-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
using additionalProperties: false does not considers merged schemas #46
Comments
It would also be useful if the error would say which property is being detected as additional, but I guess that would be more of a feature request |
happy new year! :-) |
Happy new year! Thanks for raising this. I don't have much time this week but here are my initial thoughts: Presumably the bug is in the code that validates schemas merging The validation code is in this dependency (openapi-response-validator). We can check if the offending code is in this dependency by recreating this bug in one of their tests. If we can't recreate it there, then presumably the bug is in our code somewhere And re your feature request, that would probably be best raised in the dependency repo, because its their code :) |
Ok make sense that the issue is in that dependency. I don't know when I will have the time to submit a test case but I'll try not to keep it linger for too long. Thanks for the feedback :-) |
Hey @rolfisub I recreated the bug in openapi-response-validator, and raised a bug there with some thoughts in kogosoftwarellc/open-api#609. It looks like the bug is 2 dependency levels down (in AJV), so might take more time than I have available right now. |
fyi I also recreated this bug in our repo, then made a template to simplify reporting bugs in future :) #47 |
Directly from swagger.io
This implies that behavior is actually correctly. The two schemas are evaluated individually for the whole object, thus the |
I think you're right @mvegter ! As you say,
does not satisfy the schema
because of the additional
Indeed, swagger and JSON schema evaluate schemas individually:
So Seems this is a common misconception: https://stackoverflow.com/a/23001194/9864252 @rolfisub if you concur I'll let you close this issue :) |
Well we can close this issue for sure, I just think that the most common use case is validating combined schemas not that all of the schemas validate individually to the merged object. It seems to me that the merged object validation is missing then. How can we validate a merged schema that has no additional properties then? |
@rolfisub , I fully agree with you but it is unfortunately conform the specification. The "solution" we are using is to parse and resolve all the |
@rolfisub, yes as @mvegter says the OpenAPI spec does not seem to allow merging: OAI/OpenAPI-Specification#674. That page suggests there may be alternative ways to achieve what you want, though I'm not familiar with them I'll close this then, but feel free to re-open if necessary. Thanks all for contributing your discussion! |
OpenAPI version
3
Describe the bug
When you use
additionalProperties: false
on a merged schema, it considers only the object where this statement is placed, not the resulting merged schema.To Reproduce
given the following example spec
when you call the endpoint
/test
and you receive the following data:validating the response:
Throws the following error:
I'm using the
root
path because this is all pseudo code, I dont know what path it uses when we are talking about objects at the root levelExpected behavior
It should consider the resolved merged schema when validating for additional properties
Screenshots
Additional context
The text was updated successfully, but these errors were encountered: