Hi! While testing a cross-stack schema-drift detector I'm building, I scanned core and found some mismatches between the committed OpenAPI specs, the Prisma schema, and the runtime handlers. I verified everything below by hand at HEAD 2e52e42 — file/line references included. Three items, roughly in order of impact:
1. /oauth/userinfo response doesn't match its documented schema
Both specs document the UserInfo schema with picture and id (docs/openapi.json:156, apps/webapp/openapi.yaml:149), but the live handler returns avatar_url and sub (apps/webapp/app/services/oauth2.server.ts:649-660), mirroring the Prisma field User.avatarUrl (apps/webapp/prisma/schema.prisma:871). Any OAuth client coded against the spec reads undefined for both fields.
2. No schema declares a required array
None of Conversation, IngestionRule, Label, or UserInfo declares required, so every field — including DB-guaranteed ones like id, createdAt, updatedAt — is contractually optional. Generated SDK clients type everything as T | undefined and force needless null-handling. Single systematic fix: add required arrays for the fields that are non-nullable in Prisma (e.g. Conversation.id/createdAt/updatedAt, IngestionRule.text/source/isActive, Label.name/color/workspaceId).
3. apps/webapp/openapi.yaml still documents the removed Spaces feature
Commit 586eadb (Dec 2025, "docs: migrate documentation from Spaces to Labels") updated docs/openapi.json but not apps/webapp/openapi.yaml, which still documents /api/v1/spaces, /api/v1/spaces/{spaceId}, and a Space schema (:307, :964-1090) with no backing route or model. Relatedly, the two committed specs have diverged: docs/openapi.json has Label + /api/v1/labels but no conversation/ingestion-rule paths, while the webapp spec has the reverse.
Happy to open a PR for any/all of these if useful — the required-array fix and the Spaces removal are mechanical.
Hi! While testing a cross-stack schema-drift detector I'm building, I scanned core and found some mismatches between the committed OpenAPI specs, the Prisma schema, and the runtime handlers. I verified everything below by hand at HEAD
2e52e42— file/line references included. Three items, roughly in order of impact:1.
/oauth/userinforesponse doesn't match its documented schemaBoth specs document the
UserInfoschema withpictureandid(docs/openapi.json:156,apps/webapp/openapi.yaml:149), but the live handler returnsavatar_urlandsub(apps/webapp/app/services/oauth2.server.ts:649-660), mirroring the Prisma fieldUser.avatarUrl(apps/webapp/prisma/schema.prisma:871). Any OAuth client coded against the spec readsundefinedfor both fields.2. No schema declares a
requiredarrayNone of
Conversation,IngestionRule,Label, orUserInfodeclaresrequired, so every field — including DB-guaranteed ones likeid,createdAt,updatedAt— is contractually optional. Generated SDK clients type everything asT | undefinedand force needless null-handling. Single systematic fix: addrequiredarrays for the fields that are non-nullable in Prisma (e.g.Conversation.id/createdAt/updatedAt,IngestionRule.text/source/isActive,Label.name/color/workspaceId).3.
apps/webapp/openapi.yamlstill documents the removed Spaces featureCommit
586eadb(Dec 2025, "docs: migrate documentation from Spaces to Labels") updateddocs/openapi.jsonbut notapps/webapp/openapi.yaml, which still documents/api/v1/spaces,/api/v1/spaces/{spaceId}, and aSpaceschema (:307,:964-1090) with no backing route or model. Relatedly, the two committed specs have diverged:docs/openapi.jsonhasLabel+/api/v1/labelsbut no conversation/ingestion-rule paths, while the webapp spec has the reverse.Happy to open a PR for any/all of these if useful — the
required-array fix and the Spaces removal are mechanical.