Skip to content

swagger.yaml: find and fix any gaps#3761

Merged
MuhammadKhalilzadeh merged 1 commit intodevelopfrom
mo-337-april-21-completing-api-docs
Apr 21, 2026
Merged

swagger.yaml: find and fix any gaps#3761
MuhammadKhalilzadeh merged 1 commit intodevelopfrom
mo-337-april-21-completing-api-docs

Conversation

@MuhammadKhalilzadeh
Copy link
Copy Markdown
Collaborator

@MuhammadKhalilzadeh MuhammadKhalilzadeh commented Apr 21, 2026

(swagger.yaml) in-depth to find and fix any gaps

Provide a concise description of the changes made and their intended purpose.

Write your issue number after "Fixes "

Enter the corresponding issue number after "Fixes #"

Please ensure all items are checked off before requesting a review:

  • I deployed the code locally.
  • I have performed a self-review of my code.
  • I have included the issue # in the PR.
  • I have labelled the PR correctly.
  • The issue I am working on is assigned to me.
  • I have avoided using hardcoded values to ensure scalability and maintain consistency across the application.
  • I have ensured that font sizes, color choices, and other UI elements are referenced from the theme.
  • My pull request is focused and addresses a single, specific feature.
  • If there are UI changes, I have attached a screenshot or video to this PR.

API Documentation Audit - Summary

Branch: mo-337-april-21-completing-api-docs
Commit: 67c07c4ef
Date: 2026-04-21

Task

Review the codebase and API docs (swagger.yaml) in-depth to find and fix any gaps between the documented API and the actual route implementations.

Methodology

  1. Extracted all 250+ paths from Servers/swagger.yaml
  2. Read all 89 route files in Servers/routes/
  3. Cross-referenced every swagger path against every route definition
  4. Identified mismatches in both directions (documented but disabled, implemented but undocumented)

Findings & Fixes

Removed 13 disabled endpoints from swagger

These endpoints were documented in swagger but their routes are commented out in the codebase:

Endpoint Category
POST /assessments Assessments
POST /assessments/saveAnswers Assessments
PUT /assessments/updateAnswers/{id} Assessments
PUT /assessments/{id} Assessments
DELETE /assessments/{id} Assessments
POST /questions Questions
PATCH /questions/{id} Questions
DELETE /questions/{id} Questions
POST /roles Roles
PUT /roles/{id} Roles
DELETE /roles/{id} Roles
DELETE /organizations/{id} Organizations
GET /users/by-email/{email} Users

Added 11 missing endpoints to swagger

These routes are active in the codebase but were not documented:

Endpoint Category
GET /policy-linked Policies
GET /policy-linked/{policyId}/linked-objects Policies
POST /policy-linked/{policyId}/linked-objects Policies
DELETE /policy-linked/{policyId}/linked-objects Policies
DELETE /policy-linked/risk/{riskId}/unlink-all Policies
DELETE /policy-linked/evidence/{evidenceId}/unlink-all Policies
GET /evaluation-llm-keys LLM Keys
POST /evaluation-llm-keys LLM Keys
POST /evaluation-llm-keys/verify LLM Keys
DELETE /evaluation-llm-keys/{provider} LLM Keys
GET /model-inventory-change-history/{id} Change History

Intentionally undocumented (proxy routes)

These routes proxy requests to external Python services and are excluded from the Node.js swagger:

  • /api/deepeval - proxy to Python EvalServer
  • /api/ai-gateway - proxy to Python AI Gateway
  • /v1 - OpenAI-compatible virtual key proxy

Verification

  • YAML validity confirmed via yamljs parser
  • All remaining 600+ endpoints verified as matching between swagger and routes

@MuhammadKhalilzadeh @claude
docs(api): remove disabled endpoints and add missing route documentation
67c07c4 
- Remove 13 swagger entries for commented-out/disabled routes:
  - POST/PUT/DELETE /assessments (write operations disabled)
  - POST /assessments/saveAnswers, PUT /assessments/updateAnswers/{id}
  - POST/PATCH/DELETE /questions (write operations disabled)
  - POST/PUT/DELETE /roles (write operations disabled)
  - DELETE /organizations/{id} (disabled)
  - GET /users/by-email/{email} (disabled)
- Add 6 missing policy-linked endpoints:
  - GET /policy-linked
  - GET/POST/DELETE /policy-linked/{policyId}/linked-objects
  - DELETE /policy-linked/risk/{riskId}/unlink-all
  - DELETE /policy-linked/evidence/{evidenceId}/unlink-all
- Add 4 missing evaluation-llm-keys endpoints:
  - GET/POST /evaluation-llm-keys
  - POST /evaluation-llm-keys/verify
  - DELETE /evaluation-llm-keys/{provider}
- Add missing model-inventory-change-history/{id} endpoint

Co-Authored-By: Claude Opus 4.6 <[email protected]>
@MuhammadKhalilzadeh MuhammadKhalilzadeh self-assigned this Apr 21, 2026
@MuhammadKhalilzadeh MuhammadKhalilzadeh added documentation Improvements or additions to documentation backend Backend related tasks/issues enhancement New feature or request labels Apr 21, 2026
@MuhammadKhalilzadeh MuhammadKhalilzadeh added this to the 2.3 milestone Apr 21, 2026
@MuhammadKhalilzadeh MuhammadKhalilzadeh merged commit 4e1e719 into develop Apr 21, 2026
3 of 4 checks passed
@MuhammadKhalilzadeh MuhammadKhalilzadeh deleted the mo-337-april-21-completing-api-docs branch April 21, 2026 15:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gorkem-bwl gorkem-bwl Awaiting requested review from gorkem-bwl

Assignees

@MuhammadKhalilzadeh MuhammadKhalilzadeh

Labels

backend Backend related tasks/issues documentation Improvements or additions to documentation enhancement New feature or request

Projects

None yet

Milestone

2.3

Development

Successfully merging this pull request may close these issues.

1 participant

@MuhammadKhalilzadeh