Add support for webhooks as a top-level element #2103

lornajane · 2020-01-14T12:35:51Z

After some discussion (#1968 ), an accepted proposal (#1974 ), and some more discussion on the TSC calls, we're at a a point where we can add support for webhooks to OpenAPI and this PR does that.

Of particular note is that after TSC discussion, it became clear that what we have here is a map of PathItems, rather than a new object type so the spec changes reflect this.

Without a specific Webhook Object, the documentation is technically complete but felt a bit ... thin. Therefore an example has also been added and linked to help users understand how this feature can be used.

lornajane · 2020-01-14T12:38:44Z

Worth a mention: I manually repeated the changes from #2048 as well as they seemed really relevant and like we'd want to see the two together but they weren't already in this branch (they're in the 3.0.3 one) and it wasn't clear to me how to merge that into this file.

webron

Added a few comments. Overall nothing drastic.

Technically, there's no need to copy over #2048 unless it directly impacts your changes. When 3.0.3 is released, we'll make sure to migrate all relevant changes to 3.1.0 (and any potential changes to 3.0.4 as well).

versions/3.1.0.md

webron · 2020-01-15T09:48:53Z

versions/3.1.0.md

@@ -197,6 +197,8 @@ Field Name | Type | Description
 <a name="oasSecurity"></a>security | [[Security Requirement Object](#securityRequirementObject)] | A declaration of which security mechanisms can be used across the API. The list of values includes alternative security requirement objects that can be used. Only one of the security requirement objects need to be satisfied to authorize a request. Individual operations can override this definition.
 <a name="oasTags"></a>tags | [[Tag Object](#tagObject)] | A list of tags used by the specification with additional metadata. The order of the tags can be used to reflect on their order by the parsing tools. Not all tags that are used by the [Operation Object](#operationObject) must be declared. The tags that are not declared MAY be organized randomly or based on the tools' logic. Each tag name in the list MUST be unique.
 <a name="oasExternalDocs"></a>externalDocs | [External Documentation Object](#externalDocumentationObject) | Additional external documentation.
+<a name="oasWebhooks"></a>webhooks | Map[`string`, [Path Item Object](#pathItemObject)] | The incoming webhooks that may be received as part of this API. The key name is a unique string to refer to each webhook, while the Path Item Object describes a request that may be initiated by the API provider and the expected responses. An [example](../examples/v3.1/webhook-example.yaml) is available.


I'd like to see this entry right after the paths.

MAY

Not a huge fan of the link to the external example. I realize we also have it in the callbacks, not sure we should have it there either.

It might also prove useful to further explain that this can be used to describe out of bound webhook registration, the relationship with callbacks and that these are meant to be implemented by the API consumer. It might be clear to us as we've all discussed it in the past, not sure a first time reader will get it as well.

I've made the changes you suggest and expanded more on the wording, would you take another look? I have left the external example in since I think it is useful to have one somewhere but I'm open to suggestions about where!

examples/v3.1/webhook-example.yaml

MikeRalphson · 2020-01-16T16:48:15Z

versions/3.1.0.md

@@ -193,11 +193,13 @@ Field Name | Type | Description
 <a name="oasInfo"></a>info | [Info Object](#infoObject) | **REQUIRED**. Provides metadata about the API. The metadata MAY be used by tooling as required.
 <a name="oasServers"></a>servers | [[Server Object](#serverObject)] | An array of Server Objects, which provide connectivity information to a target server. If the `servers` property is not provided, or is an empty array, the default value would be a [Server Object](#serverObject) with a [url](#serverUrl) value of `/`.
 <a name="oasPaths"></a>paths | [Paths Object](#pathsObject) | **REQUIRED**. The available paths and operations for the API.
+<a name="oasWebhooks"></a>webhooks | Map[`string`, [Path Item Object](#pathItemObject)] | The incoming webhooks that MAY be received as part of this API and that the API consumer is expected to implement. Closely related to the `callbacks` feature, this section describes requests initiated other than by an API call, for example by an out of band registration. The key name is a unique string to refer to each webhook, while the Path Item Object describes a request that may be initiated by the API provider and the expected responses. An [example](../examples/v3.1/webhook-example.yaml) is available.


Just a note that if we are linking examples from the spec, we should ensure links are not broken from the "pretty" ReSpec version on openapis.org.

Ah, what's the correct way to refer to the examples? I copied the way the Callback Object did it but @MikeRalphson is correct (of course!) - that link doesn't work in the nicely rendered spec version http://spec.openapis.org/oas/v3.0.2.html#callback-object

I'd be happy with either an absolute URL or I could fix relative links in the spec rendering pre-processor. What do people think? It's good that we've spotted that the problem was there already,

Because Ron is not here.

fmvilas · 2020-01-20T10:38:58Z

examples/v3.1/webhook-example.yaml

+webhooks:
+  # Each webhook needs a name
+  newPet:
+    # This is a Path Item Object, the only difference is that the request is initiated by the API provider


If the request is initiated by the API provider, where is the server defined? Where is this request going?

(Sorry for the late review comment)

