Description
Version
main branch
Describe what's wrong
The OpenAPI spec (/docs/open-api/*.yaml) is not accurate. This inaccuracy may lead to incomplete/insufficient parameter validation or even security issues.
For example, for the registerModel operation, the ModelRegisterRequest has name listed under required. This is fine. We mentioned that the "name cannot be empty" in description, which is also good. However, the word "empty" is ambiguous. We'd better add an explicit constraint like minLength: 1.
In the same spirit, we may add a pattern for the name field. For example, I don't think " \/ " is a good/valid name for a model. We may want to restrict the maximum length of a name.
There are also other more generic issues such as the use of PUT and PATCH verbs.
A PUT is supposed to be a fully replace request, i.e. replace an existing resource with a new one. A PATCH, on the other hand, is supposed to be a partial update request. However, in our current API specs, we are using PUT for PATCH.
Error message and/or stacktrace
N/A
How to reproduce
N/A
Additional context
No response
Activity