Severity: HIGH
Location: src/lib/input_schema.ts:328-350
Parent: #1188
Problem
getAjvValidator deep-clones the schema into copyOfSchema (line 329), then the mutation loop iterates the original inputSchema.properties and sets inputSchemaField.minItems = Math.max(1, …) on the original object — but the validator is compiled from copyOfSchema (line 349). The minItems constraint therefore never reaches the compiled validator, so required array fields accept empty arrays. As a side effect, the caller's schema object is silently mutated.
Impact
Any Actor with a required array input field passes validation with an empty array in apify run / apify call (validator used at src/commands/run.ts:526,563,609).
Suggested fix
Iterate copyOfSchema.properties in the mutation loop so the minItems change lands on the schema that is actually compiled.
Generated by an ultra code review.
Severity: HIGH
Location:
src/lib/input_schema.ts:328-350Parent: #1188
Problem
getAjvValidatordeep-clones the schema intocopyOfSchema(line 329), then the mutation loop iterates the originalinputSchema.propertiesand setsinputSchemaField.minItems = Math.max(1, …)on the original object — but the validator is compiled fromcopyOfSchema(line 349). TheminItemsconstraint therefore never reaches the compiled validator, so required array fields accept empty arrays. As a side effect, the caller's schema object is silently mutated.Impact
Any Actor with a required array input field passes validation with an empty array in
apify run/apify call(validator used atsrc/commands/run.ts:526,563,609).Suggested fix
Iterate
copyOfSchema.propertiesin the mutation loop so theminItemschange lands on the schema that is actually compiled.Generated by an ultra code review.