feat(server): default request validation to 'warn' in dev/test#765
Merged
Conversation
Flip createAdcpServer's request validation default from 'off' to 'warn'
when NODE_ENV !== 'production', mirroring the asymmetric default already
in place for responses ('strict' in dev/test, 'off' in production).
Production behaviour is unchanged: the default stays 'off' when
NODE_ENV === 'production', so prod request paths pay no AJV cost.
Warn mode logs a single Schema validation warning (request) line per
mismatched payload through the configured logger and still dispatches
to the handler — nothing is rejected. Keeps the two validation sides
symmetric and surfaces upstream schema tightenings (e.g. adcp#2795's
required asset_type discriminator) as diagnostics during handler
development instead of as a downstream VALIDATION_ERROR after deploy.
Opt out via validation: { requests: 'off' } or NODE_ENV=production.
Refs #694 (original intent for requests: 'warn'), #727 A (response-side
default precedent).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
createAdcpServer's request validation default from'off'to'warn'whenNODE_ENV !== 'production'. Production default stays'off'(zero AJV overhead).Schema validation warning (request)line per mismatched payload via the configured logger and still dispatches — nothing is rejected.requests: 'warn'everywhere in its body but shipped'off'as code/docs drift).Why
Symmetric defaults with responses, and prepares seller operators for upstream schema tightenings — notably adcp#2795, which introduces a required
asset_typediscriminator on creative assets. Buyer agents still on RC3 fixtures will lack it; surfacing that as a warning during handler development beats discovering it in a downstreamVALIDATION_ERRORafter deploy.Opt-out
validation: { requests: 'off' }on thecreateAdcpServerconfig.NODE_ENV=productionfor the process.Test plan
npm run build:libpassesnpm run test:libpasses (4391 tests, 0 failures, 6 skipped)schema-validation-server.test.js— the renamedrequests: "off"test now asserts explicit opt-out instead of relying on it being the defaultprettier --checkclean on modified filesvalidation:underNODE_ENV=test, send a request that fails the schema, confirm aSchema validation warning (request)line appears in the logger and the handler still runsvalidation: { requests: 'off' }and confirm no warning firesRefs: #694 (original intent), #727 A (response-side precedent), adcp#2795 (upstream
asset_typediscriminator this prepares for).