tapir

What’s Changed

• Better errors messages for multipart requests (#1728) @adamw
• Removing http4s-blaze-server as a direct dependency. (#1727) @msosnicki
• Easier construction of part codecs (#1725) @adamw
• Play Server: don't fail on unknown part in multipart body (#1704) @vdebergue
• Update zio-http (#1686) @adamw
• Better naming & docs for SwaggerInterpreter parameters (#1703) @adamw

Dependency updates

• Update derevo-core to 0.13.0 (#1733) @scala-steward
• Update jawn-parser to 1.3.2 (#1732) @scala-steward
• Update play-ahc-ws-standalone to 2.1.7 (#1730) @scala-steward
• Update play, play-akka-http-server, ... to 2.8.12 (#1729) @scala-steward
• Update scalafmt-core to 3.3.1 (#1724) @scala-steward
• Update logback-classic, logback-core to 1.2.10 (#1705) @scala-steward
• Update scalafmt-core to 3.2.2 (#1712) @scala-steward
• Update cats-effect to 3.3.3 (#1723) @scala-steward
• Update scalajs-dom to 2.1.0 (#1722) @scala-steward
• Update shared:akka, shared:core, shared:fs2, ... to 1.3.1 (#1720) @scala-steward
• Update cats-effect to 3.3.2 (#1721) @scala-steward
• Update simpleclient_common to 0.14.1 (#1710) @scala-steward
• Update magnolia to 1.0.0 (#1706) @scala-steward
• Update model:core to 1.4.20 (#1707) @scala-steward
• Update akka-stream to 2.6.18 (#1708) @scala-steward
• Update vertx-web to 4.2.3 (#1711) @scala-steward

What’s Changed

• Add a way to add (encoded) examples for streaming bodies (#1702) @adamw
• Allow customisation of the generated OpenAPI model when exposing swagger ui (#1700) @adamw
• Modify the index.html for Swagger UI so that it references the docs yaml directly (#1697) @adamw
• Update magnolia to softwaremill's version (#1696) @adamw

Dependency updates

• Update simpleclient_common to 0.13.0 (#1682) @scala-steward
• Update scala-library, scala-reflect to 2.13.7 (#1571) @scala-steward
• Update shared:akka, shared:core, shared:fs2, ... to 1.3.0 (#1691) @scala-steward

0.19.2 wasn't published due to problems with the release process.

What’s Changed

• Match path exactly even if the path is only specified in the security inputs (#1689) @adamw

0.20.0-M1 wasn't published due to problems with the release process.

Breaking changes

• optional parts in a multipart codec are now represented as a Option[Part[T]], instead of an Part[Option[T]]

What’s Changed

• Point to softwaremill/magnolia (#1688) @oschrenk
• Match path exactly even if the path is only specified in the security inputs (#1689) @adamw
• Disable coursier for netty dependencies (#1680) @adamw
• Allow stub sttp server to interpret request body (#1671) @soujiro32167
• Remove the requirement in DefaultServerLog for a MonadError, pass a "no log" value instead (#1665) @adamw
• Added ability to map error types with zio (#1662) @soujiro32167
• Rename DecodeSuccessContext parameters (#1661) @ex0ns
• Add attributes to endpoint / endpoint io (#1646) @adamw
• MultipartCodec changes (#1617) @micossow

Dependency updates

• Update logback-classic, logback-core to 1.2.9 (#1690) @scala-steward
• Update zio, zio-streams, zio-test, ... to 1.0.13 (#1685) @scala-steward
• Update logback-classic, logback-core to 1.2.8 (#1684) @scala-steward
• Update vertx-web to 4.2.2 (#1683) @scala-steward
• Update netty-all to 4.1.72.Final (#1681) @scala-steward
• Update scalafmt-core to 3.2.1 (#1664) @scala-steward
• Update upickle to 1.4.3 (#1678) @scala-steward
• Update sbt-scalajs, scalajs-compiler, ... to 1.8.0 (#1676) @scala-steward
• Update swagger-ui to 4.1.3 (#1677) @scala-steward
• Update http4s-blaze-client, ... to 0.23.7 (#1673) @scala-steward

