chore: 🐝 Update SDK - Generate 0.4.0

[github-actions]

SDK update

Versioning

Version Bump Type: [minor] - 🤖 (automated)

OpenAPI Change Summary

├─┬Info
│ └──[🔀] description (5:16)
└─┬Paths
  ├─┬/powerpath/importExternalTestAssignmentResults
  │ └─┬GET
  │   └──[🔀] description (921:20)
  ├─┬/powerpath/createNewAttempt
  │ └─┬POST
  │   └──[🔀] description (2543:20)
  └─┬/powerpath/makeExternalTestAssignment
    └─┬POST
      └──[🔀] description (1089:20)

Document Element	Total Changes	Breaking Changes
info	1	0
paths	3	0

View full report

Linting Report

0 errors, 1 warnings, 19 hints

View full report

TYPESCRIPT CHANGELOG

constsAndDefaults: 0.1.14 - 2026-02-21

🐛 Bug Fixes

• coerce type-mismatched default values instead of clearing them to prevent invalid generated code (commit by @danielkov)

constsAndDefaults: 0.1.13 - 2026-01-15

🐛 Bug Fixes

• omit enum default when value is not in enum to prevent type errors in generated code (commit by @mfbx9da4)

core: 3.26.42 - 2026-03-11

🐛 Bug Fixes

• resolve collision-resistant import aliases for model namespaces (commit by @bradcypert)

core: 3.26.41 - 2026-03-04

🐛 Bug Fixes

• include global security in SDK Example Usage snippets and per-operation docs (commit by @mfbx9da4)

core: 3.26.40 - 2026-03-03

🐛 Bug Fixes

• use --ignore-scripts for examples install to prevent EACCES errors with esbuild (commit by @tristanspeakeasy)

core: 3.26.39 - 2026-03-02

🐝 New Features

• add useOxlint and useTsgo config flags for opt-in/out of oxlint and tsgo (commit by @danielkov)

core: 3.26.38 - 2026-02-27

🐛 Bug Fixes

• make serverURL optional when operations define their own servers (commit by @danielkov)

core: 3.26.37 - 2026-02-27

🐛 Bug Fixes

• derive installation URL from repo URL for monorepo subdirectory support (commit by @bradcypert)

core: 3.26.35 - 2026-02-26

🐛 Bug Fixes

• set NODE_OPTIONS --max-old-space-size=6144 for test commands to prevent OOM on large specs (commit by @AshGodfrey)

core: 3.26.34 - 2026-02-23

🐛 Bug Fixes

• tighten .npmignore JSON include pattern to prevent .devcontainer and _speakeasy directories from leaking into published npm packages (commit by @vishalg0wda)

core: 3.26.33 - 2026-02-21

🐛 Bug Fixes

• resolve multiple TypeScript build failures including duplicate barrel exports, sub-SDK field name collisions, function local variable shadowing, error type deduplication, multipart map body encoding, and sanitization improvements (commit by @danielkov)

core: 3.26.31 - 2026-02-19

🐝 New Features

• move large-model splitting from templates to Go bucketing layer to prevent compiler complexity limits (commit by @vishalg0wda)

core: 3.26.29 - 2026-02-18

🐛 Bug Fixes

• truncate filenames that exceed OS limit to prevent build failures (commit by @danielkov)

core: 3.26.28 - 2026-02-17

🐝 New Features

• allow repoUrl and repoSubDirectory to be configured via gen.yaml generation section (commit by @vishalg0wda)

core: 3.26.30 - 2026-02-16

🐛 Bug Fixes

• update jsonpath to 1.2.1 to address GHSA-87r5-mp6g-5w5j (commit by @devin-ai-integration[bot])

core: 3.26.25 - 2026-01-30

🐛 Bug Fixes

• update eslint to 9.26.0 to address GHSA-p5wg-g6qr-c7cg (commit by @ThomasRooney)

core: 3.26.27 - 2026-01-29

🐛 Bug Fixes

• avoid overwriting SubSDK comments with empty comments when same SubSDK is referenced by multiple tags (commit by @mfbx9da4)

core: 3.26.24 - 2026-01-29

🐝 New Features

• add named alias import to prevent internal name collision (commit by @subomi)

core: 3.26.26 - 2026-01-28

🐛 Bug Fixes

• discriminated union errors used in both successful and error response (commit by @mfbx9da4)

core: 3.26.23 - 2026-01-15

🐝 New Features

• add fileNaming config option for kebab-case file naming convention (commit by @AshGodfrey)

