Overview
The OpenAPI spec at docs/api/openapi-spec.json documents the API contract but is not enforced at runtime. Clients receive undocumented fields, validators diverge from the spec, and breaking changes go undetected until consumers fail.
Specifications
Features:
- Validate incoming requests and outgoing responses against the OpenAPI spec at runtime.
- Return 400 for request validation failures, log warnings for response deviations.
Tasks:
- Install
express-openapi-validator middleware.
- Mount it in
main.ts pointing at docs/api/openapi-spec.json.
- Configure response validation in non-production environments only (to avoid latency in prod).
- Fix any existing spec mismatches surfaced by the validator.
Impacted Files:
src/main.ts
docs/api/openapi-spec.json
Acceptance Criteria
- Requests with invalid payloads return 400 with schema error details.
- Response validation catches fields present in response but absent from spec.
- All existing E2E tests pass with the validator enabled.
Overview
The OpenAPI spec at
docs/api/openapi-spec.jsondocuments the API contract but is not enforced at runtime. Clients receive undocumented fields, validators diverge from the spec, and breaking changes go undetected until consumers fail.Specifications
Features:
Tasks:
express-openapi-validatormiddleware.main.tspointing atdocs/api/openapi-spec.json.Impacted Files:
src/main.tsdocs/api/openapi-spec.jsonAcceptance Criteria