tengqm opened a new issue, #6072: URL: https://github.com/apache/gravitino/issues/6072
### Version main branch ### Describe what's wrong The OpenAPI spec (`/docs/open-api/*.yaml`) is not accurate. This inaccuracy may lead to incomplete/insufficient parameter validation or even security issues. For example, for the `registerModel` operation, the `ModelRegisterRequest` has `name` listed under `required`. This is fine. We mentioned that the "name cannot be empty" in `description`, which is also good. However, the word "empty" is ambiguous. We'd better add an explicit constraint like `minLength: 1`. In the same spirit, we may add a pattern for the `name` field. For example, I don't think `" \/ "` is a good/valid name for a model. We may want to restrict the maximum length of a name. There are also other more generic issues such as the use of `PUT` and `PATCH` verbs. A `PUT` is supposed to be a fully replace request, i.e. replace an existing resource with a new one. A `PATCH`, on the other hand, is supposed to be a partial update request. However, in our current API specs, we are using `PUT` for `PATCH`. ### Error message and/or stacktrace N/A ### How to reproduce N/A ### Additional context _No response_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