core: 3.26.22 - 2026-01-15

🐛 Bug Fixes

• use constants.fetchOptions for snake_case compatibility in react-query and mcp-server templates (commit by @AshGodfrey)

core: 3.26.19 - 2026-01-07

🐛 Bug Fixes

• Prevent ReDoS vulnerability report for media type matching expression (commit by @bflad)

core: 3.26.18 - 2026-01-06

🐝 New Features

• add preserveModelFieldNames config to preserve original model property casing (commit by @)

core: 3.26.17 - 2025-12-18

🐛 Bug Fixes

• fixed escaping of template braces in defaults, consts, and comments (commit by @tristanspeakeasy)

core: 3.26.16 - 2025-12-16

🐝 New Features

• improve react-query server prefetching and infinite query key (commit by @mfbx9da4)
• upgrade vitest from 3.0.2 to 3.0.5

core: 3.26.15 - 2025-12-09

🐛 Bug Fixes

• harden naming collision resolution (commit by @danielkov)

core: 3.26.14 - 2025-12-02

🐛 Bug Fixes

• no longer skip build if no source changes (commit by @danielkov)
• fields which have a default but are only used in a response will be rendered as required (commit by @mfbx9da4)

core: 3.26.13 - 2025-11-28

🐛 Bug Fixes

• move .tsBuildInfo to outDir location to avoid false positive cache hit when transpiling TypeScript (commit by @mfbx9da4)

core: 3.26.11 - 2025-11-25

🐝 New Features

• allow inclusion of empty array query parameter (commit by @idbentley)

core: 3.26.10 - 2025-11-24

🐝 New Features

• union discriminators are inferred for oneOfs missing the explicit OpenAPI discriminator mapping. Configure via inferUnionDiscriminators: true in gen.yaml (commit by @mfbx9da4)

core: 3.26.9 - 2025-11-20

🐝 New Features

• forwardCompatibleEnumsByDefault is now configurable via gen.yaml. When true, any enum which is used on a response will be automatically open/forward compatible - i.e. unknown values will be tolerated. Single value enums won't be automatically opened. Individual enums can be controlled with x-speakeasy-unknown-values: allow/disallow. (commit by @mfbx9da4)

core: 3.26.8 - 2025-11-18

🐝 New Features

• Support for lax mode deserialization. Configurable via gen.yaml laxMode: lax | strict. Missing required fields will not throw zod response validation errors but instead fallback to a zero value. eg for a string the zero value is "". Lax mode also introduces non-lossy coercion where possible eg a boolean field will tolerate the string "true". (commit by @mfbx9da4)

core: 3.26.6 - 2025-11-12

🐛 Bug Fixes

• regression to date/datetime deserialization (commit by @mfbx9da4)
• handle application/* encoding in multipart forms (commit by @danielkov)

core: 3.26.7 - 2025-11-10

🐝 New Features

• smart union deserialization (configurable via gen.yaml unionStrategy: populated-fields) (commit by @mfbx9da4)

core: 3.26.5 - 2025-11-10

🐝 New Features

• smart union deserialization (configurable via gen.yaml unionStrategy: populated-fields) (commit by @mfbx9da4)

core: 3.26.4 - 2025-11-07

🐝 New Features

• support for zodVersion v4-mini (configurable via gen.yaml zodVersion) (commit by @mfbx9da4)

core: 3.26.12 - 2025-11-06

🐛 Bug Fixes

• multi-part arrays now serialized according to RFC7578 (commit by @danielkov)

core: 3.26.3 - 2025-11-05

🐝 New Features

• delete dead code - unused inbound/outbound schemas (configurable via alwaysIncludeInboundAndOutbound) (commit by @mfbx9da4)

core: 3.26.2 - 2025-11-05

🐝 New Features

• support body field name configuration via requestBodyFieldName in gen.yaml (commit by @subomi)

core: 3.26.1 - 2025-11-04

🐛 Bug Fixes

• delete deprecated zod code (configurable via gen.yaml exportZodModelNamespace) (commit by @mfbx9da4)

core: 3.26.0 - 2025-11-03

🐝 New Features

• allow additional package.json scripts to be defined (commit by @walker-tx)

core: 3.24.2 - 2025-10-30

🐛 Bug Fixes

• make security scheme resolution case-insensitive (commit by @vishalg0wda)

core: 3.24.1 - 2025-10-23

🐛 Bug Fixes

• prevent validation errors when response headers are not expected in all respone patterns (commit by @2ynn)

core: 3.24.0 - 2025-10-23

🐝 New Features

• add full support for zodVersion v4 (commit by @mfbx9da4)