What’s Changed

• Fix handling of mixed security and normal paths (#1655) @adamw
• Don't depend on zio-interop-cats in tapir-zio-http-server (#1641) @ghostdogpr
• Fix parentheses (#1639) @fdietze
• Add SwaggerUI.basePath (#1618) @micossow
• Default content type tests (#1632) @micossow
• added zio-json to supported backends (#1628) @nmcb

Dependency updates

• Update play-ahc-ws-standalone to 2.1.6 (#1657) @scala-steward
• Update client3:akka-http-backend, ... to 3.3.18 (#1653) @scala-steward
• Update play-ahc-ws-standalone to 2.1.5 (#1651) @scala-steward
• Update swagger-ui to 4.1.2 (#1650) @scala-steward
• Update scalafmt-core to 3.2.0 (#1649) @scala-steward
• Update refined to 0.9.28 (#1648) @scala-steward
• Update play-ahc-ws-standalone to 2.1.4 (#1647) @scala-steward
• Update cats-effect to 3.3.0 (#1644) @scala-steward
• Update zio-json to 0.2.0-M3 (#1642) @scala-steward
• Update cats-core, cats-laws to 2.7.0 (#1643) @scala-steward
• Update opentelemetry-api, ... to 1.9.1 (#1638) @scala-steward
• Update zio-interop-cats to 3.2.9.0 (#1634) @scala-steward
• Update scalafmt-core to 3.1.2 (#1633) @scala-steward
• Update client3:akka-http-backend, ... to 3.3.17 (#1631) @scala-steward
• Update derevo-core to 0.12.8 (#1630) @scala-steward
• Update jsoniter-scala-core, ... to 2.12.0 (#1629) @scala-steward
• Update tagging to 2.3.2 (#1627) @scala-steward

New features

Security

This release focus on security improvements, most notably extending Endpoint with an additional type parameter A for security inputs. In case security endpoints are defined, the security logic has to be provided first, followed by the server logic. Moreover, error outputs can be extended for partial endpoints by adding new error output variants.

More information on the change:

• security and server logic documentation
• ADR on the security refactoring
• Auth / security enhancements GH issue

Other

• cats-effect 3 & http4s 0.23 support; cats-effect 2 support is dropped
• static file serving support
• Netty server interpreter
• more flexible oneOf outputs, which now allow arbitrary outputs, without the need to provide a status code
• .errorOutVariant for extending error outputs with new variants
• endpoints with authentication can be hidden by returning a 404 instead of a 401 when an alternate DecodeFailureHandler is used

Migrating from previous versions

• replace any occurrence of the Endpoint type with PublicEndpoint
• replace ServerEndpoint[I, E, O, R, F] with ServerEndpoint[R, F] (e.g. ServerEndpointp[Any, Future]), or with ServerEndpoint.Full[Unit, Unit, I, E, O, R, F] if you need to preserve the types of inputs/outputs
• replace any calls to server interpreter which provided the endpoint and server logic separately, with a call to one of the .serverLogic variants. For example, AkkaHttpServerInterpreter().toRoute(helloWorld)(name => Future.successful(Right(s"Hello, $name!"))) should be replaced with AkkaHttpServerInterpreter().toRoute(helloWorld.serverLogicSuccess(name => Future.successful(s"Hello, $name!"))).

This should make the code compile using the new version. The next step would be to move security-related inputs from .in to .securityIn when defining the endpoint, and taking advantage of the security improvements (e.g. separate security and server logic).

Other breaking changes

• server interpreters accept only ServerEndpoints. Replace .toRoute(endpoint)(logic) with .toRoute(endpoint.serverLogic(logic))
• serverLogicInfallible is renamed to serverLogicSuccess
• ServerLog implementations has an extended interface - the whole request is now available
• there's are single swagger & redoc modules, see OpenAPI docs
• specifying custom interceptors is unified across all server interpreters. Previous usages of [Interpreter]ServerOptions.customInterceptors(...) should be replaced with .customInterceptors.[builderMethods]().options
• ZEndpoint is removed, ZServerEndpoint is extended with capabilities
• a 405 is returned if multiple endpoints are being interpreted as a server, the request matches the path of some endpoint but not the method

Deprecations

• oneOfMapping is renamed to oneOfVariant

Towards a stable release

The current plan is to have two more cycles before a stable release: 0.20 and then 1.0, both with a milestone/RC phase.

A stable 1.0 release will mean that core should not change until the next version in a binary-incompatible way - we have MiMA for that already set up. Other integration modules won't have this requirement as they depend on the integrations, so it would be hard to make any promises.

Hence - vote for the issues that you'd like fixed/implemented first and foremost, and let us know if you'd see any needs for breaking changes in core!

Changes since 0.19.0-M16

• Mapping over errors in partial server endpoints (#1623) @adamw
• Properly handle decode failures of both regular & security inputs (#1622) @adamw
• use addSegment instead of addPath for http4s (#1621) @yurique
• Improve how error output variants are defined: fix ordering, provide a method which allows arbitrary ordering (#1620) @adamw
• Enables hiding endpoints with auth inputs if any inputs fails to decode (#1615) @adamw
• ServerLog refactoring (#1598) @micossow
• Improve refined integration for constraint on string size (#1613) @strokyl
• Add swagger and redoc bundles, which allow interpreting and exposing docs in a single step (#1611) @adamw
• Encode possible values when reporting an enumeraton error in the DefaultDecodeFailureHandler (#1608) @adamw
• Add endpoint as a parameter to the OpenAPIDocsOptions (#1609) @adamw
• Rename httpMethod to method and move to EndpointMetaOps (#1607) @adamw
• Header values in Codec, codec naming cleanup (#1606) @adamw
• Fix http4s WebSocket headers (#1601) @ghostdogpr

Dependency updates since 0.19.0-M16

• Update jawn-parser to 1.3.0 (#1614) @scala-steward
• Update scalafmt-core to 3.1.1 (#1612) @scala-steward
• Update derevo-core to 0.12.7 (#1610) @scala-steward
• Update opentelemetry-api, ... to 1.9.0 (#1605) @scala-steward
• Update logback-classic, logback-core to 1.2.7 (#1604) @scala-steward

Breaking changes

• See the release notes for 0.19.0-M14
• oneOfMapping is renamed to oneOfVariant (mostly with deprecations)

What’s Changed

• Add .errorOutVariant, rename oneOfMapping to oneOfVariant (#1600) @adamw
• ({files,resources}Endpoint => {files,resources}GetEndpoint) (#1597) @rssh
• fixed names of recently changed methods in comments. (#1596) @rssh
• Omit boundary when decoding fixed content-type header (#1591) @micossow
• Fix OpenApi path encoding (#1588) @micossow
• Add WebSocket support for Play (#1585) @ghostdogpr
• Support ZIO in sttp websocket client (#1586) @ghostdogpr
• Upgrade http4s to 0.23.6 (#1579) @micossow
• Apply scalafmt (#1587) @micossow
• Adjust behavior on decode failure to native zio HttpApps (#1568) @soujiro32167
• Fixed typo (#1589) @jetjager
• Set content type header in Part when using PlayServerInterpreter (#1584) @ghostdogpr

Dependency updates

• Update zio-json to 0.2.0-M2 (#1599) @scala-steward
• Update scalafmt-core to 3.1.0 (#1592) @scala-steward
• Update swagger-ui to 4.1.0 (#1594) @scala-steward
• Update jsoniter-scala-core, ... to 2.11.1 (#1557) @scala-steward
• Update opentelemetry-api, ... to 1.7.1 (#1575) @scala-steward
• Update scalafmt-core to 3.0.8 (#1563) @scala-steward

Breaking changes

This release brings some security improvements, most notably extending Endpoint with an additional type parameter A for security inputs.

