feat(api)!: standardize all list endpoints with pagination wrappers#128
Merged
feat(api)!: standardize all list endpoints with pagination wrappers#128
Conversation
BREAKING CHANGE: All list endpoints now return wrapped responses with
pagination metadata instead of raw arrays.
New response format:
{
"<items>": [...],
"total": <total count before pagination>,
"limit": <requested limit>,
"offset": <requested offset>
}
Changes include:
- Add 13 new response schemas to OpenAPI spec (ListThreatModelsResponse,
ListThreatsResponse, ListDiagramsResponse, ListDocumentsResponse,
ListNotesResponse, ListAssetsResponse, ListRepositoriesResponse,
ListWebhookSubscriptionsResponse, ListWebhookDeliveriesResponse,
ListUserQuotasResponse, ListWebhookQuotasResponse, ListAddonQuotasResponse,
ListClientCredentialsResponse)
- Fix ListAdministratorsResponse to include limit/offset fields
- Add Count() methods to all stores for proper total calculation
- Update all list endpoint handlers to use wrapped response format
- Add pagination support to /me/client_credentials endpoint
- Fix missing filter implementations (status, status_updated_after,
status_updated_before in threat models; addon_id in invocations)
- Update all unit and integration tests for new response format
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add 429 rate limit responses to config and admin settings endpoints, 400 validation responses where missing, and define Configuration tag. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add examples to all List*Response pagination properties and array fields, endpoint media types, and migrate response. Fix missing type in JsonPatchDocument array items schema. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Update test assertions to handle new list endpoint response format with
pagination wrappers (e.g., {threat_models: [...], total, limit, offset})
instead of raw arrays. Add update script for future schema migrations.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The OAuthProtectedResourceMetadata schema incorrectly used jwks_url instead of the RFC 9728-specified field name jwks_uri. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
… settings Add two new false positive detection rules to parse-cats-results.py: - DELETE_ME_CHALLENGE: DELETE /me returns 400 without challenge param. This is correct behavior - the two-step deletion flow requires the challenge parameter for safety. - ADMIN_SETTINGS_RESERVED: Reserved setting keys (e.g., "migrate") return 400. This is correct - "migrate" is reserved for the POST /admin/settings/migrate endpoint. These rules reduce false positives in CATS fuzzing results by correctly identifying expected API behavior. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The SettingsService.List() method was using Order("key") but the
database column is "setting_key", causing 500 errors on GET /admin/settings.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
Related Documentation No published documentation to review for changes on this repository. Write your first living document How did I do? Any feedback? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
total_count,limit,offsetfields to all collection responsesjwks_urltojwks_urifor RFC 9728 complianceBreaking Changes
List endpoints now return a wrapper object with pagination metadata instead of raw arrays:
{ "items": [...], "total_count": 10, "limit": 20, "offset": 0 }Test plan
🤖 Generated with Claude Code