fix(openapi): harden body validation, determinism, and router wiring#155
Merged
intel352 merged 2 commits intofeat/issue-79-openapifrom Feb 24, 2026
Merged
fix(openapi): harden body validation, determinism, and router wiring#155intel352 merged 2 commits intofeat/issue-79-openapifrom
intel352 merged 2 commits intofeat/issue-79-openapifrom
Conversation
4 tasks
- Add configurable max body size limit (default 1 MiB) via http.MaxBytesReader to prevent DoS from arbitrarily large request bodies - Use validateJSONValue() for request body validation to handle non-object root schemas (primitives, arrays) that were previously silently skipped - Only register /openapi.yaml endpoint when source spec is YAML; JSON sources already served via /openapi.json - Sort supportedContentTypes() output for deterministic error messages - Remove /api/v1 from plugin schema DefaultConfig to match factory (empty) default - Add server→router mapping in wireOpenAPIRoutes for consistent router discovery when openapi module depends on http.server instead of http.router directly - Tests: add TestOpenAPIModule_JSONSourceNoYAMLEndpoint and TestOpenAPIModule_MaxBodySize Co-authored-by: intel352 <77607+intel352@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Add OpenAPI module for auto-generating HTTP routes
fix(openapi): harden body validation, determinism, and router wiring
Feb 24, 2026
intel352
added a commit
that referenced
this pull request
Feb 24, 2026
…#134) * feat: add OpenAPI/Swagger spec module for auto-generating HTTP routes (#79) - Add openapi module type that parses OpenAPI v3 YAML/JSON specs - Generate HTTP route handlers from spec paths with method mapping - Add request validation against spec schemas (query params, body) - Add optional Swagger UI and spec serving endpoints - Add OpenAPI plugin for plugin-based registration - Add comprehensive tests for spec parsing, routing, and validation - Add example config and petstore spec in example/specs/ Closes #79 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: register openapi module type in schema and fix spec_file path resolution - Add "openapi" to known module types and module schema registry - Fix spec_file path in example config (relative to config dir, not project root) - Add openapi plugin to test helpers allPlugins() Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(openapi): address review feedback — correctness, security, and performance improvements (#146) * Initial plan * fix: apply all review feedback to OpenAPI module Co-authored-by: intel352 <77607+intel352@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: intel352 <77607+intel352@users.noreply.github.com> * fix(openapi): address remaining unresolved review comments on OpenAPI module (#149) * Initial plan * fix(openapi): document deferred spec_file validation and add enum scalar tests Co-authored-by: intel352 <77607+intel352@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: intel352 <77607+intel352@users.noreply.github.com> * fix: add admin_test.go with corrected TestMergeInto_WithRealAdminConfig Add admin/admin_test.go from main with the syntax error fixed: TestMergeInto_WithRealAdminConfig was closed with `)` instead of `}` and used 2-space indented brace in the inner if block, causing: expected statement, found ')' This file doesn't exist on this branch (predates its addition to main) but is needed so the PR's merge commit compiles and tests pass. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(openapi): address remaining review comments — validation, content-type, schema, defaults (#150) * Initial plan * fix(openapi): address all remaining review comments — body bytes, JSON errors, content-type, schema, defaults, logging Co-authored-by: intel352 <77607+intel352@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: intel352 <77607+intel352@users.noreply.github.com> * fix(cmd): restore missing multiWorkflowAddr flag definition (#152) * Initial plan * fix(cmd): restore missing multiWorkflowAddr flag definition Co-authored-by: intel352 <77607+intel352@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: intel352 <77607+intel352@users.noreply.github.com> * fix(openapi): harden body validation, determinism, and router wiring (#155) * Initial plan * fix(openapi): address review feedback from thread 3844286430 - Add configurable max body size limit (default 1 MiB) via http.MaxBytesReader to prevent DoS from arbitrarily large request bodies - Use validateJSONValue() for request body validation to handle non-object root schemas (primitives, arrays) that were previously silently skipped - Only register /openapi.yaml endpoint when source spec is YAML; JSON sources already served via /openapi.json - Sort supportedContentTypes() output for deterministic error messages - Remove /api/v1 from plugin schema DefaultConfig to match factory (empty) default - Add server→router mapping in wireOpenAPIRoutes for consistent router discovery when openapi module depends on http.server instead of http.router directly - Tests: add TestOpenAPIModule_JSONSourceNoYAMLEndpoint and TestOpenAPIModule_MaxBodySize Co-authored-by: intel352 <77607+intel352@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: intel352 <77607+intel352@users.noreply.github.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: intel352 <77607+intel352@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Six issues from code review on the OpenAPI module: unbounded body reads (DoS), silent no-op for non-object body schemas, misleading
/openapi.yamlendpoint for JSON sources, nondeterministic content-type error messages, schema/factorybase_pathdefault mismatch, and incomplete server→router resolution in wiring.Changes
module/openapi.goMaxBodyBytes int64toOpenAPIConfig(default 1 MiB).validate()now wrapsr.Bodywithhttp.MaxBytesReaderand returns a descriptive 400 on overflow instead of consuming arbitrary memory.validateJSONBody()withvalidateJSONValue()at the call site so primitive/array root schemas are validated rather than silently ignored./openapi.yamlendpoint: Only registered when the source spec is YAML. JSON source specs already have/openapi.json; serving JSON bytes at/openapi.yamlwas misleading.supportedContentTypes()determinism: Addedsort.Strings()beforestrings.Join()for stable error messages.plugins/openapi/plugin.goDefaultConfigalignment: Removed"base_path": "/api/v1"from the schemaDefaultConfig; the factory leavesBasePathempty, so the two were inconsistent.wireOpenAPIRoutesnow builds aserverToRoutermap fromhttp.router → dependsOnentries (matching thewireStaticFileServerspattern), so an openapi module thatdependsOnanhttp.servercorrectly resolves the associated router.module/openapi_test.goTestOpenAPIModule_JSONSourceNoYAMLEndpoint: asserts/openapi.yamlabsent for JSON-source specsTestOpenAPIModule_MaxBodySize: asserts 400 + correct error when body exceeds configured limit✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.