More information on the change:

• security and server logic documentation
• ADR on the security refactoring
• Auth / security enhancements GH issue

Migrating from previous versions:

• replace any occurrence of the Endpoint type with PublicEndpoint
• replace ServerEndpoint[I, E, O, R, F] with ServerEndpoint[R, F] (e.g. ServerEndpointp[Any, Future]), or with ServerEndpoint.Full[Unit, Unit, I, E, O, R, F] if you need to preserve the types of inputs/outputs
• replace any calls to server interpreter which provided the endpoint and server logic separately, with a call to one of the .serverLogic variants. For example, AkkaHttpServerInterpreter().toRoute(helloWorld)(name => Future.successful(Right(s"Hello, $name!"))) should be replaced with AkkaHttpServerInterpreter().toRoute(helloWorld.serverLogicSuccess(name => Future.successful(s"Hello, $name!"))).

This should make the code compile using the new version. The next step would be to move security-related inputs from .in to .securityIn when defining the endpoint, and taking advantage of the security improvements (e.g. separate security and server logic).

What’s Changed

• Security improvements: dedicated security input in Endpoint (#1560) @adamw
• Document how to use Part[Option[T]] in multipartBody (#1555) @micossow
• Support for AWS Lambda with Scala.js (#1562) @micossow
• Http4sClientInterpreter should consume http4s.Uri instead of raw string (#1569) @ghostbuster91
• Add new validators (#1567) @geirolz
• Minor clarification in openAPI docs (#1558) @ghost
• Test to verify invulnerability to CVE-2021-41084 (#1508) @micossow
• Fix links to the schemas derivation (#1556) @danicheg
• Gzip file handling (#1542) @ghost
• Enable more modules for scala 3 (#1553) @adamw

Dependency updates

• Update sbt-projectmatrix to 0.9.0 (#1580) @scala-steward
• Update swagger-ui to 4.0.1 (#1578) @scala-steward
• Update model:core to 1.4.18 (#1577) @scala-steward
• Update vertx-web to 4.2.1 (#1574) @scala-steward
• Update akka-http to 10.2.7 (#1572) @scala-steward
• Update vertx-web to 4.2.0 (#1559) @scala-steward
• Update jsoniter-scala-core, ... to 2.11.0 (#1552) @scala-steward

What’s Changed

• Update sjs-dom to 2.0.0 (#1548) @armanbilge
• Fixed tests suites for play and zio-http (#1541) @bartekzylinski
• Make oneOf more flexible by allowing arbitrary outputs in one-of mappings (#1540) @adamw
• Wrap responses in netty instead of copying them (#1537) @tomasherman
• Support ranges request handling (#1527) @bartekzylinski
• Categorize and cleanup tests (#1532) @adamw

Dependency updates

• Update vertx-web to 4.2.0.CR1 (#1543) @scala-steward
• Update scalafmt-core to 3.0.7 (#1545) @scala-steward
• Update jsoniter-scala-core, ... to 2.10.4 (#1547) @scala-steward
• Update mdoc, sbt-mdoc to 2.2.24 (#1544) @scala-steward
• Update scala3-library to 3.1.0 (#1539) @scala-steward
• Update akka-stream to 2.6.17 (#1536) @scala-steward
• Update swagger-ui to 3.52.5 (#1535) @scala-steward
• Update magnolia to 1.0.0-M7 (#1528) @scala-steward

What’s Changed

• Open range handling (#1521) @bartekzylinski
• Added static content test to Finatra (#1522) @bartekzylinski
• Update magnolia

Dependency updates

• Update opentelemetry-api, ... to 1.7.0 (#1525) @scala-steward
• Update sbt-scalajs, scalajs-compiler, ... to 1.7.1 (#1520) @scala-steward
• Update vertx-web to 4.1.5 (#1518) @scala-steward
• Update sbt-mima-plugin to 1.0.1 (#1517) @scala-steward

What’s Changed

• Static file handling (#1465) @bartekzylinski

Dependency updates

• Update client3:akka-http-backend, ... to 3.3.15 (#1511) @scala-steward
• Update model:core to 1.4.14 (#1516) @scala-steward
• Update scalafmt-core to 3.0.6 (#1512) @scala-steward
• Update upickle to 1.4.2 (#1514) @scala-steward
• Update model:core to 1.4.12 (#1509) @scala-steward
• Update swagger-ui to 3.52.3 (#1507) @scala-steward
• Update aws-lambda-java-runtime-interface-client to 2.0.0 (#1504) @scala-steward
• Update swagger-annotations to 1.6.3 (#1503) @scala-steward
• Update scalafmt-core to 3.0.5 (#1501) @scala-steward

What’s Changed

• Fix access to underlying request in PlayServerInterpreter (#1496) @maxcom
• Explicitly set the content length in http4s, as Ember doesn't do that automatically (#1499) @adamw
• Remove ZEndpoint, add capabilities to ZServerEndpoint (#1488) @adamw
• Endpoint IO which optionally sets a cookie (#1486) @adamw
• Implement the netty interpreter for cats-effect (#1485) @adamw

Dependency updates

• Update zio, zio-streams, zio-test, ... to 1.0.12 (#1495) @scala-steward
• Update http4s-blaze-client, ... to 0.23.4 (#1497) @scala-steward
• Update cats-effect to 3.2.9 (#1494) @scala-steward
• Update scalacheck-1-15 to 3.2.10.0 (#1493) @scala-steward
• Update scalatest to 3.2.10 (#1492) @scala-steward
• Update scalafmt-core to 3.0.4 (#1491) @scala-steward
• Update vertx-web to 4.1.4 (#1490) @scala-steward
• Update tethys-core, tethys-derivation, ... to 0.25.0 (#1487) @scala-steward
• Update netty-all to 4.1.68.Final (#1483) @scala-steward

What’s Changed

• Add netty server interpreter (#1440) @pierscin
• (core): fix output media type matching (#1476) @adrobisch
• More convenient derived enumeration schema & codec creation (#1479) @adamw

Dependency updates

• Update swagger-ui to 3.52.1 (#1481) @scala-steward
• Update opentelemetry-api, ... to 1.6.0 (#1482) @scala-steward
• Update scalafmt-core to 3.0.3 (#1480) @scala-steward
• Update logback-classic, logback-core to 1.2.6 (#1477) @scala-steward
• Update scalafmt-core to 3.0.2 (#1469) @scala-steward
• Update cats-effect to 3.2.8 (#1473) @scala-steward
• Update upickle to 1.4.1 (#1471) @scala-steward
• Update cats-effect to 3.2.7 (#1470) @scala-steward
• Update model:core to 1.4.11 (#1468) @scala-steward
• Update http4s-blaze-client, ... to 0.23.3 (#1466) @scala-steward

What’s Changed

• #1448 bump zio-json to 0.2.0-M1 (#1464) @guersam
• [Minor] Add case insensitive enumeratum codec (#1107) @Qthunder
• Use numbers for BigDecimal schemas when using zio-json (#1463) @guersam
• Fix the link to aws and ZIO Http in README.md (#1456) @alphaho

Dependency updates

• Update http4s-blaze-client, ... to 0.23.2 (#1462) @scala-steward
• Update client3:akka-http-backend, ... to 3.3.14 (#1461) @scala-steward
• Update jsoniter-scala-core, ... to 2.10.2 (#1460) @scala-steward
• Update scala3-library to 3.0.2 (#1458) @scala-steward
• Update sbt-assembly to 1.1.0 (#1457) @scala-steward
• Update vertx-web to 4.1.3 (#1455) @scala-steward
• Update jsoniter-scala-core, ... to 2.10.1 (#1454) @scala-steward
• Update simpleclient_common to 0.12.0 (#1453) @scala-steward
• Update cats-effect to 3.2.5 (#1452) @scala-steward
• Update cats-effect to 3.2.4 (#1451) @scala-steward
• Update mdoc, sbt-mdoc to 2.2.23 (#1449) @scala-steward
• Update scalajs-dom to 1.2.0 (#1447) @scala-steward
• Update sbt-mima-plugin to 1.0.0 (#1446) @scala-steward
• Update zio, zio-streams, zio-test, ... to 1.0.11 (#1443) @scala-steward
• Update opentelemetry-api, ... to 1.5.0 (#1426) @scala-steward

