PackageReference Include="FluentAssertions" Version="6.7.0" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.2.0" />
     <PackageReference Include="Moq" Version="4.18.1" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
     <PackageReference Include="SharpYaml" Version="1.9.1" />
-    <PackageReference Include="Verify" Version="16.8.1" />
+    <PackageReference Include="Verify" Version="17.1.1" />
     <PackageReference Include="Verify.Xunit" Version="16.8.1" />
     <PackageReference Include="xunit" Version="2.4.1" />
     <PackageReference Include="xunit.runner.visualstudio" Version="2.4.5">