core: 3.23.0 - 2025-10-21

🐝 New Features

• add Zod v3 and v4 compatibility via zod/v3 import path (commit by @mfbx9da4)

core: 3.22.0 - 2025-10-13

🐝 New Features

• add config option for deep merging allOf nodes in OpenAPI specs (commit by @BlakeTheAwesome)

core: 3.21.27 - 2025-10-09

🐛 Bug Fixes

• Fix reading environment variables in deno (commit by @subomi)

core: 3.21.26 - 2025-10-01

🐛 Bug Fixes

• add acceptHeaderEnum config to control Accept header enum generation (commit by @)

core: 3.21.25 - 2025-09-23

🐛 Bug Fixes

• fix debug mode in env template (commit by @ryan-timothy-albert)

core: 3.21.24 - 2025-09-23

🐛 Bug Fixes

• allow input/output models without suffixes (commit by @disintegrator)

core: 3.21.23 - 2025-09-18

🔧 Chores

• added snake case support for models in typescript (commit by @GorshkovIvan)

core: 3.21.22 - 2025-09-02

🐛 Bug Fixes

• enabled empty strings to be used as end cursor values in pagination (commit by @GorshkovIvan)

core: 3.21.21 - 2025-09-01

🔧 Chores

• added support for lowercase Bearer tokens in Authorization headers (commit by @GorshkovIvan)

core: 3.21.20 - 2025-08-06

🐛 Bug Fixes

• Prevent dependency version mismatch between typescript 5.8 and typescript-eslint versions earlier than 8.26.0 (commit by @bflad)

core: 3.21.19 - 2025-08-01

🐛 Bug Fixes

• referencing models before declaration (commit by @mfbx9da4)

core: 3.21.18 - 2025-07-31

🐛 Bug Fixes

• potential issue using enum before declaration in model file (commit by @mfbx9da4)

core: 3.21.17 - 2025-07-30

🐛 Bug Fixes

• zodv4 compatibility issues (commit by @mfbx9da4)

core: 3.21.16 - 2025-07-24

🔧 Chores

• make usage snippets parsable (commit by @ThomasRooney)

core: 3.21.15 - 2025-07-15

🐛 Bug Fixes

• sanitize reserved keywords in function names to prevent compilation errors (commit by @AshGodfrey)

core: 3.21.14 - 2025-07-09

🐛 Bug Fixes

• [force-gen] limit zod version to ^3 (commit by @walker-tx)

core: 3.21.13 - 2025-07-03

🐛 Bug Fixes

• pin @types/bun version to last compatible release (commit by @vishalg0wda)

core: 3.21.12 - 2025-07-03

🐛 Bug Fixes

• fixed generation of example call signatures when skipping optional parameters (commit by @tristanspeakeasy)

devContainers: 2.90.1 - 2025-09-18

🔧 Chores

• Prevent ts targets to run pre and post scripts when running npm install, prevents replication of Shai-Hulud attack (commit by @Kanwardeep)

globalSecurity: 2.82.15 - 2026-02-03

🐝 New Features

• support x-speakeasy-name-override on security scheme options (commit by @tristanspeakeasy)

globalSecurity: 2.82.14 - 2025-09-10

🔧 Chores

• support opting out of operation security hoisting (commit by @vishalg0wda)

globalServerURLs: 2.83.1 - 2026-02-27

🐛 Bug Fixes

• don't show global server URL in examples when operation has its own servers (commit by @tristanspeakeasy)

globalServerURLs: 2.83.0 - 2025-10-22

🐝 New Features

• Allow server selection to appear in all code samples (commit by @BlakeTheAwesome)

groups: 2.81.3 - 2025-10-06

🐛 Bug Fixes

• Fix empty readme files being generated when all operations are in child groups (commit by @BlakeTheAwesome)

mcpServer: 0.9.4 - 2025-12-18

🐛 Bug Fixes

• update @modelcontextprotocol/sdk to ^1.24.0 to fix CVSS 7.6 vulnerability (commit by @mfbx9da4)

mcpServer: 0.9.3 - 2025-07-01

🐛 Bug Fixes

• Prevent stricli 1.2.0 error when not using MCP scopes (commit by @bflad)

nameOverrides: 2.81.4 - 2026-02-19

🐝 New Features

• add support for renaming object properties that reference a shared component (commit by @2ynn)

nameOverrides: 2.81.3 - 2026-02-19

🐛 Bug Fixes

• set fixes.nameOverrideFeb2026 to true in gen.yaml to prevent x-speakesy-name-override from propagating through resolution or allOf merging (commit by @2ynn)

oauth2ClientCredentials: 1.1.5 - 2026-02-27

🐛 Bug Fixes

• use raw operationId for credential function names to avoid collisions when multiple operations share the same name override (commit by @danielkov)

oauth2ClientCredentials: 1.1.4 - 2026-02-27

🐛 Bug Fixes

• use raw operationId for per-operation OAuth2 security hook dispatch instead of name override (commit by @tristanspeakeasy)

oauth2ClientCredentials: 1.1.3 - 2026-02-23

🐛 Bug Fixes

• add mock OAuth2 token endpoint so tests with client-credentials flows hit the mock server (commit by @tristanspeakeasy)

oauth2ClientCredentials: 1.1.2 - 2026-02-16

🐛 Bug Fixes

• deduplicate operation IDs in client credentials security access to prevent duplicate methods when merging specs with modelNamespace (commit by @mfbx9da4)

oauth2ClientCredentials: 1.1.1 - 2025-12-05

🐛 Bug Fixes

• correctly infer auth type when multiple security schemes are defined (commit by @vishalg0wda)

oauth2ClientCredentials: 1.1.0 - 2025-10-06

🐝 New Features

• add extension allowing end users to override scopes at runtime (commit by @2ynn)

oauth2ClientCredentials: 1.0.0 - 2025-09-26

🐛 Bug Fixes

• respect per-operation scopes (commit by @2ynn)

oauth2ClientCredentials: 0.5.0 - 2025-08-09

🐝 New Features

• add x-speakeasy-additional-token-endpoint-additional-properties (commit by @subomi)

oauth2ClientCredentials: 0.4.0 - 2025-03-24

🐝 New Features

• add support for client credentials scheme as part of multiple security options (commit by @2ynn)

oauth2ClientCredentials: 0.3.2 - 2025-03-14

🐛 Bug Fixes

• unflattened, operation-level oauth2 client credentials flow (commit by @2ynn)

oauth2ClientCredentials: 0.3.1 - 2025-03-12

🐛 Bug Fixes

• accept the extension in the flows object (commit by @ThomasRooney)

oauth2ClientCredentials: 0.3.0 - 2025-02-20

🐝 New Features

• support client_secret_basic token authentication type (commit by @ThomasRooney)

oauth2ClientCredentials: 0.2.1 - 2025-02-18

🐛 Bug Fixes

• pass SDK base URL to client credentials hook (commit by @disintegrator)

oauth2ClientCredentials: 0.2.0 - 2024-08-12

🐝 New Features

• allow tokenURL to be set explicitly while still supporting a default (commit by @tristanspeakeasy)

oauth2ClientCredentials: 0.1.4 - 2024-05-15

🐛 Bug Fixes

• clientCredentials hooks incorrect import (commit by @chase-crumbaugh)

responseFormat: 0.3.0 - 2026-01-22

🔧 Chores

• remove redundant headers field in envelope-http response (commit by @2ynn)

sdkHooks: 0.4.0 - 2025-10-15

🐝 New Features

• expose available OAuth 2.0 scopes for use in custom hooks (commit by @2ynn)

unions: 2.86.4 - 2026-01-30

🐛 Bug Fixes

• prefer exact matches over inexact ones in smart union parsing for lax mode (commit by @AshGodfrey)

unions: 2.86.3 - 2025-12-01

🐝 New Features

• pre-apply union discriminators onto union members when the type is only used under a discriminated union. Configurable via gen.yaml preApplyUnionDiscriminators (commit by @mfbx9da4)

unions: 2.86.2 - 2025-11-27

🐝 New Features

• New gen.yaml flag forwardCompatibleUnionsByDefault controls forward compatibility for discriminated unions in responses. 'tagged-only' makes only discriminated unions open to unknown values. 'false' disables forward compatibility. Unknown discriminator values are returned as an object with the discriminator field set to a special 'UNKNOWN' string and a raw field containing the original input. Individual unions can be controlled with x-speakeasy-unknown-values: allow/disallow. (commit by @mfbx9da4)

unions: 2.86.1 - 2025-11-27

🐛 Bug Fixes

• improve picking with nested unions (commit by @mfbx9da4)

unions: 2.86.0 - 2025-10-01

🐝 New Features

• support nested discriminated unions (commit by @vishalg0wda)

unions: 2.85.12 - 2025-09-25

🐛 Bug Fixes

• Fix discriminator mapping array being re-sorted as a side effect of our zod serialisation code (commit by @BlakeTheAwesome)

Based on Speakeasy CLI 1.755.0

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}