From c69420c47c0304f5c8644c2f1c7005f9985a80f4 Mon Sep 17 00:00:00 2001 From: Claude Date: Thu, 30 Apr 2026 13:24:39 +0000 Subject: [PATCH] fix(openapi): allow real error types in /acts/{actorId}/builds/default 403 and add missing enum members Error: WARN Response OpenAPI validation error {"url":"/v2/acts/{actorId}/builds/default","method":"GET","statusCode":403,"errors":[{"message":"must be equal to constant","errorCode":"const.openapi.validation","path":"/response/error/type"}]} Files: apify-api/openapi/paths/actors/acts@{actorId}@builds@default.yaml:28-37 Root cause: The 403 response schema was hard-pinned to the const "unknown-build-tag" via UnknownBuildTagError, but the endpoint also returns 403 with type "insufficient-permissions" when an unauthenticated or non-owner caller requests a private Actor's default build. Switching the schema to the standard ErrorResponse (which references the ErrorType enum) covers both cases without losing the enum constraint. Reference: https://github.com/apify/apify-core/tree/57a2fbf9848fa2f64043cdb855a7b95c2a6caad6/src/api/src/routes/actors/build_default.ts#L33 Error: WARN Response OpenAPI validation error {"url":"/v2/schedules","method":"POST","statusCode":400,"errors":[{"message":"must be equal to one of the allowed values: ...[truncated]","errorCode":"enum.openapi.validation","path":"/response/error/type"}]} Files: apify-api/openapi/components/schemas/common/ErrorType.yaml:301 Root cause: When a Schedule is created with a non-JSON runInput.body, the API throws errors.scheduling.runInputBodyNotValidJson() with type "run-input-body-not-valid-json", which was missing from the ErrorType enum. Reference: https://github.com/apify/apify-core/tree/57a2fbf9848fa2f64043cdb855a7b95c2a6caad6/src/packages/errors/src/errors/scheduling.ts#L63 Error: WARN Response OpenAPI validation error {"url":"/v2/acts/{actorId}/runs","method":"POST","statusCode":403,"errors":[{"message":"must be equal to one of the allowed values: ...[truncated]","errorCode":"enum.openapi.validation","path":"/response/error/type"}]} Files: apify-api/openapi/components/schemas/common/ErrorType.yaml:129 Root cause: Running a public full-permission Actor without prior approval throws errors.actor.fullPermissionActorNotApproved with type "full-permission-actor-not-approved", which was missing from the ErrorType enum. Reference: https://github.com/apify/apify-core/tree/57a2fbf9848fa2f64043cdb855a7b95c2a6caad6/src/packages/errors/src/errors/actor.ts#L58 --- apify-api/openapi/components/schemas/common/ErrorType.yaml | 2 ++ .../openapi/paths/actors/acts@{actorId}@builds@default.yaml | 6 ++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/apify-api/openapi/components/schemas/common/ErrorType.yaml b/apify-api/openapi/components/schemas/common/ErrorType.yaml index 7d18ec687c..90259633db 100644 --- a/apify-api/openapi/components/schemas/common/ErrorType.yaml +++ b/apify-api/openapi/components/schemas/common/ErrorType.yaml @@ -126,6 +126,7 @@ enum: - expired-conference-token - failed-to-charge-user - final-invoice-negative + - full-permission-actor-not-approved - github-branch-empty - github-issue-already-exists - github-public-key-not-found @@ -297,6 +298,7 @@ enum: - requested-dataset-view-does-not-exist - resume-token-expired - run-failed + - run-input-body-not-valid-json - run-timeout-exceeded - russia-is-evil - same-user diff --git a/apify-api/openapi/paths/actors/acts@{actorId}@builds@default.yaml b/apify-api/openapi/paths/actors/acts@{actorId}@builds@default.yaml index a6664423b7..2d43cec4a6 100644 --- a/apify-api/openapi/paths/actors/acts@{actorId}@builds@default.yaml +++ b/apify-api/openapi/paths/actors/acts@{actorId}@builds@default.yaml @@ -27,11 +27,13 @@ get: $ref: ../../components/responses/BadRequest.yaml "403": # It should be 404, but is 403 for backwards compatibility. https://github.com/apify/apify-core/pull/17414 - description: Not found - the requested resource was not found. + # Returned both when the default build does not exist (error type `unknown-build-tag`) + # and when the caller lacks read permission for the Actor (error type `insufficient-permissions`). + description: Forbidden - insufficient permissions, or the requested resource was not found. content: application/json: schema: - $ref: "../../components/schemas/common/errors/BuildErrors.yaml#/UnknownBuildTagError" + $ref: ../../components/schemas/common/ErrorResponse.yaml "404": $ref: ../../components/responses/NotFound.yaml "405":