Heads up: Stricter validation coming soon on the add/update org membership API endpoint

[kytrinyx]

Hi 👋 ,

I an engineer on the API team at GitHub. A colleague and I are currently going through GitHub's REST API, tightening up validations.

We noticed that a fair number of requests from this library to the Add or update organization membership endpoint that are passing a Content-Length key as part of the payload. Content-Length is an accepted header, but is not a valid value for the payload to this endpoint.

Currently the backend code is ignoring unknown parameters, but we're shortly going to change the validation to return a 422 Unprocessable Entity if an undocumented parameter is passed.

We're expecting to make this change in about a week, and wanted to give you a heads up so you're not caught by surprise.

[milo]

Hi Katrina. Many thanks for notifying me!

This library is only wrapper above PHP HTTP clients (strem or cURL) and it does not build payload itself. It only gets array/object payload given by user and encodes it into JSON. So, sending Content-Length in JSON paylod is probably bug in some 3rd party library.

I walked through all dependents (and its dependents) on Packagist but I did't find any repository matching Content-Length keyword.

Surprise is probably waiting for someone else :o)

[kytrinyx]

Got it! Thanks for taking a look.