Skip to content

feat(daemon): report api_schema_version in /health + document API compatibility#103

Open
mjacobs wants to merge 2 commits into
kenn-io:mainfrom
mjacobs:feat/health-api-schema-version
Open

feat(daemon): report api_schema_version in /health + document API compatibility#103
mjacobs wants to merge 2 commits into
kenn-io:mainfrom
mjacobs:feat/health-api-schema-version

Conversation

@mjacobs
Copy link
Copy Markdown
Contributor

@mjacobs mjacobs commented Jun 6, 2026

What

Closes the two follow-ups left open by #99: surface the API schema version in
/api/v1/health, and document the compatibility contract for the published
OpenAPI schema.

  • api_schema_version in /api/v1/health — the value stamped into the
    OpenAPI document's info.version (daemon.APISchemaVersion), so an external
    client can detect the HTTP API contract at runtime without parsing the
    committed schema. It's distinct from the existing schema_version, which is
    the DB/storage schema (meta.schema_version); the response doc comment spells
    out the difference so the two aren't conflated.
  • docs/reference/http-api.md — a Reference page covering how to obtain the
    schema (kata openapi / committed api/openapi.yaml), what the per-release
    snapshot is and isn't, the three version fields, and the compatibility
    expectations (additive changes unsignalled; breaking changes bump
    api_schema_version).

A design note worth a look

api_schema_version is optional in the schema even though current daemons
always send it. A version-detection field has to survive version skew: a client
generated from a schema that includes the field still needs to parse the
/health response of an older daemon that predates it, so an absent value
should read as "older than this field," not a parse failure. Making it required
would also have been a contract change that, by this PR's own documented rules,
should bump api_schema_version — keeping it additive avoids over-signalling.
The net schema delta is a single optional property; the required list is
unchanged.

The committed api/openapi.yaml is regenerated; the existing golden test keeps
it in lockstep with the routes.

Part of #97.

mjacobs and others added 2 commits June 5, 2026 17:47
@mjacobs @claude
feat(daemon): report api_schema_version in /health + document API com…
e3c2e07 
…patibility

Surface the OpenAPI document's version (APISchemaVersion) at runtime so an
external client can detect the daemon's HTTP API contract without parsing the
committed schema. This closes the two follow-ups left open by kenn-io#99: the API
schema version in health output, and a documented compatibility contract.

- internal/api: add api_schema_version to HealthResponse, distinct from the
  existing schema_version (which is the DB/storage schema). The doc comment
  spells out the difference so the two version fields aren't conflated.
- internal/daemon: populate it from APISchemaVersion (the same const stamped
  into info.version of the OpenAPI doc), so health and schema never disagree.
- docs/reference: new "HTTP API schema" page covering how to obtain the schema
  (kata openapi / committed api/openapi.yaml), what the snapshot is and is not,
  the three version fields, and the compatibility expectations (additive
  changes unsignalled, breaking changes bump api_schema_version).
- api/openapi.yaml: regenerated; the golden test keeps it in lockstep.

Part of kenn-io#97.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@mjacobs @claude
fix(api): make api_schema_version schema-optional (additive, no versi…
4a669b5 
…on bump)

Codex review caught that adding api_schema_version as a *required* field while
leaving APISchemaVersion at 0.1.0 contradicted the compatibility contract this
same change documents: a required new response field is a contract change, and a
strict client generated from the new schema would fail to parse an older
daemon's /api/v1/health response (which lacks the field) before it could even
read the version.

A version-detection field has to survive version skew. Mark it omitempty so it
is schema-optional: its addition is now a genuine additive change (the OpenAPI
required list is unchanged from origin/main), and a client treats an absent
value as "daemon older than this field." Current daemons always populate it.

Part of kenn-io#97.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@roborev-ci
Copy link
Copy Markdown

roborev-ci Bot commented Jun 6, 2026

roborev: Combined Review (4a669b5)

Summary verdict: One medium documentation/schema compatibility issue needs resolution; no security issues were found.

Medium

  • docs/reference/http-api.md:69: The compatibility guidance says new optional response fields can appear without an api_schema_version change and clients should ignore unknown fields, but the published OpenAPI schemas use additionalProperties: false (for example api/openapi.yaml:1310). Strict clients or validators generated from the schema can reject additive response fields, making those changes breaking despite the documented policy.

    Fix: Either make response schemas permissive for additive fields, or change the compatibility guidance to require an API schema version bump for new response fields / explicitly require clients to disable strict response validation.

Panel: ci_default_security | Synthesis: codex, 7s | Members: codex_default (codex/default, done, 2m3s), codex_security (codex/security, done, 12s) | Total: 2m22s

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mjacobs