chore(ci): bump API contract boundary route-count baseline to 884 by waleedlatif1 · Pull Request #5375 · simstudioai/sim · GitHub
Skip to content

chore(ci): bump API contract boundary route-count baseline to 884#5375

Merged
waleedlatif1 merged 1 commit into
stagingfrom
worktree-fix-ci-boundary-and-audit
Jul 2, 2026
Merged

chore(ci): bump API contract boundary route-count baseline to 884#5375
waleedlatif1 merged 1 commit into
stagingfrom
worktree-fix-ci-boundary-and-audit

Conversation

@waleedlatif1

Copy link
Copy Markdown
Collaborator

Summary

  • `check:api-validation:strict` was failing on staging HEAD itself (confirmed on commit a8f2709) because the pinned `BASELINE.totalRoutes`/`zodRoutes` (883) went stale — a legitimate new Zod-contract-compliant route merged without the required ratchet-bump step
  • Actual count is 884 total routes, 884 Zod-compliant, 0 non-Zod — pure headcount update, no policy violation, no route bypassed the contract boundary
  • Verified bun audit ("Security audit" step) is explicitly continue-on-error: true with a comment marking the advisory backlog as accepted tech debt pending separate triage — it was never actually blocking this or any other PR, despite showing up as a red X in the job's step list

Type of Change

  • CI/build fix

Testing

  • `bun run check:api-validation:strict` passes locally against origin/staging
  • `bun run apps/sim/scripts/check-block-registry.ts origin/staging` passes
  • `bun run scripts/check-migrations-safety.ts origin/staging` passes
  • lint clean

Checklist

  • Code follows project style guidelines
  • Self-reviewed my changes
  • Tests added/updated and passing
  • No new warnings introduced
  • I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

The pinned totalRoutes/zodRoutes baseline (883) went stale after a
legitimate new Zod-contract-compliant route merged without the
required ratchet bump, breaking check:api-validation:strict on
staging HEAD itself. Actual count is 884 total / 884 zod / 0 non-zod
routes — a pure headcount update, no policy violation.
@vercel

vercel Bot commented Jul 2, 2026

Copy link
Copy Markdown

@cursor

cursor Bot commented Jul 2, 2026

Copy link
Copy Markdown

PR Summary

Low Risk
Single CI baseline constant change with no runtime, auth, or API behavior impact.

Overview
Updates the pinned BASELINE in scripts/check-api-validation-contracts.ts so check:api-validation:strict matches the current API surface: totalRoutes and zodRoutes go from 883 to 884, with nonZodRoutes unchanged at 0.

This is a ratchet headcount bump only—no boundary-policy baseline or validation logic changes. CI was failing because a new Zod-compliant route landed without the required baseline update.

Reviewed by Cursor Bugbot for commit fd8ce6c. Configure here.

@greptile-apps

greptile-apps Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

Bumps the BASELINE.totalRoutes and BASELINE.zodRoutes constants in the API contract validation script from 883 to 884 to re-sync CI with a legitimate new Zod-compliant route that landed on staging without the corresponding ratchet bump.

  • The script's --check enforcement fires only when totalRoutes > BASELINE.totalRoutes or nonZodRoutes > BASELINE.nonZodRoutes, so once a route merges and the actual count exceeds the pinned ceiling, every subsequent CI run on that branch fails until the baseline is updated — which is exactly what happened here.
  • nonZodRoutes remains at 0, confirming the new route is fully Zod-contract-compliant and no boundary policy was bypassed.

Confidence Score: 5/5

A two-line constant update to re-sync the CI ratchet with a Zod-compliant route already on staging — no logic, no new routes, no policy bypass.

The only change is incrementing two numeric literals in an as const baseline object. The nonZodRoutes boundary stays at 0, confirming the route that triggered this bump is fully Zod-contract-compliant. Nothing else in the script is touched.

No files require special attention.

Important Files Changed

Filename Overview
scripts/check-api-validation-contracts.ts Increments BASELINE.totalRoutes and BASELINE.zodRoutes from 883 → 884; all other ratchet values and boundary policy baselines are unchanged.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[CI: check:api-validation:strict] --> B[Walk apps/sim/app/api/** for route.ts]
    B --> C[Audit each route for Zod usage]
    C --> D{totalRoutes > BASELINE.totalRoutes?}
    D -->|Yes| E[FAIL: route count increased]
    D -->|No| F{nonZodRoutes > BASELINE.nonZodRoutes?}
    F -->|Yes| G[FAIL: non-Zod route introduced]
    F -->|No| H[PASS: audit clean]

    subgraph "This PR"
        I["BASELINE.totalRoutes: 883 → 884"]
        J["BASELINE.zodRoutes:  883 → 884"]
        K["BASELINE.nonZodRoutes: 0 (unchanged)"]
    end

    I & J & K --> D
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[CI: check:api-validation:strict] --> B[Walk apps/sim/app/api/** for route.ts]
    B --> C[Audit each route for Zod usage]
    C --> D{totalRoutes > BASELINE.totalRoutes?}
    D -->|Yes| E[FAIL: route count increased]
    D -->|No| F{nonZodRoutes > BASELINE.nonZodRoutes?}
    F -->|Yes| G[FAIL: non-Zod route introduced]
    F -->|No| H[PASS: audit clean]

    subgraph "This PR"
        I["BASELINE.totalRoutes: 883 → 884"]
        J["BASELINE.zodRoutes:  883 → 884"]
        K["BASELINE.nonZodRoutes: 0 (unchanged)"]
    end

    I & J & K --> D
Loading

Reviews (1): Last reviewed commit: "chore(ci): bump API contract boundary au..." | Re-trigger Greptile

@waleedlatif1 waleedlatif1 merged commit 3d1e8c4 into staging Jul 2, 2026
12 of 13 checks passed
@waleedlatif1 waleedlatif1 deleted the worktree-fix-ci-boundary-and-audit branch July 2, 2026 18:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant