Update API specifications with fern api update

[wintonzheng]

Update API specifications by running fern api update.

---

📋 This PR updates API specifications using the fern api update command, ensuring the API documentation and schema definitions are synchronized with the latest changes. This appears to be a routine maintenance update to keep API specifications current and consistent.

🔍 Detailed Analysis

Key Changes

• API Specification Update: Automated update of API specifications using Fern's tooling
• Schema Synchronization: Ensures API documentation matches current implementation
• Maintenance Operation: Routine update to maintain consistency between code and specifications

Technical Implementation

flowchart TD
    A[Developer runs 'fern api update'] --> B[Fern analyzes current API implementation]
    B --> C[Updates API specification files]
    C --> D[Generates updated documentation/schemas]
    D --> E[Commits changes to repository]

Loading

Impact

• Documentation Accuracy: Ensures API documentation reflects current implementation state
• Developer Experience: Provides up-to-date API specifications for consumers
• Consistency: Maintains alignment between code and API contracts

Analysis Limitations

• No Patch Content: The PR patch is empty, making it impossible to analyze specific file changes
• No Related Issues: No linked GitHub issues to provide context for the update
• Minimal Description: Limited information about what specific changes were made

Recommendations

• Review the actual file changes in the PR to understand what specifications were updated
• Verify that the updated specifications don't introduce breaking changes
• Consider adding more descriptive commit messages for future API updates

Created with Palmier

---

Important

Update API specifications by removing folder-related endpoints and models, adding secret credential models, and adjusting schema constraints.

• API Changes:
  • Removed folder-related endpoints (/v1/folders, /v1/folders/{folder_id}, /v1/workflows/{workflow_permanent_id}/folder) from skyvern_openapi.json.
  • Removed folder-related models (Folder, FolderCreate, FolderUpdate, UpdateWorkflowFolderRequest).
  • Added SecretCredential and SecretCredentialResponse models.
• Schema Adjustments:
  • Increased default timeout from 5000 to 10000 in multiple schemas.
  • Added hover to action types.
  • Added secret to CredentialType enum.
  • Adjusted confidence_float constraints to integers.
• Misc:
  • Reordered some response codes for consistency.

^{This description was created by for 0370c14. You can customize this summary. It will automatically update as commits are pushed.}

Summary by CodeRabbit

• New Features

  • Added support for storing and managing secret credentials alongside existing credential types
  • Introduced a new "hover" action type for automation workflows

• Changes

  • Removed folder management endpoints from the API
  • Increased default timeout values for text input, option selection, and file upload operations to improve reliability

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

OpenAPI schema update removing folder endpoints while introducing SecretCredential support with new schemas and CredentialType enums, adding "hover" to ActionType, increasing default timeouts from 5000 to 10000 milliseconds, and adjusting numeric constraints across action schemas.

Changes

Cohort / File(s)	Summary
Folder endpoint removal fern/openapi/skyvern_openapi.json	Removed /v1/folders endpoints and associated folder CRUD schemas (create, read, update, delete operations).
SecretCredential support fern/openapi/skyvern_openapi.json	Added SecretCredential and SecretCredentialResponse schemas; extended CredentialType enum to include "secret"; updated CredentialResponse union to include SecretCredential variant; extended CreateCredentialRequest to accept SecretCredential.
ActionType expansion fern/openapi/skyvern_openapi.json	Added "hover" as a new ActionType enum value across action type definitions.
Default timeout and constraint adjustments fern/openapi/skyvern_openapi.json	Increased default timeouts from 5000 to 10000 ms in InputTextAction, SelectOptionAction, UploadFileAction, and related action schemas; adjusted numeric boundaries (e.g., 1440.0 to 1440, 5.0 to 5).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Schema consistency: Verify SecretCredential is properly integrated across all credential-related schemas and discriminated unions
• Enum propagation: Confirm "secret" is added to CredentialType consistently in all affected locations and "hover" is correctly added to ActionType enums
• Default values: Check that timeout changes (5000 → 10000) are applied uniformly and numeric constraint adjustments are correct
• Endpoint removal: Ensure folder endpoint removal does not break dependent operations or references elsewhere in the schema

