feat(accounting): new accounting methods and updating openint SDK for new openapi-typescript version

[pellicceama]

Important

This PR updates the OpenAPI spec and TypeScript types for the SDK, adding new endpoints and updating existing ones, and increments the package version to 0.1.3.

• OpenAPI Specification:
  • Added /clerk-testing-token endpoint with GET method for creating clerk testing tokens.
  • Modified /core/events endpoint to support PATCH method for updating current organization.
  • Updated response schemas for several endpoints, including /connect/token and /core/connection/{id}/_sync.
• TypeScript Types:
  • Regenerated openint.oas.types.d.ts using openapi-typescript reflecting new OpenAPI changes.
  • Added Event schema and updated Viewer schema to use OneOf type helper.
• Package Update:
  • Updated package.json version to 0.1.3 to reflect new changes.
  • Updated openapi-typescript dependency to ^7.4.4.

^{This description was created by for 8f5a34d. It will automatically update as commits are pushed.}

[ellipsis-dev]

👍 Looks good to me! Reviewed everything up to 8f5a34d in 3 minutes and 51 seconds

More details

• Looked at 7754 lines of code in 3 files
• Skipped 0 files when reviewing.
• Skipped posting 3 drafted comments based on config settings.

1. sdks/sdk-openint/openint.oas.json:56

• Draft comment:
  Consider passing the 'secret' parameter in the header instead of the query string for better security.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable:
  While it's generally good practice to pass sensitive data in headers rather than query params, this appears to be a testing endpoint (based on the path and name). For testing endpoints, having the secret in the query param can actually be helpful for debugging and testing. Additionally, both headers and query params are sent as part of the HTTP request and have similar security properties - neither provides meaningful additional protection over the other when using HTTPS.
  The comment raises a valid security best practice. Query parameters can be logged in server logs and appear in browser history, while headers typically aren't.
  For a testing endpoint, the tradeoff between convenience and absolute best practices seems reasonable. The endpoint is already marked as "Internal" in the tags, suggesting it's not meant for public use.
  While the comment suggests a valid best practice, the current design is acceptable given this is a testing endpoint marked as internal. The comment should be removed as it's not critical enough to warrant a change.

2. sdks/sdk-openint/openint.oas.json:2215

• Draft comment:
  Ensure validation is in place for sensitive fields like 'database_url' in 'publicMetadata' to meet security standards.
• Reason this comment was not posted:
  Comment did not seem useful.

3. sdks/sdk-openint/openint.oas.json:2043

• Draft comment:
  Specify the expected format or unit for the 'since' parameter to improve clarity.
• Reason this comment was not posted:
  Confidence changes required: 50%
  The 'listEvents' endpoint requires the 'since' parameter, which is an integer. It would be beneficial to specify the expected format or unit (e.g., timestamp in seconds) for clarity.

Workflow ID: wflow_1CjUOBh4Vx1WnB6q

---

You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.