* Example of broken multi-level hierarchy
* Support for multiple levels of hierarchy in model objects
* Support for multiple levels of hierarchy in generators
* Regenerated samples
* Temporarily skip scalaz sample verification, which is having issue with Java version in CI container
* Re-enable scalaz in verify samples
Co-authored-by: Rob Oxspring <roxspring@imapmail.org>
* fixed bug where nullApi.java would be generated. Instead, generated DefaultApi.java to match the default path /{pathParam}
* fix to bug #3157
* update samples
* add test cases to cover different collection format
* add space params to retrofit 1.x
* add space params to retrofit 2.x
* rename url to localVarUrl
* fix exception in haskell servant
`URI.encode` is obsolete. `CGI.escape`, `URI.encode_www_form` or
`URI.encode_www_form_component` are recommended instead.
https://ruby-doc.org/stdlib-2.6/libdoc/uri/rdoc/URI/Escape.html#method-i-escape
URI.encode has different behaviour to CGI.escape:
```ruby
URI.encode('hello/world?test%string')
=> "hello/world?test%25string"
CGI.escape('hello/world?test%string')
=> "hello%2Fworld%3Ftest%25string"
```
I recently raised pull request #3039
201cbdce29cc6cdbbbe9efcb1afb250a05bc2ffd
That pull request escapes path items at insertion.
Before either pull request, the path item 'hello?world' would go into
the URL as 'hello?world'. That behaviour was insecure as if an attacker
could control the path item value, they could change the URL the
application connected to.
After #3039 'hello?world' would go in as 'hello%253Fworld'. This was
safer than before, but it's still not correct.
If I'd realised at the time, I would have made it correct at the time.
What this pull request does is make it go in as 'hello%35world', which
is correct.
ApiClient::build_request_url was URI.encoding the whole path.
This wasn't protecting against all undesirable characters in the path
items, but was escaping % characters a 2nd time which was unhelpful.
I have additionally removed URI.encode from Configuration::base_url as I
can't see any benefit it could be bringing.
There is no justification for it in the commit where it was originally
added: 47c8597d36a9bc0983ba5c40e2489bb094f9f076
* Ruby client: escape path parameters
Path parameters should be escaped when encoded into the path.
In the path '/pet/{petId}' let's pretend petId is a string instead of a
number.
If the user uses "Bobby" as the petId then they correctly get the path
'/pet/Bobby'.
But if they put 'Bobby/Tables' as the petId then they used to get the
path '/pet/Bobby/Tables' which will be interpreted by the server as a
different route.
Using CGI::Escape they now get '/pet/Bobby%2FTables' which is correct.
* Ruby client- regenerate further files
Thank you @autopp for noticing I needed to update
`samples/openapi3/client/petstore/ruby`.
Regenerated by running `bin/openapi3/ruby-client-petstore.sh`.
PR #3039
