OpenAPITools/openapi-diff

Removing a Query parameter is considered a breaking change while removing a Request Body parameter isn't

Open

#412 opened on Sep 15, 2022

View on GitHub
 (1 comment) (0 reactions) (0 assignees)Java (1,079 stars) (187 forks)user submission
Breaking/Non-Breaking classificationhelp wanted

Description

While testing this tool, we've noticed that removing a query parameter would give a API changes broke backward compatibility result while removing a request body parameter would return a API changes are backward compatible. Shouldn't both be breaking changes?

If this is expected, we'd be curious to understand why that is.

Here are the spec files we used to test this:

image

old_queryparameter.yml :

openapi: "3.0.1"
info:
  title: "Public Api"
  description: ""
  version: "2022-08-23T16:17:54Z"
servers:
  - url: "https://someurl"
    variables:
      basePath:
        default: "/v1"
paths:
  /auth:
    post:
      parameters:
        - name: "Username"
          in: "query"
          required: true
          schema:
            type: "string"
        - name: "Password"
          in: "query"
          required: true
          schema:
            type: "string"

new_queryparameter.yml :

openapi: "3.0.1"
info:
  title: "Public Api"
  description: ""
  version: "2022-08-23T16:17:54Z"
servers:
  - url: "https://someurl"
    variables:
      basePath:
        default: "/v1"
paths:
  /auth:
    post:
      parameters:
        - name: "Username"
          in: "query"
          required: true
          schema:
            type: "string"

image

old_requestbody.yml:

openapi: "3.0.1"
info:
  title: "Public Api"
  description: ""
  version: "2022-08-23T16:17:54Z"
servers:
  - url: "https://someurl"
    variables:
      basePath:
        default: "/v1"
paths:
  /auth:
    post:
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/AuthRequest"
        required: true

components:
  schemas:
    AuthRequest:
      required:
        - "Username"
        - "Password"
      type: "object"
      properties:
        Username:
          type: "string"
        Password:
          type: "string"

new_requestbody.yml:

openapi: "3.0.1"
info:
  title: "Public Api"
  description: ""
  version: "2022-08-23T16:17:54Z"
servers:
  - url: "https://someurl"
    variables:
      basePath:
        default: "/v1"
paths:
  /auth:
    post:
      requestBody:
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/AuthRequest"
        required: true

components:
  schemas:
    AuthRequest:
      required:
        - "Username"
      type: "object"
      properties:
        Username:
          type: "string"

Thank you!

Contributor guide

Tech stack
java
Domain
backendapi
Issue type
bug
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
3
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
1-3 hours
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
stale
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
clear
Prerequisites
OpenAPI specification basicsJava
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
60
Research direction
Investigate the comparison logic in openapi diff, specifically how query parameters and request body properties are handled when removed. Look at files like `src/main/java/com/openapidiff/core/ChangedOpenApi.java` or similar diffs for parameters vs request body. The issue provides clear examples of old and new YAML specs. The goal is to ensure that removing a required property from request body is also considered a breaking change, similar to removing a required query parameter.