What’s Changed

• Generate a mime-type-by-extension database and use it when determining a file's mime type (#1438) @adamw
• Support AkkaStreams capacity in Play server interpreter (#1386) @gaeljw

Dependency updates

• Update akka-stream to 2.6.16 (#1439) @scala-steward
• Update circe-yaml to 0.14.1 (#1424) @scala-steward
• Update scalafmt-core to 3.0.0 (#1437) @scala-steward

Breaking changes

• swagger-ui and redoc server-interpreter-specific modules are removed, and replaced with a single implementation exposing tapir server endpoints, see docs
• specifying custom interceptors is unified across all server interpreters. Previous usages of [Interpreter]ServerOptions.customInterceptors(...) should be replaced with .customInterceptors.[builderMethods]().options

What’s Changed

• Files endpoint (#1436) @adamw
• Add zio-http redoc support (#1427) @tdrozdowski
• Simplify server options and interceptor customisation (#1422) @adamw
• Improve inference of whole numbers when generating docs (#1421) @adamw
• Enable errors accumulations by default with Circe (#1413) @geirolz

Dependency updates

• Update shared:akka, shared:core, shared:fs2, ... to 1.2.6 (#1431) @scala-steward
• Update model:core to 1.4.10 (#1430) @scala-steward
• Update jsoniter-scala-core, ... to 2.10.0 (#1429) @scala-steward
• Update cats-effect to 3.2.3 (#1428) @scala-steward
• Update cats-effect to 3.2.2 (#1418) @scala-steward
• Update http4s-blaze-client, ... to 0.23.1 (#1419) @scala-steward
• Update akka-http to 10.2.6 (#1417) @scala-steward
• Update sbt-scalajs, scalajs-compiler, ... to 1.7.0 (#1414) @scala-steward
• Update swagger-ui to 3.51.2 (#1412) @scala-steward

What’s Changed

• #1400: fix play server interpreter when routes are put in context for 0.18 (#1423) @sven42

What’s Changed

• Derive schemas for arbitrary maps (#1404) @adamw
• Improve refined mapping to primitive validator (#1406) @strokyl
• Support streaming & websockets in the zio-http4s interpreter (#1409) @adamw
• Use strings for big decimal schemas when using circe (#1405) @adamw
• Improve ergonomics of encode-to-raw function for validators, inferring when possible and providing methods to specify using in-scope codecs (#1399) @adamw
• Fix play server interpreter when routes are put in context (#1401) @adamw

Dependency updates

• Update client3:akka-http-backend, ... to 3.3.13 (#1410) @scala-steward
• Update cats-effect to 3.2.1 (#1408) @scala-steward
• Update http4s-blaze-client, ... to 0.23.0 (#1407) @scala-steward
• Update vertx-web to 4.1.2 (#1382) @scala-steward
• Update client3:akka-http-backend, ... to 3.3.12 (#1397) @scala-steward
• Update zio, zio-streams, zio-test, ... to 1.0.10 (#1396) @scala-steward
• Update akka-http to 10.2.5 (#1394) @scala-steward

What’s Changed

• Multiple methods unit test (#1388) @PawelJ-PL
• Fixed descriptions for circe Json fields (#1379) @bartekzylinski

Dependency updates

• Update logback-classic, logback-core to 1.2.5 (#1393) @scala-steward
• Update json4s-core, json4s-jackson to 4.0.3 (#1392) @scala-steward
• Update json4s-core, json4s-jackson to 4.0.2 (#1391) @scala-steward
• Update cats-effect to 3.2.0 (#1390) @scala-steward
• Update mdoc, sbt-mdoc to 2.2.22 (#1384) @scala-steward
• Update refined to 0.9.27 (#1381) @scala-steward

What’s Changed

• No changes