Skip to content

docs: remove reference to merged upstream json-patch PR in jsonx #1275

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
telegraphchi wants to merge 2 commits into
base: master
Choose a base branch
from
+5 −2
Open

docs: remove reference to merged upstream json-patch PR in jsonx #1275

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
378af7f
docs: remove reference to merged upstream json-patch PR in jsonx
telegraphchi Jun 17, 2026
ca75ce2
fix(docker): copy rpctest and oryx go.sum before go mod download
telegraphchi Jun 19, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion .docker/Dockerfile-build
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,9 @@ RUN apt-get update && apt-get upgrade -y
COPY go.mod go.mod
COPY go.sum go.sum
COPY oryx/go.mod oryx/go.mod
COPY oryx/go.sum proto/go.sum
COPY oryx/go.sum oryx/go.sum
COPY middleware/rpctest/go.mod middleware/rpctest/go.mod
COPY middleware/rpctest/go.sum middleware/rpctest/go.sum

ENV CGO_ENABLED=0

Expand Down
3 changes: 2 additions & 1 deletion oryx/jsonx/patch.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,8 @@ func ApplyJSONPatch[T any](p json.RawMessage, object T, denyPaths ...string) (re
}

for _, op := range patch {
// Some operations are buggy, see https://github.com/evanphx/json-patch/pull/158
// Only "add", "remove", and "replace" operations are supported; "move",
// "copy", and "test" are intentionally rejected.
Comment on lines +63 to +64

@coderabbitai coderabbitai Bot Jun 17, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, locate and read the API contract file
echo "=== Checking oryx/openapix/jsonpatch.go ==="
if [ -f "oryx/openapix/jsonpatch.go" ]; then
  wc -l oryx/openapix/jsonpatch.go
  echo "--- Lines 1-50 of oryx/openapix/jsonpatch.go ---"
  head -50 oryx/openapix/jsonpatch.go | cat -n
else
  echo "File not found at oryx/openapix/jsonpatch.go"
  find . -name "jsonpatch.go" -type f
fi

Repository: ory/oathkeeper

Length of output: 1606

🏁 Script executed:

# Read the implementation file to verify opAllowList and error handling
echo "=== Checking oryx/jsonx/patch.go ==="
if [ -f "oryx/jsonx/patch.go" ]; then
  wc -l oryx/jsonx/patch.go
  echo "--- Lines 1-80 of oryx/jsonx/patch.go ---"
  head -80 oryx/jsonx/patch.go | cat -n
else
  echo "File not found at oryx/jsonx/patch.go"
  find . -name "patch.go" -type f
fi

Repository: ory/oathkeeper

Length of output: 2968

🏁 Script executed:

# Verify that there are no other usages or configurations that might support move/copy/test
echo "=== Searching for move/copy/test operation references ==="
rg "(move|copy|test)" oryx/jsonx/ -i --context=2

echo ""
echo "=== Checking if there are any comments or issues referencing the RFC 6902 restriction ==="
rg "RFC 6902|move|copy" --type go -i

Repository: ory/oathkeeper

Length of output: 38146

Document mismatch between API contract and implementation.

The new comment accurately documents what the code does. However, it reveals a cross-file contract/behavior mismatch: the API contract in oryx/openapix/jsonpatch.go (line 15) documents the JSONPatch.Op field as supporting "add", "remove", "replace", "move", "copy", and "test" per RFC 6902. Yet the implementation intentionally rejects move/copy/test operations (via opAllowList at lines 17–21 and the error at line 66).

API clients reading the JSONPatchDocument documentation would expect those six operations to be valid, but ApplyJSONPatch will reject them with "unsupported operation" errors. This mismatch could break integrations or confuse new API users.

Update the API contract in oryx/openapix/jsonpatch.go to clarify that only "add", "remove", and "replace" are actually supported.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@oryx/jsonx/patch.go` around lines 63 - 64, Update the API contract
documentation for the JSONPatch.Op field in the openapix/jsonpatch.go file
(around line 15) to clarify that only the three operations "add", "remove", and
"replace" are supported, rather than documenting all six RFC 6902 operations as
valid. This will align the API documentation with the actual implementation
behavior defined in the opAllowList and error handling in patch.go, preventing
confusion for API clients about which operations are actually supported.

if isUnsupported(op) {
return result, errors.Errorf("unsupported operation: %s", op.Kind())
}
Expand Down
Loading