Possibly related PRs

• Additional changes for proper templating and masked storage of new Secret Credential type #4253: Implements runtime handling for SecretCredential support (payload/response mapping, Bitwarden integration, and templating) that pairs with this schema definition.
• Update API specifications with fern api update #3903: Updates SDK action schemas and ActionType discriminated unions alongside modifications to default values and constraints on action schemas like InputTextAction.
• Update API specifications with fern api update #3700: Modifies credential-related schemas in OpenAPI components, introducing credential type extensions similar to this PR's SecretCredential addition.

Suggested labels

sync

Suggested reviewers

• suchintan

Poem

🐰 A secret credential hops into view,
Hover actions dance where folders once grew,
Timeouts tick louder, from 5 to 10,
The OpenAPI schema evolves again! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title is too vague and generic. It merely describes running a command ('fern api update') rather than explaining what the actual changes accomplish or their purpose.	Revise the title to clearly describe the main changes (e.g., 'Add secret credential support and remove folder endpoints' or 'Extend credentials and actions with secret support and new hover action').

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch update-openapi-spec-2025-12-10T00-33-42-310Z

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 0370c14 in 2 minutes and 37 seconds. Click for details.

• Reviewed 831 lines of code in 1 files
• Skipped 0 files when reviewing.
• Skipped posting 10 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. fern/openapi/skyvern_openapi.json:857

• Draft comment:
  Removed folder endpoints and related schemas – this is a breaking change. Confirm that deprecation or migration strategy is in place.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the PR author to confirm that a deprecation or migration strategy is in place after removing a folder, which is not allowed by the rules. It does not provide a specific code suggestion or ask for a specific test to be written.

2. fern/openapi/skyvern_openapi.json:3871

• Draft comment:
  Added 'hover' action in the actions list. Ensure client support and documentation are updated accordingly.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the PR author to ensure that client support and documentation are updated, which falls under the rule of not asking the author to ensure things are tested or documented. This is not a specific code suggestion or a request for a test to be written.

3. fern/openapi/skyvern_openapi.json:5239

• Draft comment:
  Default timeout values have been increased from 5000 to 10000 ms in multiple endpoints. Verify that this change does not adversely affect client-side behavior.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is asking the PR author to verify that a change does not adversely affect client-side behavior, which falls under the rule of not asking the author to ensure behavior is intended or tested. It does not provide a specific suggestion or point out a specific issue with the code.

4. fern/openapi/skyvern_openapi.json:5793

• Draft comment:
  Normalized numeric limits for scheduling fields (e.g. 1440.0 → 1440 and 5.0 → 5) for consistency. Confirm that consumers expect integer values.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the author to confirm that consumers expect integer values after normalizing numeric limits. This is a request for confirmation, which violates the rule against asking the PR author to confirm their intention or ensure behavior is intended.

5. fern/openapi/skyvern_openapi.json:14680

• Draft comment:
  Normalized confidence_float bounds from 1.0/0.0 to 1/0. Ensure that this change does not affect any precision-dependent logic.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is suggesting to ensure that a change does not affect precision-dependent logic. This falls under asking the PR author to ensure behavior, which is against the rules. The comment does not provide a specific suggestion or point out a specific issue with the code.

6. fern/openapi/skyvern_openapi.json:11690

• Draft comment:
  New SecretCredential and SecretCredentialResponse schemas have been added for generic secret management. Verify integration with existing credential flows.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the PR author to verify integration with existing credential flows, which falls under the category of asking the author to ensure behavior is intended or tested. This violates the rules.

7. fern/openapi/skyvern_openapi.json:17880

• Draft comment:
  Expanded the CredentialType enum to include 'secret'. Ensure downstream components properly handle this new credential type.
• Reason this comment was not posted:
  Comment was not on a location in the diff, so it can't be submitted as a review comment.

8. fern/openapi/skyvern_openapi.json:14110

• Draft comment:
  Removed the UpdateWorkflowFolderRequest schema. Confirm that this removal is intentional and that workflows can update folder assignments through other means.
• Reason this comment was not posted:
  Comment looked like it was already resolved.

9. fern/openapi/skyvern_openapi.json:1148

• Draft comment:
  Reordered HTTP response codes in the timeline endpoint (400 now precedes 404). This reordering has no functional impact.
• Reason this comment was not posted:
  Confidence changes required: 0% <= threshold 50% None

10. fern/openapi/skyvern_openapi.json:1794

• Draft comment:
  Reordered HTTP response codes in the browser session endpoint (403, then 404, then 422). This change is purely cosmetic.
• Reason this comment was not posted:
  Confidence changes required: 0% <= threshold 50% None

Workflow ID: wflow_qyccPGD4ZjtMI0MH

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

fern/openapi/skyvern_openapi.json (1)

1153-1155: Add structured 404 response bodies for consistency.

These 404 entries only include descriptions. Consider returning a JSON error shape (Problem Details or HTTPValidationError) like other errors for consistent SDKs and better DX.

Also applies to: 1799-1801

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e953dad and 0370c14.

📒 Files selected for processing (1)

• fern/openapi/skyvern_openapi.json (14 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: CR
Repo: Skyvern-AI/skyvern PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-24T17:46:44.733Z
Learning: Include a clear description of changes in pull requests

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Run tests and pre-commit hooks

🔇 Additional comments (4)

fern/openapi/skyvern_openapi.json (4)

3873-3874: New ActionType "hover" — verify end-to-end support.

Ensure producers/consumers and SDK clients handle the new enum value (exhaustive switches may break). Add release notes and tests for serialization/deserialization.

---

5241-5241: Timeout defaults increased to 10s — align with infra and clients.

Confirm these 10,000 ms defaults match backend limits, API gateway/proxy timeouts, and SDK per-call timeouts to avoid premature aborts or hangs.

Also applies to: 9470-9470, 11840-11840, 14171-14171

---

5795-5797: Browser session timeout constraints now integer min/max — LGTM.

Inclusive 5–1440 minutes matches the description. No issues.

---

14680-14682: Probability bounds [0,1] — LGTM.

The inclusive min/max on confidence_float are appropriate.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

SecretCredential: add writeOnly, readOnly, and example to harden security and improve tooling.

To secure sensitive fields and enable proper SDK codegen:

• Add writeOnly: true to SecretCredential.secret_value (marks field write-only in requests).
• Add readOnly: true to SecretCredentialResponse.secret_label (marks field read-only in responses).
• Add example with credential_type: "secret" to CreateCredentialRequest (currently missing).
• Verify union discriminator in CreateCredentialRequest.credential and CredentialResponse.credential correctly routes secret credentials across SDK codegen.

The same pattern should apply to PasswordCredential and APIKeyCredential for consistency.

Also applies to: 6106-6109, 6141-6143, 11691-11740

🤖 Prompt for AI Agents

In fern/openapi/skyvern_openapi.json around lines 5842-5845 (and also apply
similar changes at 6106-6109, 6141-6143, and the broader range 11691-11740), the
OpenAPI schemas lack security annotations and examples for
secret/password/api-key credential variants; update the SecretCredential schema
to mark the sensitive field secret_value with "writeOnly": true and the
SecretCredentialResponse.secret_label with "readOnly": true, add an example
object with "credential_type": "secret" to CreateCredentialRequest, and ensure
the CreateCredentialRequest.credential and CredentialResponse.credential union
discriminators include the secret/password/apikey variants so codegen routes
correctly; apply the same writeOnly/readOnly and example patterns to
PasswordCredential and APIKeyCredential schemas for consistency and update any
discriminator mappings to reference the correct schema names.