Roadmap
Go deep, not wide. Logging, security, auth, and APM stay out of scope.
Strategy: go deep, not wide. Logging, security, auth, and APM stay out of scope — doctreen's moat is making the route registry the single source of truth. Everything below extends that registry into adjacent capabilities.
Shipped
- ✅ Runtime validation middleware v1.6 — Zod schemas validate incoming requests; 422 on mismatch.
- ✅ OpenAPI 3.1 export v1.7 — same schema bag drives Scalar, Redoc, and Swagger UI via
GET /docs/openapi.json. - ✅ Security + hidden routes v1.8 — declare auth schemes once, attach to operations automatically;
Authorizationheader auto-stripped; routes can opt out of docs entirely. - ✅
headHtmlconfig v1.9 — inject analytics scripts, custom CSS, favicons, or OG metadata into the docs UI<head>without forking. - ✅ Schema drift detection — production grade v1.10 — structured pipeline with per-route aggregates and hourly buckets, opt-in sampling (default 1 %),
onDriftcallback + webhook dispatch, pluggableDriftStoreinterface,Drifttab in the UI, andnpx doctreen drift report --fail-on-mismatchfor CI. - ✅ Drift reset endpoint, daily buckets, Redis store reference v1.10.1 — opt-in
POST <docsPath>/drift/resetgated bydrift.allowReset+ optionalresetToken, companionnpx doctreen drift resetCLI, rolling 7-daydailyBuckets, and a complete Redis-backedDriftStorereference. - ✅ OpenAPI polish v1.11 —
$ref-basedcomponents.schemasdedup, first-class per-route + top-leveltags, OpenAPI 3.1callbacksandwebhooks, multi-example bodies and responses,npx doctreen lint openapi. - ✅ Mock server v1.12 —
npx doctreen mock --from <url|file>spins up an Express-backed fake API in seconds. CRUD short-circuits,--latency,--error-rate,--persist, optional@faker-js/faker. - ✅ Typed codegen v1.13 —
npx doctreen codegen typesemits strict TS declarations fromcomponents.schemasplus per-operation Params/Query/Body/Response shapes;npx doctreen codegen clientemits a zero-dependency typed fetch client withcreateClient({ baseUrl, fetch?, headers?, onRequest? }).--watchfor dev. Works with any OpenAPI 3.x doc. - ✅ Schema builders v1.14 —
s.enum/s.nullable/s.default/s.literalvalue-level facets, emitted everywhere (OpenAPI, docs UI, request examples). - ✅ Validation completeness v1.15 — path-param schemas (
request.params) with a structured 422, coerce/default write-back onto the request, dev-mode response assertions (validate: { response: 'warn' | 'throw' }), status-keyed responses (response: { 201: … }), config-leveldefaultErrors, a namedDoctreenValidationError422 envelope,defineSchemathat works with Zod ($ref, no anonymousSchemaN), and offlinegetOpenApiDocument/doctreen emit-openapi.
Next up
- ⏳ AI-native endpoints v1.16 —
/docs/llm.txt,/docs/agents.json, andnpx doctreen mcp(Model Context Protocol server) so Claude and other agents discover your API as callable tools. - ⏳ Contract testing & spec diff v1.17 —
npx doctreen verify --against <url>checks a deployed API against the spec;npx doctreen diff old.json new.jsonsurfaces breaking changes with semver hints. GitHub Action included. - ⏳
doctreen initCLI v1.18 — detect the framework, inject adapter mount code, scaffold validation/OpenAPI config.
Long term
- 🔭 Python (FastAPI) and Go (chi / gin) adapters — Pydantic → SchemaNode for the Python side; once the Node story is fully baked.
- 🔭 DocTreen Cloud — hosted docs portal with versioning, custom domains, drift monitoring, and CI flow runs (private beta).
Have a feature request or use case we missed? Open an issue →