Skip to content

feat(go): handle usernameOmit/passwordOmit in dynamic snippets generator #14410

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Swimburger wants to merge 26 commits into
base: main
Choose a base branch
from
Open

feat(go): handle usernameOmit/passwordOmit in dynamic snippets generator #14410

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
2fe058d
feat(go-sdk): add basic-auth-optional seed test fixture
Swimburger Mar 31, 2026
13cbed4
refactor: rename basic-auth-optional fixture to basic-auth-pw-omitted
Swimburger Apr 3, 2026
f9bf5c9
Merge remote-tracking branch 'origin/main' into devin/1774997750-basi…
Swimburger Apr 3, 2026
1ec751e
fix(go-sdk): bump seed fixture IR version to v63 and regenerate seed …
Swimburger Apr 3, 2026
b000b60
fix(go-sdk): handle usernameOmit/passwordOmit in dynamic snippets gen…
Swimburger Apr 3, 2026
5dc3a3f
Merge remote-tracking branch 'origin/main' into devin/1774997750-basi…
Swimburger Apr 3, 2026
908798f
refactor(go-sdk): simplify omit checks from === true to !!
Swimburger Apr 3, 2026
f1c45dd
fix: pass usernameOmit/passwordOmit through DynamicSnippetsConverter …
Swimburger Apr 3, 2026
b21f402
ci: retrigger CI (flaky go-sdk job cancellation)
Swimburger Apr 4, 2026
486e150
ci: retrigger CI (flaky csharp-sdk and go-sdk job failures)
Swimburger Apr 4, 2026
cc1c8be
ci: retrigger CI (3rd attempt - flaky go-sdk/java-sdk job failures)
Swimburger Apr 4, 2026
cd34294
ci: retrigger CI (4th attempt - flaky go-sdk seed-test-results)
Swimburger Apr 7, 2026
f91ea26
fix(go-sdk): always pass two args to WithBasicAuth in dynamic snippets
Swimburger Apr 7, 2026
54efba0
Merge remote-tracking branch 'origin/main' into devin/1774997750-basi…
Swimburger Apr 7, 2026
e3abf1d
Merge remote-tracking branch 'origin/main' into devin/1774997750-basi…
devin-ai-integration[bot] Apr 8, 2026
2707971
merge: resolve merge with main
Swimburger Apr 9, 2026
a562c72
Merge remote-tracking branch 'origin/main' into devin/1774997750-basi…
Swimburger Apr 10, 2026
431cff2
Merge remote-tracking branch 'origin/main' into devin/1774997750-basi…
Swimburger Apr 10, 2026
0cb4dfe
Merge remote-tracking branch 'origin/main' into devin/1774997750-basi…
devin-ai-integration[bot] Apr 11, 2026
6166895
feat(go-sdk): add versions.yml entry for basic auth omit support
Swimburger Apr 11, 2026
fe641c4
merge: resolve versions.yml conflict with main (bump to 1.34.5)
Swimburger Apr 15, 2026
3f6e4af
merge: resolve versions.yml conflict with main (bump to 1.34.6)
Swimburger Apr 15, 2026
83e8b29
merge: resolve versions.yml conflict with main (bump to 1.34.7)
Swimburger Apr 16, 2026
e959952
merge: resolve versions.yml conflict with main (bump to 1.34.8)
Swimburger Apr 16, 2026
b2f7b36
merge: resolve versions.yml conflict with main (bump to 1.34.9)
Swimburger Apr 16, 2026
9ddc97d
Merge remote-tracking branch 'origin/main' into devin/1774997750-basi…
Swimburger Apr 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 27 additions & 17 deletions generators/go-v2/dynamic-snippets/src/EndpointSnippetGenerator.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -356,7 +356,7 @@ export class EndpointSnippetGenerator {
}
switch (auth.type) {
case "basic":
return values.type === "basic" ? [this.getConstructorBasicAuthArg({ auth, values })] : [];
return values.type === "basic" ? this.getConstructorBasicAuthArgs({ auth, values }) : [];
case "bearer":
return values.type === "bearer" ? [this.getConstructorBearerAuthArg({ auth, values })] : [];
case "header":
Expand All @@ -378,27 +378,37 @@ export class EndpointSnippetGenerator {
this.context.errors.add({ severity: Severity.Warning, message });
}

private getConstructorBasicAuthArg({
private getConstructorBasicAuthArgs({
auth,
values
}: {
auth: FernIr.dynamic.BasicAuth;
values: FernIr.dynamic.BasicAuthValues;
}): go.AstNode {
return go.codeblock((writer) => {
writer.writeNode(
go.invokeFunc({
func: go.typeReference({
name: "WithBasicAuth",
importPath: this.context.getOptionImportPath()
}),
arguments_: [
go.TypeInstantiation.string(values.username),
go.TypeInstantiation.string(values.password)
]
})
);
});
}): go.AstNode[] {
// usernameOmit/passwordOmit may exist in newer IR versions
const authRecord = auth as unknown as Record<string, unknown>;
Copy link
Copy Markdown
Contributor