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (#1779) * Fix: #832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (#2103) * Add webhooks as a top-level element to the spec * Add the changes from #2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (#2115) This adapts the language from PR #2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (#2152) * Add SPDX identifier field to license object, fixes #1599 (#2105) * Add information about objects to the description too * Make paths object optional (#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for #1830. (#1831) * Proposed fix for #1830. Each variable expression in a path must have a corresponding path parameter. * #1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update #1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in #1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue #1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix #2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (#1888) * Referencing issue #513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For #513, adjusting language and removing examples For #513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (#2181) * HTTP not REST (#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (#2246) * Update version for release (#2269) Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (#1779) * Fix: #832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (#2103) * Add webhooks as a top-level element to the spec * Add the changes from #2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (#2115) This adapts the language from PR #2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (#2152) * Add SPDX identifier field to license object, fixes #1599 (#2105) * Add information about objects to the description too * Make paths object optional (#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for #1830. (#1831) * Proposed fix for #1830. Each variable expression in a path must have a corresponding path parameter. * #1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update #1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in #1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue #1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix #2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (#1888) * Referencing issue #513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For #513, adjusting language and removing examples For #513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (#2181) * HTTP not REST (#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (#2246) * Update version for release (#2269) * $schema Guidance (#2266) * chore: explain how $schema might work * reordered and made it specifically only schema resources * Update versions/3.1.0.md Co-authored-by: Karen Etheridge <ether@cpan.org> * Update versions/3.1.0.md Co-authored-by: Ben Hutton <relequestual@gmail.com> * new approach Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> * v3.1.0: rephrase data-type section because `format` keyword can be used for any data type. (#2302) * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * Added change to address #2287 (#2328) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * Make Server Variable Object's properties more strict (#2335) Followup to #1809, now that we allow breaking changes. * docs(Components): fix typo in schemas field type (#2337) * Fix indentation of a YAML comment * Removed required constraint on responses object (#2329) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * 3.1.0-rc1 Release prep (#2369) * Update 3.1.0.md * Merge branch 'master' into v3.1.0-dev Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> Co-authored-by: Sebastien Rosset <serosset@cisco.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Vladimir Gorej <vladimir.gorej@gmail.com> Co-authored-by: Helen Kosova <helen.kosova@smartbear.com>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (#1779) * Fix: #832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (#2103) * Add webhooks as a top-level element to the spec * Add the changes from #2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (#2115) This adapts the language from PR #2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (#2152) * Add SPDX identifier field to license object, fixes #1599 (#2105) * Add information about objects to the description too * Make paths object optional (#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for #1830. (#1831) * Proposed fix for #1830. Each variable expression in a path must have a corresponding path parameter. * #1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update #1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in #1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue #1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix #2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (#1888) * Referencing issue #513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For #513, adjusting language and removing examples For #513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (#2181) * HTTP not REST (#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (#2246) * x-oas- to x-oai- (v3.1.0-dev) * Update version for release (#2269) * $schema Guidance (#2266) * chore: explain how $schema might work * reordered and made it specifically only schema resources * Update versions/3.1.0.md Co-authored-by: Karen Etheridge <ether@cpan.org> * Update versions/3.1.0.md Co-authored-by: Ben Hutton <relequestual@gmail.com> * new approach Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> * x-oai- / x-oas-; reserve both * v3.1.0: rephrase data-type section because `format` keyword can be used for any data type. (#2302) * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * Added change to address #2287 (#2328) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * Make Server Variable Object's properties more strict (#2335) Followup to #1809, now that we allow breaking changes. * docs(Components): fix typo in schemas field type (#2337) * Fix indentation of a YAML comment * Removed required constraint on responses object (#2329) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * 3.1.0-rc1 Release prep (#2369) * Update 3.1.0.md * Merge branch 'master' into v3.1.0-dev * Added words relating to adopting semantics of JSON Schema (#2330) * Added words relating to adopting semantics of JSON Schema * Update versions/3.1.0.md Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * fix typo in release history table * fix link to style values in serialization table * Fix misspelling of a keyword in text (#2389) * Update wording that referred to the year 2019 as the current year (#2390) * Added link to JSON Schema Validation docs explain which formats are included in JSON Schema (#2394) * Added link to JSON Schema Validation docs explain which formats are included in JSON Schema * Update verbiage to be more accurate Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md (#2405) Improve wording about 'summary' and 'description' in Reference Object * long descriptions are cool too (#2408) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Unescaped Slashes Aint Welcome Around 'Ere (#2218) * oas 3.0 doesn't mention slashes not allowed * none of those either Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Add missing field and use same summaries in Request Body Examples. (#2362) * Add missing schema type in Operation Object YAML Example. (#2361) * OAS schema dialect clarifications (#2399) * OAS schema dialect clarifications * OAS schema dialect clarifications Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * $schema is allowed in subschemas when bundling Co-authored-by: Ben Hutton <relequestual@gmail.com> * Schema dialect clarifications from Ben Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Use top-level jsonSchemaDialect field Co-authored-by: Ben Hutton <relequestual@gmail.com> * Update JSON Schema Draft to 2020-12 and make $ref resolution rules explicit (#2437) * fix http link to json-schema.org Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix http link to spec.commonmark.org Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Specify rules for $ref resolution Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Specify relative resolution rules for pathItem $ref and example externalValue Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update JSON Schema draft links to 2020-12 IETF pages Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make language about 'MUST be in the form of a ...' consistent Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make it clear pathItem $refs don't need to be external now Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make RFC links consistent with regard to spacing Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Allow a URI for example.externalValue fields This makes it fall under the rules for relative references. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explicitly call out $ref as a Relative Reference * Remove wording about what implementations SHOULD/MAY do with a $ref * Prefer 'referenced document' to 'referrant document' for clarity * Fix JSON Schema $ref resolution fallback rule * Add links back to #relativeReferences definition * Split #relativeReferences definition into URL and URI sections Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clean-up wording about $refs in responsesObjects, fixes #1679 (#2442) * Clean-up wording about $refs in responsesObjects, fixes #1679 * Agreed to remove explicit verbiage around $refs in responseObjects, fixes #1679 * fix: two typos in versions/3.1.0.md (#2452) * Fix, clarify, and simplify content type schemas (#2351) * Fix, clarify, and simplify content type schemas This fixes #2349, which caught that an encoded PNG image is encoded into a text media type. In the process I realized some other errors, and simplified things. * HTTP `Content-Type` is always handled by OAS * Media Type Object key in most cases * Encoding object (possibly inferred from schema) in `multipart/form-data` * HTTP-level `Content-Encoding` is always handled by the OAS Header Object * JSON Schema "content*" is used for embedding one media type into another * the encoded resource is of media type `text/plain` * `"contentMediaType"` is the embedded media type after decoding * `"contentEncoding"` is how to encode/decode binary to/from text This removes any chance of `"contentMediaType"` conflicting with the Media Type Object key or with `contentType` in the Encoding Object, as they now always do different things. Likewise, the HTTP `Content-Encoding` header (with values like gzip, deflate, etc.) does different things than `"contentEncoding"` (which has values like base64, base64url, quoted-printable, etc.). The deprecated part header `Content-Transfer-Encoding` is likewise handled in the Encoding Object, but is probably never used. * Fix Content-Type to indicate semantics ...rather than literal content format on the wire. * Update 3.1.0.md Fixed a typo and changed a SHOULD to MAY. * Update versions/3.1.0.md * clarify default encoding content type value. * Describe interaction between JSON Schema contentEncoding and HTTP Content-Encoding header Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> * 3.1.0 release prep (#2461) * 3.1.0 release prep * Update README.md * reframing `user` as `author` (#2463) Per comment in review, authors determine whether a spec is a single or multipart document. Those who consume the spec care more about the information itself and less (or not at all directly) about how it was assembled. * fixed the dash character Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> Co-authored-by: Sebastien Rosset <serosset@cisco.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Vladimir Gorej <vladimir.gorej@gmail.com> Co-authored-by: Helen Kosova <helen.kosova@smartbear.com> Co-authored-by: Deven Phillips <InfoSec812@users.noreply.github.com> Co-authored-by: Vladimir <greatvovan@gmail.com> Co-authored-by: Quint Daenen <me@di-wu.be>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (OAI#1779) * Fix: OAI#832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (OAI#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (OAI#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (OAI#2103) * Add webhooks as a top-level element to the spec * Add the changes from OAI#2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (OAI#2115) This adapts the language from PR OAI#2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (OAI#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (OAI#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (OAI#2152) * Add SPDX identifier field to license object, fixes OAI#1599 (OAI#2105) * Add information about objects to the description too * Make paths object optional (OAI#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (OAI#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (OAI#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (OAI#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (OAI#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for OAI#1830. (OAI#1831) * Proposed fix for OAI#1830. Each variable expression in a path must have a corresponding path parameter. * OAI#1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update OAI#1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (OAI#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (OAI#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in OAI#1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue OAI#1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (OAI#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (OAI#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (OAI#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix OAI#2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (OAI#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (OAI#1888) * Referencing issue OAI#513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For OAI#513, adjusting language and removing examples For OAI#513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (OAI#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (OAI#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (OAI#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (OAI#2181) * HTTP not REST (OAI#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (OAI#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (OAI#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (OAI#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (OAI#2246) * Update version for release (OAI#2269) Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (OAI#1779) * Fix: OAI#832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (OAI#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (OAI#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (OAI#2103) * Add webhooks as a top-level element to the spec * Add the changes from OAI#2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (OAI#2115) This adapts the language from PR OAI#2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (OAI#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (OAI#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (OAI#2152) * Add SPDX identifier field to license object, fixes OAI#1599 (OAI#2105) * Add information about objects to the description too * Make paths object optional (OAI#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (OAI#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (OAI#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (OAI#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (OAI#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for OAI#1830. (OAI#1831) * Proposed fix for OAI#1830. Each variable expression in a path must have a corresponding path parameter. * OAI#1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update OAI#1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (OAI#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (OAI#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in OAI#1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue OAI#1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (OAI#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (OAI#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (OAI#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix OAI#2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (OAI#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (OAI#1888) * Referencing issue OAI#513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For OAI#513, adjusting language and removing examples For OAI#513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (OAI#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (OAI#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (OAI#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (OAI#2181) * HTTP not REST (OAI#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (OAI#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (OAI#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (OAI#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (OAI#2246) * Update version for release (OAI#2269) * $schema Guidance (OAI#2266) * chore: explain how $schema might work * reordered and made it specifically only schema resources * Update versions/3.1.0.md Co-authored-by: Karen Etheridge <ether@cpan.org> * Update versions/3.1.0.md Co-authored-by: Ben Hutton <relequestual@gmail.com> * new approach Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> * v3.1.0: rephrase data-type section because `format` keyword can be used for any data type. (OAI#2302) * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * Added change to address OAI#2287 (OAI#2328) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * Make Server Variable Object's properties more strict (OAI#2335) Followup to OAI#1809, now that we allow breaking changes. * docs(Components): fix typo in schemas field type (OAI#2337) * Fix indentation of a YAML comment * Removed required constraint on responses object (OAI#2329) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * 3.1.0-rc1 Release prep (OAI#2369) * Update 3.1.0.md * Merge branch 'master' into v3.1.0-dev Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> Co-authored-by: Sebastien Rosset <serosset@cisco.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Vladimir Gorej <vladimir.gorej@gmail.com> Co-authored-by: Helen Kosova <helen.kosova@smartbear.com>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (OAI#1779) * Fix: OAI#832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (OAI#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (OAI#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (OAI#2103) * Add webhooks as a top-level element to the spec * Add the changes from OAI#2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (OAI#2115) This adapts the language from PR OAI#2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (OAI#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (OAI#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (OAI#2152) * Add SPDX identifier field to license object, fixes OAI#1599 (OAI#2105) * Add information about objects to the description too * Make paths object optional (OAI#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (OAI#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (OAI#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (OAI#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (OAI#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for OAI#1830. (OAI#1831) * Proposed fix for OAI#1830. Each variable expression in a path must have a corresponding path parameter. * OAI#1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update OAI#1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (OAI#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (OAI#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in OAI#1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue OAI#1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (OAI#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (OAI#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (OAI#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix OAI#2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (OAI#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (OAI#1888) * Referencing issue OAI#513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For OAI#513, adjusting language and removing examples For OAI#513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (OAI#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (OAI#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (OAI#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (OAI#2181) * HTTP not REST (OAI#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (OAI#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (OAI#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (OAI#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (OAI#2246) * x-oas- to x-oai- (v3.1.0-dev) * Update version for release (OAI#2269) * $schema Guidance (OAI#2266) * chore: explain how $schema might work * reordered and made it specifically only schema resources * Update versions/3.1.0.md Co-authored-by: Karen Etheridge <ether@cpan.org> * Update versions/3.1.0.md Co-authored-by: Ben Hutton <relequestual@gmail.com> * new approach Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> * x-oai- / x-oas-; reserve both * v3.1.0: rephrase data-type section because `format` keyword can be used for any data type. (OAI#2302) * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * Added change to address OAI#2287 (OAI#2328) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * Make Server Variable Object's properties more strict (OAI#2335) Followup to OAI#1809, now that we allow breaking changes. * docs(Components): fix typo in schemas field type (OAI#2337) * Fix indentation of a YAML comment * Removed required constraint on responses object (OAI#2329) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * 3.1.0-rc1 Release prep (OAI#2369) * Update 3.1.0.md * Merge branch 'master' into v3.1.0-dev * Added words relating to adopting semantics of JSON Schema (OAI#2330) * Added words relating to adopting semantics of JSON Schema * Update versions/3.1.0.md Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * fix typo in release history table * fix link to style values in serialization table * Fix misspelling of a keyword in text (OAI#2389) * Update wording that referred to the year 2019 as the current year (OAI#2390) * Added link to JSON Schema Validation docs explain which formats are included in JSON Schema (OAI#2394) * Added link to JSON Schema Validation docs explain which formats are included in JSON Schema * Update verbiage to be more accurate Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md (OAI#2405) Improve wording about 'summary' and 'description' in Reference Object * long descriptions are cool too (OAI#2408) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Unescaped Slashes Aint Welcome Around 'Ere (OAI#2218) * oas 3.0 doesn't mention slashes not allowed * none of those either Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Add missing field and use same summaries in Request Body Examples. (OAI#2362) * Add missing schema type in Operation Object YAML Example. (OAI#2361) * OAS schema dialect clarifications (OAI#2399) * OAS schema dialect clarifications * OAS schema dialect clarifications Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * $schema is allowed in subschemas when bundling Co-authored-by: Ben Hutton <relequestual@gmail.com> * Schema dialect clarifications from Ben Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Use top-level jsonSchemaDialect field Co-authored-by: Ben Hutton <relequestual@gmail.com> * Update JSON Schema Draft to 2020-12 and make $ref resolution rules explicit (OAI#2437) * fix http link to json-schema.org Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix http link to spec.commonmark.org Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Specify rules for $ref resolution Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Specify relative resolution rules for pathItem $ref and example externalValue Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update JSON Schema draft links to 2020-12 IETF pages Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make language about 'MUST be in the form of a ...' consistent Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make it clear pathItem $refs don't need to be external now Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make RFC links consistent with regard to spacing Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Allow a URI for example.externalValue fields This makes it fall under the rules for relative references. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explicitly call out $ref as a Relative Reference * Remove wording about what implementations SHOULD/MAY do with a $ref * Prefer 'referenced document' to 'referrant document' for clarity * Fix JSON Schema $ref resolution fallback rule * Add links back to #relativeReferences definition * Split #relativeReferences definition into URL and URI sections Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clean-up wording about $refs in responsesObjects, fixes OAI#1679 (OAI#2442) * Clean-up wording about $refs in responsesObjects, fixes OAI#1679 * Agreed to remove explicit verbiage around $refs in responseObjects, fixes OAI#1679 * fix: two typos in versions/3.1.0.md (OAI#2452) * Fix, clarify, and simplify content type schemas (OAI#2351) * Fix, clarify, and simplify content type schemas This fixes OAI#2349, which caught that an encoded PNG image is encoded into a text media type. In the process I realized some other errors, and simplified things. * HTTP `Content-Type` is always handled by OAS * Media Type Object key in most cases * Encoding object (possibly inferred from schema) in `multipart/form-data` * HTTP-level `Content-Encoding` is always handled by the OAS Header Object * JSON Schema "content*" is used for embedding one media type into another * the encoded resource is of media type `text/plain` * `"contentMediaType"` is the embedded media type after decoding * `"contentEncoding"` is how to encode/decode binary to/from text This removes any chance of `"contentMediaType"` conflicting with the Media Type Object key or with `contentType` in the Encoding Object, as they now always do different things. Likewise, the HTTP `Content-Encoding` header (with values like gzip, deflate, etc.) does different things than `"contentEncoding"` (which has values like base64, base64url, quoted-printable, etc.). The deprecated part header `Content-Transfer-Encoding` is likewise handled in the Encoding Object, but is probably never used. * Fix Content-Type to indicate semantics ...rather than literal content format on the wire. * Update 3.1.0.md Fixed a typo and changed a SHOULD to MAY. * Update versions/3.1.0.md * clarify default encoding content type value. * Describe interaction between JSON Schema contentEncoding and HTTP Content-Encoding header Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> * 3.1.0 release prep (OAI#2461) * 3.1.0 release prep * Update README.md * reframing `user` as `author` (OAI#2463) Per comment in review, authors determine whether a spec is a single or multipart document. Those who consume the spec care more about the information itself and less (or not at all directly) about how it was assembled. * fixed the dash character Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> Co-authored-by: Sebastien Rosset <serosset@cisco.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Vladimir Gorej <vladimir.gorej@gmail.com> Co-authored-by: Helen Kosova <helen.kosova@smartbear.com> Co-authored-by: Deven Phillips <InfoSec812@users.noreply.github.com> Co-authored-by: Vladimir <greatvovan@gmail.com> Co-authored-by: Quint Daenen <me@di-wu.be>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (OAI#1779) * Fix: OAI#832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (OAI#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (OAI#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (OAI#2103) * Add webhooks as a top-level element to the spec * Add the changes from OAI#2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (OAI#2115) This adapts the language from PR OAI#2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (OAI#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (OAI#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (OAI#2152) * Add SPDX identifier field to license object, fixes OAI#1599 (OAI#2105) * Add information about objects to the description too * Make paths object optional (OAI#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (OAI#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (OAI#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (OAI#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (OAI#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for OAI#1830. (OAI#1831) * Proposed fix for OAI#1830. Each variable expression in a path must have a corresponding path parameter. * OAI#1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update OAI#1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (OAI#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (OAI#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in OAI#1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue OAI#1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (OAI#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (OAI#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (OAI#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix OAI#2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (OAI#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (OAI#1888) * Referencing issue OAI#513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For OAI#513, adjusting language and removing examples For OAI#513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (OAI#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (OAI#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (OAI#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (OAI#2181) * HTTP not REST (OAI#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (OAI#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (OAI#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (OAI#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (OAI#2246) * Update version for release (OAI#2269) Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (OAI#1779) * Fix: OAI#832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (OAI#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (OAI#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (OAI#2103) * Add webhooks as a top-level element to the spec * Add the changes from OAI#2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (OAI#2115) This adapts the language from PR OAI#2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (OAI#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (OAI#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (OAI#2152) * Add SPDX identifier field to license object, fixes OAI#1599 (OAI#2105) * Add information about objects to the description too * Make paths object optional (OAI#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (OAI#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (OAI#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (OAI#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (OAI#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for OAI#1830. (OAI#1831) * Proposed fix for OAI#1830. Each variable expression in a path must have a corresponding path parameter. * OAI#1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update OAI#1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (OAI#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (OAI#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in OAI#1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue OAI#1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (OAI#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (OAI#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (OAI#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix OAI#2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (OAI#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (OAI#1888) * Referencing issue OAI#513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For OAI#513, adjusting language and removing examples For OAI#513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (OAI#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (OAI#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (OAI#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (OAI#2181) * HTTP not REST (OAI#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (OAI#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (OAI#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (OAI#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (OAI#2246) * Update version for release (OAI#2269) * $schema Guidance (OAI#2266) * chore: explain how $schema might work * reordered and made it specifically only schema resources * Update versions/3.1.0.md Co-authored-by: Karen Etheridge <ether@cpan.org> * Update versions/3.1.0.md Co-authored-by: Ben Hutton <relequestual@gmail.com> * new approach Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> * v3.1.0: rephrase data-type section because `format` keyword can be used for any data type. (OAI#2302) * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * Added change to address OAI#2287 (OAI#2328) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * Make Server Variable Object's properties more strict (OAI#2335) Followup to OAI#1809, now that we allow breaking changes. * docs(Components): fix typo in schemas field type (OAI#2337) * Fix indentation of a YAML comment * Removed required constraint on responses object (OAI#2329) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * 3.1.0-rc1 Release prep (OAI#2369) * Update 3.1.0.md * Merge branch 'master' into v3.1.0-dev Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> Co-authored-by: Sebastien Rosset <serosset@cisco.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Vladimir Gorej <vladimir.gorej@gmail.com> Co-authored-by: Helen Kosova <helen.kosova@smartbear.com>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (OAI#1779) * Fix: OAI#832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (OAI#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (OAI#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (OAI#2103) * Add webhooks as a top-level element to the spec * Add the changes from OAI#2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (OAI#2115) This adapts the language from PR OAI#2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (OAI#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (OAI#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (OAI#2152) * Add SPDX identifier field to license object, fixes OAI#1599 (OAI#2105) * Add information about objects to the description too * Make paths object optional (OAI#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (OAI#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (OAI#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (OAI#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (OAI#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for OAI#1830. (OAI#1831) * Proposed fix for OAI#1830. Each variable expression in a path must have a corresponding path parameter. * OAI#1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update OAI#1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (OAI#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (OAI#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in OAI#1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue OAI#1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (OAI#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (OAI#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (OAI#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix OAI#2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (OAI#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (OAI#1888) * Referencing issue OAI#513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For OAI#513, adjusting language and removing examples For OAI#513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (OAI#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (OAI#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (OAI#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (OAI#2181) * HTTP not REST (OAI#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (OAI#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (OAI#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (OAI#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (OAI#2246) * x-oas- to x-oai- (v3.1.0-dev) * Update version for release (OAI#2269) * $schema Guidance (OAI#2266) * chore: explain how $schema might work * reordered and made it specifically only schema resources * Update versions/3.1.0.md Co-authored-by: Karen Etheridge <ether@cpan.org> * Update versions/3.1.0.md Co-authored-by: Ben Hutton <relequestual@gmail.com> * new approach Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> * x-oai- / x-oas-; reserve both * v3.1.0: rephrase data-type section because `format` keyword can be used for any data type. (OAI#2302) * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * Added change to address OAI#2287 (OAI#2328) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * Make Server Variable Object's properties more strict (OAI#2335) Followup to OAI#1809, now that we allow breaking changes. * docs(Components): fix typo in schemas field type (OAI#2337) * Fix indentation of a YAML comment * Removed required constraint on responses object (OAI#2329) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * 3.1.0-rc1 Release prep (OAI#2369) * Update 3.1.0.md * Merge branch 'master' into v3.1.0-dev * Added words relating to adopting semantics of JSON Schema (OAI#2330) * Added words relating to adopting semantics of JSON Schema * Update versions/3.1.0.md Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * fix typo in release history table * fix link to style values in serialization table * Fix misspelling of a keyword in text (OAI#2389) * Update wording that referred to the year 2019 as the current year (OAI#2390) * Added link to JSON Schema Validation docs explain which formats are included in JSON Schema (OAI#2394) * Added link to JSON Schema Validation docs explain which formats are included in JSON Schema * Update verbiage to be more accurate Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md (OAI#2405) Improve wording about 'summary' and 'description' in Reference Object * long descriptions are cool too (OAI#2408) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Unescaped Slashes Aint Welcome Around 'Ere (OAI#2218) * oas 3.0 doesn't mention slashes not allowed * none of those either Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Add missing field and use same summaries in Request Body Examples. (OAI#2362) * Add missing schema type in Operation Object YAML Example. (OAI#2361) * OAS schema dialect clarifications (OAI#2399) * OAS schema dialect clarifications * OAS schema dialect clarifications Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * $schema is allowed in subschemas when bundling Co-authored-by: Ben Hutton <relequestual@gmail.com> * Schema dialect clarifications from Ben Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Use top-level jsonSchemaDialect field Co-authored-by: Ben Hutton <relequestual@gmail.com> * Update JSON Schema Draft to 2020-12 and make $ref resolution rules explicit (OAI#2437) * fix http link to json-schema.org Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix http link to spec.commonmark.org Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Specify rules for $ref resolution Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Specify relative resolution rules for pathItem $ref and example externalValue Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update JSON Schema draft links to 2020-12 IETF pages Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make language about 'MUST be in the form of a ...' consistent Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make it clear pathItem $refs don't need to be external now Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make RFC links consistent with regard to spacing Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Allow a URI for example.externalValue fields This makes it fall under the rules for relative references. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explicitly call out $ref as a Relative Reference * Remove wording about what implementations SHOULD/MAY do with a $ref * Prefer 'referenced document' to 'referrant document' for clarity * Fix JSON Schema $ref resolution fallback rule * Add links back to #relativeReferences definition * Split #relativeReferences definition into URL and URI sections Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clean-up wording about $refs in responsesObjects, fixes OAI#1679 (OAI#2442) * Clean-up wording about $refs in responsesObjects, fixes OAI#1679 * Agreed to remove explicit verbiage around $refs in responseObjects, fixes OAI#1679 * fix: two typos in versions/3.1.0.md (OAI#2452) * Fix, clarify, and simplify content type schemas (OAI#2351) * Fix, clarify, and simplify content type schemas This fixes OAI#2349, which caught that an encoded PNG image is encoded into a text media type. In the process I realized some other errors, and simplified things. * HTTP `Content-Type` is always handled by OAS * Media Type Object key in most cases * Encoding object (possibly inferred from schema) in `multipart/form-data` * HTTP-level `Content-Encoding` is always handled by the OAS Header Object * JSON Schema "content*" is used for embedding one media type into another * the encoded resource is of media type `text/plain` * `"contentMediaType"` is the embedded media type after decoding * `"contentEncoding"` is how to encode/decode binary to/from text This removes any chance of `"contentMediaType"` conflicting with the Media Type Object key or with `contentType` in the Encoding Object, as they now always do different things. Likewise, the HTTP `Content-Encoding` header (with values like gzip, deflate, etc.) does different things than `"contentEncoding"` (which has values like base64, base64url, quoted-printable, etc.). The deprecated part header `Content-Transfer-Encoding` is likewise handled in the Encoding Object, but is probably never used. * Fix Content-Type to indicate semantics ...rather than literal content format on the wire. * Update 3.1.0.md Fixed a typo and changed a SHOULD to MAY. * Update versions/3.1.0.md * clarify default encoding content type value. * Describe interaction between JSON Schema contentEncoding and HTTP Content-Encoding header Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> * 3.1.0 release prep (OAI#2461) * 3.1.0 release prep * Update README.md * reframing `user` as `author` (OAI#2463) Per comment in review, authors determine whether a spec is a single or multipart document. Those who consume the spec care more about the information itself and less (or not at all directly) about how it was assembled. * fixed the dash character Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> Co-authored-by: Sebastien Rosset <serosset@cisco.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Vladimir Gorej <vladimir.gorej@gmail.com> Co-authored-by: Helen Kosova <helen.kosova@smartbear.com> Co-authored-by: Deven Phillips <InfoSec812@users.noreply.github.com> Co-authored-by: Vladimir <greatvovan@gmail.com> Co-authored-by: Quint Daenen <me@di-wu.be>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (OAI#1779) * Fix: OAI#832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (OAI#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (OAI#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (OAI#2103) * Add webhooks as a top-level element to the spec * Add the changes from OAI#2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (OAI#2115) This adapts the language from PR OAI#2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (OAI#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (OAI#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (OAI#2152) * Add SPDX identifier field to license object, fixes OAI#1599 (OAI#2105) * Add information about objects to the description too * Make paths object optional (OAI#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (OAI#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (OAI#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (OAI#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (OAI#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for OAI#1830. (OAI#1831) * Proposed fix for OAI#1830. Each variable expression in a path must have a corresponding path parameter. * OAI#1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update OAI#1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (OAI#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (OAI#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in OAI#1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue OAI#1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (OAI#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (OAI#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (OAI#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix OAI#2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (OAI#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (OAI#1888) * Referencing issue OAI#513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For OAI#513, adjusting language and removing examples For OAI#513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (OAI#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (OAI#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (OAI#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (OAI#2181) * HTTP not REST (OAI#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (OAI#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (OAI#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (OAI#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (OAI#2246) * Update version for release (OAI#2269) Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (OAI#1779) * Fix: OAI#832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (OAI#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (OAI#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (OAI#2103) * Add webhooks as a top-level element to the spec * Add the changes from OAI#2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (OAI#2115) This adapts the language from PR OAI#2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (OAI#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (OAI#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (OAI#2152) * Add SPDX identifier field to license object, fixes OAI#1599 (OAI#2105) * Add information about objects to the description too * Make paths object optional (OAI#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (OAI#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (OAI#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (OAI#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (OAI#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for OAI#1830. (OAI#1831) * Proposed fix for OAI#1830. Each variable expression in a path must have a corresponding path parameter. * OAI#1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update OAI#1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (OAI#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (OAI#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in OAI#1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue OAI#1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (OAI#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (OAI#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (OAI#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix OAI#2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (OAI#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (OAI#1888) * Referencing issue OAI#513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For OAI#513, adjusting language and removing examples For OAI#513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (OAI#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (OAI#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (OAI#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (OAI#2181) * HTTP not REST (OAI#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (OAI#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (OAI#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (OAI#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (OAI#2246) * Update version for release (OAI#2269) * $schema Guidance (OAI#2266) * chore: explain how $schema might work * reordered and made it specifically only schema resources * Update versions/3.1.0.md Co-authored-by: Karen Etheridge <ether@cpan.org> * Update versions/3.1.0.md Co-authored-by: Ben Hutton <relequestual@gmail.com> * new approach Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> * v3.1.0: rephrase data-type section because `format` keyword can be used for any data type. (OAI#2302) * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * Added change to address OAI#2287 (OAI#2328) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * Make Server Variable Object's properties more strict (OAI#2335) Followup to OAI#1809, now that we allow breaking changes. * docs(Components): fix typo in schemas field type (OAI#2337) * Fix indentation of a YAML comment * Removed required constraint on responses object (OAI#2329) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * 3.1.0-rc1 Release prep (OAI#2369) * Update 3.1.0.md * Merge branch 'master' into v3.1.0-dev Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> Co-authored-by: Sebastien Rosset <serosset@cisco.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Vladimir Gorej <vladimir.gorej@gmail.com> Co-authored-by: Helen Kosova <helen.kosova@smartbear.com>

@handrews

* 3.1.0 prep * Update README * Allow specification extensions in discriminator object * Note that specification extensions beginning x-oas- are reserved * security; add mutualTLS securityScheme type * 832 add info.summary (OAI#1779) * Fix: OAI#832. Add info.summary. * Fix: summary is shord, description is verbose. Be consistent with other definitions of summary and description. * fix OIDC url and OAuth2 requirements Signed-off-by: Axel Nennker <axel.nennker@telekom.de> * Update Schema Object to proper JSON Schema * update vocab and arbitrary props * another go at arbitrary keywords * feedback from @handrews * Support style, explode, allowReserved encoding for multipart/form-data (OAI#2066) * Extend style, explode, allowReserved in encoding to multipart-formdata (OAI#2018) * Update versions/3.1.0.md Co-Authored-By: Ron <ron@swagger.io> * Replace details of multipart/form-data format with referce to RFC 7578 * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> * default should match json schema * removed json schema keyworld list, its just all of em. * redundant $ref reference * Correct Styles Values for spaceDelimited and pipeDelimited, as based on Style Examples, they support objects. * Add support for webhooks as a top-level element (OAI#2103) * Add webhooks as a top-level element to the spec * Add the changes from OAI#2048 and signpost webhooks * Add an example of webhooks * Relocate and expand on webhooks section following feedback * Better wording to describe expectations on API consumers * Clearer wording for why the paths element is here * Update language to make callbacks clearer * Align the OAS 3.1 nullable language with the 3.0.3 (OAI#2115) This adapts the language from PR OAI#2046, with minimal wording tweaks to account for type now being able to have multiple values (type arrays). * allow, but discourage, requestBody for GET, HEAD, DELETE (OAI#2117) * Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 (OAI#2107) * Checkpoint of draft * Fix typo. Co-Authored-By: Darrel <darrmi@microsoft.com> * Fix plural anchor Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> * Remove superfluous specification Co-Authored-By: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Fix table cell formatting containing `nullable` description (OAI#2152) * Add SPDX identifier field to license object, fixes OAI#1599 (OAI#2105) * Add information about objects to the description too * Make paths object optional (OAI#1781) * Make paths object optional * Adding reusable Path Item Objects Under `components` * Adopt DM's suggested change to OpenAPI doc definition * Cleanup use of specification and definition where we mean document * multipartite>composite, define ACL * Add ' | Reference Object' to callbacks/webhooks Co-authored-by: Ron <ron@swagger.io> * Fwd port v3.0.3 dev to v3.1.0 dev (OAI#2163) * fix typo in Callback Object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * retain typo in v3.0.2; fix for v3.0.3 (OAI#1899) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify empty Security Requirement Object usage and validity (OAI#1886) * Clarify empty Security Requirement Object usage and validity * Reorder sentences to make clearer. * Remove wrong text. * Removed unneeded text. Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Ron's wording for Darrels feedback Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * ted updates Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Replace 'application' by 'API' within the 'Info Object' definition. (OAI#2004) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Path Templating Clarification - proposed fix for OAI#1830. (OAI#1831) * Proposed fix for OAI#1830. Each variable expression in a path must have a corresponding path parameter. * OAI#1830 - Removed 'at least once' to defer the question about repeated references to a single path parameter. * Update OAI#1830 fix with suggestion from Darrel @darrelmiller suggestions we use "template expression" instead of "variable expression" to align with RFC6570. Good idea. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * yaml.org supports https, but www.yaml.org is misconfigured Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Updated text for OperationRef Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix a typo in the Security Filtering section (OAI#1837) * fix a typo in the Security Filtering section * Security filtering slight reword Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make ABNF for runtime expressions complete Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explain unclear semantics of property `$ref` in Path Item Object (OAI#1964) * Explain unclear semantics of property `$ref` in Path Item Object Currently, as explained in OAI#1038 (comment) the description of `$ref` in [Path Item Object](https://github.com/OAI/OpenAPI-Specification/blob/3.0.2/versions/3.0.2.md#pathItemObject) is unclear about the semantics behing it. I took the explaination from issue OAI#1038 to make it more clear. * Update versions/3.1.0.md Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify constraints on Security Scheme Object Scheme Property (OAI#1880) * Wording around scheme extensions * Clarified that securitySchemeScheme is only a SHOULD be registered scheme Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix difference between yaml and json in Response Object Examples Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Server Variable Object clarifications (OAI#1809) * Server Variable Object clarifications * Toned language down for proper semver versioning Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.0.3 for release (OAI#2149) * Update README.md for release * Update release date for 3.0.3 Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-Authored-By: Darrel <darrmi@microsoft.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * explicit 'forward slash' Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix OAI#2053: `style` keyword is not supported inside Schema object Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * OpenAPI not Open API Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * backticks Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * minor clarification for operationId usage in link objects (OAI#1733) * minor clarification it's a bit confusing that both the id and the reference are called "operationId", so this tweak makes the text a bit more explicit. * use right terminology Co-Authored-By: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md fixed typo Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Removed confusing comment Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clarify the spec to allow optional or unspecified OAuth scopes (OAI#1888) * Referencing issue OAI#513. Clarify the spec to accommodate OAuth schemes where scope may be unspecified (optional scope) or where scope is not used at all. * Removed the provision for default scope represented as empty string. This introduces some ambiguities in the Security Requirement Object that would need to be addressed. * For OAI#513, adjusting language and removing examples For OAI#513, adjusting language and removing examples as suggested by @webron. * removed unnecessary example header Co-authored-by: Ron <ron@swagger.io> Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * The examples keyword is not supported inside schema (OAI#2042) * examples not supported inside schema * figured it out * a tiny little edit Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix 'Security Scheme Object' definition with OAuth 2.0 grant types. (OAI#2006) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Fix formatting errors in example (OAI#2132) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Ron <ron@swagger.io> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Darrel Miller <darrmi@microsoft.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> * security; widen use of scopes array to other securityScheme types (OAI#1829) Co-authored-by: Ron <ron@swagger.io> * Allow summary and description as $ref siblings (OAI#2181) * HTTP not REST (OAI#1946) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Missing updates While going over the changes for the release notes, found two issues: - The TOC entry for `Relative references in URIs` was not modified to match the change in the spec. - The `Paths Object` had an extra sentence that should have not been there (referencing sub-documents and overlays). * Remove boolean compatibility for exclusive* (OAI#2226) This brings exclusiveMinimum, exclusiveMaximum, minimum, and maximum, into full modern JSON Schema compatibility. There are no edits directly mentioning minimum and maximum, but removing the boolean form simplifies their processing by making it context-independent. * Update "format" and "content*" for new JSON Schema (OAI#2200) * Update "format" and "content*" for new JSON Schema This removes OAS formats and examples that are now superfluous as they are part of the 2019-09 JSON Schema draft. Similarly it deprecates the "byte" and "binary" formats in favor of JSON Schema's "contentEncoding" and "contentMediaType" keywords, and updates various related exapmles and other guidance. It also removes confusingly blank rows in the OAS format table. * "format" is an annotation * Fix broken table, type, in Encoding Object Broke some things while updating for "content*" * Fix format of `format` Backticks, not double quotes. * Remove unneeded detail on "format" This was just duplicating info from the JSON Schema spec. Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "byte" and "binary" formats altogether. Instead of just deprecating. The "content*" keywords now cover these use cases. * Harmonize JSON Schema content* + Media Type Object Includes harmonizing with the Encoding Object. In general, OpenAPI objects set the media type, although there is a case for `contentMediaType` with multipart/form-data. Otherwise, `contentEncoding` replaces the now-removed custom formats. A possibly controversial change is to indicate unencoded binary data by omitting `type` (or omitting the schema altogether), as binary data does not conform to JSON string requirements. This could still be done with `type: string` if that is preferred. It's going to be a bit weird either way. I can add wording in the next JSON Schema draft to clarify whichever approach makes more sense. * Fix typos from review * Remove stray {} * Fix inconsistencies contentMediaType and Encoding Object Co-authored-by: Darrel <darrmi@microsoft.com> * [3.1.0-dev] drop OAS semver requirement (OAI#2243) * drop OAS semver requirement * Update versions/3.1.0.md Co-authored-by: Darrel <darrmi@microsoft.com> * Remove "nullable" entirely (OAI#2246) * x-oas- to x-oai- (v3.1.0-dev) * Update version for release (OAI#2269) * $schema Guidance (OAI#2266) * chore: explain how $schema might work * reordered and made it specifically only schema resources * Update versions/3.1.0.md Co-authored-by: Karen Etheridge <ether@cpan.org> * Update versions/3.1.0.md Co-authored-by: Ben Hutton <relequestual@gmail.com> * new approach Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> * x-oai- / x-oas-; reserve both * v3.1.0: rephrase data-type section because `format` keyword can be used for any data type. (OAI#2302) * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * The JSON schema specification states the format keyword can be used for any data type, not just primitive types * Added change to address OAI#2287 (OAI#2328) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * Make Server Variable Object's properties more strict (OAI#2335) Followup to OAI#1809, now that we allow breaking changes. * docs(Components): fix typo in schemas field type (OAI#2337) * Fix indentation of a YAML comment * Removed required constraint on responses object (OAI#2329) Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> * 3.1.0-rc1 Release prep (OAI#2369) * Update 3.1.0.md * Merge branch 'master' into v3.1.0-dev * Added words relating to adopting semantics of JSON Schema (OAI#2330) * Added words relating to adopting semantics of JSON Schema * Update versions/3.1.0.md Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * Update versions/3.1.0.md Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * fix typo in release history table * fix link to style values in serialization table * Fix misspelling of a keyword in text (OAI#2389) * Update wording that referred to the year 2019 as the current year (OAI#2390) * Added link to JSON Schema Validation docs explain which formats are included in JSON Schema (OAI#2394) * Added link to JSON Schema Validation docs explain which formats are included in JSON Schema * Update verbiage to be more accurate Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> * Update 3.1.0.md (OAI#2405) Improve wording about 'summary' and 'description' in Reference Object * long descriptions are cool too (OAI#2408) Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Unescaped Slashes Aint Welcome Around 'Ere (OAI#2218) * oas 3.0 doesn't mention slashes not allowed * none of those either Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> * Add missing field and use same summaries in Request Body Examples. (OAI#2362) * Add missing schema type in Operation Object YAML Example. (OAI#2361) * OAS schema dialect clarifications (OAI#2399) * OAS schema dialect clarifications * OAS schema dialect clarifications Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * $schema is allowed in subschemas when bundling Co-authored-by: Ben Hutton <relequestual@gmail.com> * Schema dialect clarifications from Ben Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Use top-level jsonSchemaDialect field Co-authored-by: Ben Hutton <relequestual@gmail.com> * Update JSON Schema Draft to 2020-12 and make $ref resolution rules explicit (OAI#2437) * fix http link to json-schema.org Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * fix http link to spec.commonmark.org Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Specify rules for $ref resolution Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Specify relative resolution rules for pathItem $ref and example externalValue Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Update JSON Schema draft links to 2020-12 IETF pages Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make language about 'MUST be in the form of a ...' consistent Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make it clear pathItem $refs don't need to be external now Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Make RFC links consistent with regard to spacing Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Allow a URI for example.externalValue fields This makes it fall under the rules for relative references. Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Explicitly call out $ref as a Relative Reference * Remove wording about what implementations SHOULD/MAY do with a $ref * Prefer 'referenced document' to 'referrant document' for clarity * Fix JSON Schema $ref resolution fallback rule * Add links back to #relativeReferences definition * Split #relativeReferences definition into URL and URI sections Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Clean-up wording about $refs in responsesObjects, fixes OAI#1679 (OAI#2442) * Clean-up wording about $refs in responsesObjects, fixes OAI#1679 * Agreed to remove explicit verbiage around $refs in responseObjects, fixes OAI#1679 * fix: two typos in versions/3.1.0.md (OAI#2452) * Fix, clarify, and simplify content type schemas (OAI#2351) * Fix, clarify, and simplify content type schemas This fixes OAI#2349, which caught that an encoded PNG image is encoded into a text media type. In the process I realized some other errors, and simplified things. * HTTP `Content-Type` is always handled by OAS * Media Type Object key in most cases * Encoding object (possibly inferred from schema) in `multipart/form-data` * HTTP-level `Content-Encoding` is always handled by the OAS Header Object * JSON Schema "content*" is used for embedding one media type into another * the encoded resource is of media type `text/plain` * `"contentMediaType"` is the embedded media type after decoding * `"contentEncoding"` is how to encode/decode binary to/from text This removes any chance of `"contentMediaType"` conflicting with the Media Type Object key or with `contentType` in the Encoding Object, as they now always do different things. Likewise, the HTTP `Content-Encoding` header (with values like gzip, deflate, etc.) does different things than `"contentEncoding"` (which has values like base64, base64url, quoted-printable, etc.). The deprecated part header `Content-Transfer-Encoding` is likewise handled in the Encoding Object, but is probably never used. * Fix Content-Type to indicate semantics ...rather than literal content format on the wire. * Update 3.1.0.md Fixed a typo and changed a SHOULD to MAY. * Update versions/3.1.0.md * clarify default encoding content type value. * Describe interaction between JSON Schema contentEncoding and HTTP Content-Encoding header Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> * 3.1.0 release prep (OAI#2461) * 3.1.0 release prep * Update README.md * reframing `user` as `author` (OAI#2463) Per comment in review, authors determine whether a spec is a single or multipart document. Those who consume the spec care more about the information itself and less (or not at all directly) about how it was assembled. * fixed the dash character Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Roberto Polli <robipolli@gmail.com> Co-authored-by: Axel Nennker <axel.nennker@telekom.de> Co-authored-by: Phil Sturgeon <me@philsturgeon.uk> Co-authored-by: Mike Kistler <mkistler@us.ibm.com> Co-authored-by: Darrel <darrmi@microsoft.com> Co-authored-by: Arhimenrius <arhimenrius@gmail.com> Co-authored-by: Lorna Jane Mitchell <lorna@lornajane.net> Co-authored-by: Henry Andrews <andrews_henry@yahoo.com> Co-authored-by: Alan Crosswell <alan@crosswell.us> Co-authored-by: Helen Kosova <hkosova@users.noreply.github.com> Co-authored-by: seiya <r108338@yahoo.co.jp> Co-authored-by: Adam Leventhal <ahl@transposit.com> Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> Co-authored-by: Patrice Krakow <patrice.krakow@gmail.com> Co-authored-by: Ted Epstein <ted.epstein@reprezen.com> Co-authored-by: Carsten Brandt <mail@cebe.cc> Co-authored-by: Sergej <sergej2705@users.noreply.github.com> Co-authored-by: nasa9084 <nasa.9084.bassclarinet@gmail.com> Co-authored-by: Erik Wilde <dret@users.noreply.github.com> Co-authored-by: Marsh Gardiner <marsh.gardiner@gmail.com> Co-authored-by: Phil Sturgeon <me@philsturgeon.com> Co-authored-by: Karen Etheridge <ether@cpan.org> Co-authored-by: Ben Hutton <relequestual@gmail.com> Co-authored-by: Sebastien Rosset <serosset@cisco.com> Co-authored-by: Darrel Miller <darrel.miller@microsoft.com> Co-authored-by: Vladimir Gorej <vladimir.gorej@gmail.com> Co-authored-by: Helen Kosova <helen.kosova@smartbear.com> Co-authored-by: Deven Phillips <InfoSec812@users.noreply.github.com> Co-authored-by: Vladimir <greatvovan@gmail.com> Co-authored-by: Quint Daenen <me@di-wu.be>

