fix(asm): add missing 429 responses and document rate-limit headers#31
Open
dmchaledev wants to merge 1 commit into
Open
fix(asm): add missing 429 responses and document rate-limit headers#31dmchaledev wants to merge 1 commit into
dmchaledev wants to merge 1 commit into
Conversation
The spec description stated that X-RateLimit-Limit and X-RateLimit-Remaining are returned on every response, but neither header was modelled anywhere and only 2 of 13 endpoints declared a 429. This adds a reusable components/headers block for those two headers, wires them into the RateLimited response component, and adds the 429 ref to the 11 endpoints that were missing it so SDK generators and the Redoc UI surface rate-limit behaviour consistently across all operations. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_016vt7EkXkUc1W7w79ox4oHE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The ASM spec description explicitly states:
But the spec itself never modelled those headers, and only 2 of the 13 operations (
GET /assets,POST /scans) declared a429 Too Many Requestsresponse. The other 11 operations silently omit it.This creates three concrete problems for API consumers:
429tab on most operations, so developers don't know they need to handle it.RateLimitedresponse component was missing the very headers the description promised, making the 429 body less useful for backoff logic.Changes
components/headers/X-RateLimit-Limitandcomponents/headers/X-RateLimit-Remainingreusable header definitions.RateLimitedresponse component (alongside the existingRetry-Afterheader).'429': $ref: '#/components/responses/RateLimited'to the 11 operations that were missing it:GET /assets/{asset_id}PATCH /assets/{asset_id}DELETE /assets/{asset_id}GET /scansGET /scans/{scan_id}GET /vulnerabilitiesGET /vulnerabilities/{vuln_id}PATCH /vulnerabilities/{vuln_id}GET /tagsPOST /tagsValidation
Spectral lint passes with zero errors:
No results with a severity of 'error' found!Generated by Claude Code