Fix: Fix revision commit endpoints silently discard unknown fields in…

[justin212407]

Summary

What changed:
Set model_config = ConfigDict(extra="forbid") on WorkflowRevisionData in both:

• sdks/python/agenta/sdk/models/workflows.py (SDK mirror)
• api/oss/src/core/workflows/dtos.py (server-side wrapper)

This causes Pydantic to reject unknown fields in the data payload during revision commit, returning HTTP 422 with a validation error naming the offending field.

Why:
Fixes issue #4315: revision commit endpoints (POST /{applications,workflows,evaluators}/revisions/commit) silently discarded unknown top-level fields inside data (e.g., the legacy ag_config wrapper), while still returning HTTP 200 with count: 1, creating a false sense of success. Users had no signal that their data was lost.

What problem it solves:

• Prevents silent data loss: callers now get immediate feedback (422) if they POST with a stale envelope
• Maintains consistency: all five domains sharing WorkflowRevisionData (applications, workflows, evaluators, testsets, queries) now reject unknown fields uniformly
• Enables graceful client migration: SDKs and tools can detect the 422 and update their payloads

Testing

Verified locally

• Confirmed WorkflowRevisionData with extra="forbid" rejects stale payloads:

  {
    "data": {
      "ag_config": {
        "prompt": { "messages": [{"role": "system", "content": "hi"}] }
      }
    }
  }

  Returns HTTP 422 with ag_config named in the validation error.
• Confirmed valid payloads with data.parameters continue to work (HTTP 200, count: 1).

Added or updated tests

Added regression test test_commit_application_revision_rejects_unknown_data_field in api/oss/tests/pytest/acceptance/applications/test_application_variants_and_revisions.py:

• POSTs stale shape with ag_config to /applications/revisions/commit
• Asserts HTTP 422 response
• Asserts ag_config appears in the error detail

This covers applications; workflows and evaluators inherit the same DTO and will behave identically. Testsets and queries have their own RevisionData DTOs and would require separate test additions (out of scope for this PR per issue guidance).

Demo

Before:

After:

Checklist

• No UI changes (N/A for demo)
• Relevant tests pass locally (ready to verify)
• Relevant linting and formatting pass locally (ready to verify)
• I have signed the CLA

---

Related issues

• Revisions commit endpoints silently discard unknown fields in data #4315 — Revisions commit endpoints silently discard unknown fields in data
• Tracing: query↔ingest schema asymmetry on ag.metrics.duration.cumulative #4172 — Tracing: query↔ingest schema asymmetry on ag.metrics.duration.cumulative
• Tracing ingest: per-span validation errors drop the whole batch instead of landing in unsupported #4173 — Tracing ingest: per-span validation errors drop the whole batch instead of landing in unsupported
• POST /testsets/revisions/{id}/upload silently fails when testset_id is not set on the commit #4176 — POST /testsets/revisions/{id}/upload silently fails when testset_id is not set on the commit

Files Changed

• sdks/python/agenta/sdk/models/workflows.py — Added model_config = ConfigDict(extra="forbid") to WorkflowRevisionData
• api/oss/src/core/workflows/dtos.py — Wrapped SDK WorkflowRevisionData with explicit ConfigDict(extra="forbid")
• api/oss/tests/pytest/acceptance/applications/test_application_variants_and_revisions.py — Added regression test for unknown field rejection

[vercel]

@justin212407 is attempting to deploy a commit to the agenta projects Team on Vercel.

A member of the Team first needs to authorize it.

[CLAassistant]

All committers have signed the CLA.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: f6a87d04-aa86-4931-8e45-2f088b7bfc0c

📥 Commits

Reviewing files that changed from the base of the PR and between 03766e7 and bb3ce13.

📒 Files selected for processing (3)

• api/oss/src/core/queries/dtos.py
• api/oss/src/core/testsets/dtos.py
• api/oss/src/core/workflows/dtos.py

---

📝 Walkthrough

Summary by CodeRabbit

• Bug Fixes
  • Enhanced validation across workflow, query, and testset data models to reject unexpected or malformed inputs, improving data integrity and error handling.

Walkthrough

This PR enforces strict Pydantic validation across revision data models in both the SDK and API layers by adding model_config = ConfigDict(extra="forbid") to WorkflowRevisionData, QueryRevisionData, and TestsetRevisionData, rejecting unknown fields during payload parsing.

Changes

Strict validation enforcement

Layer / File(s)	Summary
SDK model strict validation contract sdks/python/agenta/sdk/models/workflows.py	WorkflowRevisionData adds model_config = ConfigDict(extra="forbid") to reject unknown fields during SDK-level validation.
API DTO enforcement across revision types api/oss/src/core/workflows/dtos.py, api/oss/src/core/queries/dtos.py, api/oss/src/core/testsets/dtos.py	Each API DTO file imports ConfigDict and configures its respective RevisionData model (WorkflowRevisionData, QueryRevisionData, TestsetRevisionData) with extra="forbid", including a local WorkflowRevisionData subclass in the workflows DTO to apply the strict config.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related issues

• Revisions commit endpoints silently discard unknown fields in data #4315: PR directly addresses the root cause by adding ConfigDict(extra="forbid") to revision data models, preventing silent field drops and enforcing strict payload validation across SDK and API layers.

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 33.33% which is insufficient. The required threshold is 60.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title refers to a core part of the change but is incomplete/truncated ('Fix: Fix revision commit endpoints silently discard unknown fields in…'), obscuring the full context of what is being fixed.	Complete the title to clearly indicate the fix, e.g., 'Fix revision commit endpoints silently discarding unknown fields in data payload' or 'Add extra=forbid validation to revision data models'.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description comprehensively explains the changes, motivation, affected files, testing approach, and includes visual demonstrations of the before/after behavior.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR tightens validation for workflow revision data payloads so unknown fields are rejected instead of silently discarded during commit operations.

Changes:

• Adds extra="forbid" to SDK WorkflowRevisionData.
• Adds a server-side strict WorkflowRevisionData wrapper.
• Adds an application revision regression test for stale ag_config payloads returning 422.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
sdks/python/agenta/sdk/models/workflows.py	Makes SDK workflow revision data reject unknown fields.
api/oss/src/core/workflows/dtos.py	Makes server workflow revision data reject unknown fields.
api/oss/tests/pytest/acceptance/applications/test_application_variants_and_revisions.py	Adds an acceptance test for application revision commit validation.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[justin212407]

@jp-agenta Could you review these changes once you are free?

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.