webron previously requested changes Jan 15, 2020

View reviewed changes

MikeRalphson mentioned this pull request Jan 15, 2020

Open TSC Meeting - January 16th 2020 #2104

Closed

lornajane added 4 commits January 15, 2020 20:52

Add webhooks as a top-level element to the spec

eefdc69

Add the changes from OAI#2048 and signpost webhooks

ca5a8af

Add an example of webhooks

7ba4b08

Relocate and expand on webhooks section following feedback

98e8617

lornajane force-pushed the add-webhooks branch from 78c0e37 to 98e8617 Compare January 15, 2020 21:04

darrelmiller approved these changes Jan 16, 2020

View reviewed changes

MikeRalphson approved these changes Jan 16, 2020

View reviewed changes

lornajane added 3 commits January 16, 2020 17:11

Better wording to describe expectations on API consumers

b3ed2d4

Clearer wording for why the paths element is here

db714c4

Update language to make callbacks clearer

3fb1bff

darrelmiller merged commit 61f9d7e into OAI:v3.1.0-dev Jan 16, 2020

fmvilas reviewed Jan 20, 2020

View reviewed changes

hkosova mentioned this pull request Mar 3, 2020

Callbacks without a subscription API call #1968

Closed

This was referenced Jul 24, 2020

Webhooks support OAS 3.1 Redocly/redoc#1327

Closed

Webhooks support OAS 3.1 Apicurio/apicurio-studio#1224

Open

PhilYue mentioned this pull request Oct 28, 2020

v3.1.0-rc1 Release (#2370) PhilYue/OpenAPI-Specification#1

Merged

philsturgeon mentioned this pull request Nov 12, 2020

long descriptions are cool too #2408

Merged

huan mentioned this pull request Aug 22, 2021

Enable Event Streaming for RESTful API wechaty/openapi#20

Open

snyk-bot mentioned this pull request Jan 30, 2022

[Snyk] Upgrade yargs from 12.0.5 to 17.3.1 Manny27nyc/OpenAPI-Specification#1

Open

snyk-bot mentioned this pull request Jun 4, 2022

[Snyk] Upgrade yargs from 12.0.5 to 17.5.0 goshippo/OpenAPI-Specification#1

Open

lornajane mentioned this pull request Feb 29, 2024

Define process for the "proposals" directory #3527

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add support for webhooks as a top-level element #2103

Add support for webhooks as a top-level element #2103

lornajane commented Jan 14, 2020

lornajane commented Jan 14, 2020

webron left a comment

webron Jan 15, 2020

lornajane Jan 15, 2020

MikeRalphson Jan 16, 2020

lornajane Jan 16, 2020

MikeRalphson Jan 16, 2020

fmvilas Jan 20, 2020

Add support for webhooks as a top-level element #2103

Add support for webhooks as a top-level element #2103

Conversation

lornajane commented Jan 14, 2020

lornajane commented Jan 14, 2020

webron left a comment

Choose a reason for hiding this comment

webron Jan 15, 2020

Choose a reason for hiding this comment

lornajane Jan 15, 2020

Choose a reason for hiding this comment

MikeRalphson Jan 16, 2020

Choose a reason for hiding this comment

lornajane Jan 16, 2020

Choose a reason for hiding this comment

MikeRalphson Jan 16, 2020

Choose a reason for hiding this comment

fmvilas Jan 20, 2020

Choose a reason for hiding this comment