Skip to content

Commonalities 8.0.0 alignment and fix validation warnings#57

Open
GillesInnov35 wants to merge 12 commits into
mainfrom
Commonalities-8.0.0-alignment-and-fix-validation-warnings
Open

Commonalities 8.0.0 alignment and fix validation warnings#57
GillesInnov35 wants to merge 12 commits into
mainfrom
Commonalities-8.0.0-alignment-and-fix-validation-warnings

Conversation

@GillesInnov35

Copy link
Copy Markdown
Contributor

Commonalities 8.0.0 alignment and fix validation warnings

What type of PR is this?

Add one of the following kinds:

  • enhancement/feature

What this PR does / why we need it:

align specifications with Commonalities 8.0.0 (include common artifacts reference) and fix validation warnings

Which issue(s) this PR fixes:

Fixes #56 and #51

Special notes for reviewers:

Changelog input

 release-note

Additional documentation

This section can be blank.

docs

@camara-validation

camara-validation Bot commented Jun 24, 2026

Copy link
Copy Markdown

CAMARA Validation — PASS (with warnings)

0 errors, 2 warnings, 19 hints | Profile: standard

View full results

@ToshiWakayama-KDDI

Copy link
Copy Markdown
Contributor

Thanks very much, @GillesInnov35 .

I have one quick question for clarification.

Between L.260 and L.366, maxLength has been added to each of the response parameters. I was wondering what the rationale is behind this. While adding maxLength to request parameters for security reasons makes perfect sense, doing the same for response parameters doesn't seem to have the same security justification.

Could you please clarify the intent, or point me to any related issues or discussions I should refer to?

Many thanks,
Toshi

@ToshiWakayama-KDDI

Copy link
Copy Markdown
Contributor

Hi @GillesInnov35 , Hi @fernandopradocabrillo ,
Can we proceed with this PR, as the M3 deadline has passed.

Thanks,

@ToshiWakayama-KDDI

Copy link
Copy Markdown
Contributor

Hi @GillesInnov35 , @fernandopradocabrillo ,
Regarding adding maxLength to the response parameters, I have reviewed API Design Guide, Commonalities past discussions, OWASP API Security Top 10 (2023) and so on, and now I understand it is needed. So my question above is cleared. I will approve this PR now.

Thanks,

@ToshiWakayama-KDDI ToshiWakayama-KDDI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks, @GillesInnov35 .

@GillesInnov35

Copy link
Copy Markdown
Contributor Author

thanks @ToshiWakayama-KDDI . @fernandopradocabrillo coudl you take a look at this PR and approve if OK. Many thanks

@ToshiWakayama-KDDI ToshiWakayama-KDDI self-requested a review July 6, 2026 07:43

@ToshiWakayama-KDDI ToshiWakayama-KDDI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @GillesInnov35 . LGTM.

@ToshiWakayama-KDDI

Copy link
Copy Markdown
Contributor

Thanks, @GillesInnov35 .
So you have just changed maxLength of idDocumentExpiryDate and birthdate from 16 to 10, which is fine with me.

I think I commented for either of kyc-match, kyc-fill-in, or Age Verification that we should wait for the Commonalities update (patch) regarding maxLength of date format, however, now I think we don't have to wait.

I will re-approve this PR right now. Thanks.

@ToshiWakayama-KDDI

Copy link
Copy Markdown
Contributor

Oh, @GillesInnov35 , you are doing with Issue #80 kyc-match as well. I think I should wait for a while.

@PedroDiez PedroDiez left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Main comments:

  • For Errors 400, 403, 404, 422 need to keep local references (using the ones from local copy of CAMARA_common.yaml, makes some error codes not designed to appear)

  • Suggest to use the same approach for Iso3166 alpha-2 fields as in KYC-Match

countryOfBirth:
type: string
description: Country where the customer was born. Format ISO 3166-1 alpha-2.
pattern: ^[A-Z]{2}$

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To be aligned makes sense to use the same approach as KYC-Match
camaraproject/KnowYourCustomerMatch#81

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Commonalities 8.0.0 alignment and fix validation warnings

3 participants