@devin-ai-integration devin-ai-integration bot Apr 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔴 Prohibited as unknown as X type assertion pattern violates repository rules

Line 389 uses auth as unknown as Record<string, unknown>, which is explicitly prohibited by CLAUDE.md: "Never use as any or as unknown as X. These are escape hatches that bypass the type system entirely. If the types don't line up, fix the types." This unsafe cast is used because usernameOmit/passwordOmit aren't part of the FernIr.dynamic.BasicAuth type. The proper fix is to extend the dynamic IR type to include these fields, which would also resolve the serialization issue in BUG-0001.

Open in Devin Review

Was this helpful? React with 👍 or 👎 to provide feedback.

Comment thread
devin-ai-integration[bot] marked this conversation as resolved.
const usernameOmitted = !!authRecord.usernameOmit;
const passwordOmitted = !!authRecord.passwordOmit;
if (usernameOmitted && passwordOmitted) {
return [];
}
const arguments_: go.AstNode[] = [
go.TypeInstantiation.string(usernameOmitted ? "" : values.username),
go.TypeInstantiation.string(passwordOmitted ? "" : values.password)
];
Comment on lines +392 to +398
Copy link
Copy Markdown
Contributor

@devin-ai-integration devin-ai-integration bot Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 Empty string passed for omitted auth field produces incorrect snippet

When only one of usernameOmit/passwordOmit is true (but not both), the code passes an empty string "" for the omitted field to WithBasicAuth. For example, when passwordOmitted is true, the generated snippet is option.WithBasicAuth("<username>", ""), which incorrectly sets the password to an empty string rather than omitting it. Compare with the PHP (generators/php/dynamic-snippets/src/EndpointSnippetGenerator.ts), Ruby (generators/ruby-v2/dynamic-snippets/src/EndpointSnippetGenerator.ts), and C# (generators/csharp/dynamic-snippets/src/EndpointSnippetGenerator.ts) generators, which completely skip the omitted field's argument. Since Go's WithBasicAuth takes positional args and can't skip one, the function should likely not be called at all when either field is omitted (i.e., if (usernameOmitted || passwordOmitted) { return []; }).

Suggested change
if (usernameOmitted && passwordOmitted) {
return [];
}
const arguments_: go.AstNode[] = [
go.TypeInstantiation.string(usernameOmitted ? "" : values.username),
go.TypeInstantiation.string(passwordOmitted ? "" : values.password)
];
if (usernameOmitted || passwordOmitted) {
return [];
}
const arguments_: go.AstNode[] = [
go.TypeInstantiation.string(values.username),
go.TypeInstantiation.string(values.password)
];
Open in Devin Review

Was this helpful? React with 👍 or 👎 to provide feedback.

Copy link
Copy Markdown
Contributor

@devin-ai-integration devin-ai-integration bot Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Go SDK's WithBasicAuth always takes 2 positional arguments (username, password string), so we must always pass both. When a field is omitted, we pass "" for that position — this is correct because the SDK internally encodes it as the empty half of the credential string (e.g., "username:" when password is omitted).

Returning [] when either field is omitted (as suggested) would skip the WithBasicAuth call entirely, meaning no auth header is sent — that's incorrect for the username-only or password-only case.

The other generators (PHP, Ruby, C#) can skip individual named arguments because they use keyword/named params, but Go uses positional args.

Comment thread
devin-ai-integration[bot] marked this conversation as resolved.
return [
go.codeblock((writer) => {
writer.writeNode(
go.invokeFunc({
func: go.typeReference({
name: "WithBasicAuth",
importPath: this.context.getOptionImportPath()
}),
arguments_
})
);
})
];
Comment thread
devin-ai-integration[bot] marked this conversation as resolved.
}

private getConstructorBaseUrlArg({
Expand Down
12 changes: 12 additions & 0 deletions generators/go/sdk/versions.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,16 @@
# yaml-language-server: $schema=../../../fern-versions-yml.schema.json
- version: 1.34.9
changelogEntry:
- summary: |
Support omitting username or password from basic auth in dynamic
snippets when configured via `usernameOmit`/`passwordOmit` in the IR.
When one field is omitted, an empty string is passed for that positional
argument. When both are omitted, the `WithBasicAuth` call is skipped
entirely.
type: feat
createdAt: "2026-04-16"
irVersion: 66

- version: 1.34.8
changelogEntry:
- summary: |
Expand Down
Loading