API contract hardening — zod everywhere, error envelope, pagination, versioning #179
Labels
No labels
area:auth
area:ci
area:db
area:infra
area:native
area:pwa
area:service
epic
feature
foundation
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
james/carol#179
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Bring every API route under the OpenAPI/zod contract: convert remaining hand-rolled DTO parsers to zod, agree on a single error envelope, codify pagination and filtering conventions, and decide the versioning strategy.
This is the API side of "strong API contracts are paramount." The spec is only as good as the schemas it generates from.
Scope
lib/dto/user.tsandlib/dto/settings.ts(the hand-rolled parsers called out in CLAUDE.md) to zod schemas.type,title,status,detail,instance) — and route every existing API error through it.?sort=-created_at,?filter[status]=open); document it in ADR-0027 §API conventions./api/v1/...) vs. header (Accept: application/vnd.carol.v1+json) and ship the chosen form.docs/api-conventions.md; link from CLAUDE.md.Acceptance criteria
docs/api-conventions.mdexists and is linked from CLAUDE.md.Out of scope
Composes with
OpenAPI spec generation, Generated typed API client, Token-based auth, ADR-0027.
Part of
#176