๐—œ ๐—ฆ๐˜๐—ผ๐—ฝ๐—ฝ๐—ฒ๐—ฑ ๐—™๐—ผ๐—น๐—น๐—ผ๐˜„๐—ถ๐—ป๐—ด ๐—”๐—ฃ๐—œ ๐—ฉ๐—ฎ๐—น๐—ถ๐—ฑ๐—ฎ๐˜๐—ถ๐—ผ๐—ป ๐—•๐—ฒ๐˜€๐˜ ๐—ฃ๐—ฟ๐—ฎ๐—ฐ๐˜๐—ถ๐—ฐ๐—ฒ๐˜€. ๐—›๐—ฒ๐—ฟ๐—ฒ'๐˜€ ๐—ช๐—ต๐˜†.

I used standard Symfony rules for years. The process was always the same:

It looked professional. It looked like the blog posts. It failed in the real world.

The problem is simple. The business did not know its data model.

Most API examples start with stable data. A customer has a name. An order has a status. This works when the model is known.

Large company projects are different. The business does not arrive with a complete model. Requirements change every few weeks. You add a field. Then you add more. Then a partner sends a different structure. Old clients still need old fields.

Every change created more work:

The code was clean. The API contract was unstable.

I was solving the wrong problem. I tried to model the business. I should have defined the API contract.

A contract answers one question: What payload is valid today?

It does not need to predict the future. It only describes the agreement between a client and a server.

I switched to JSON Schema. It does not care about DTOs or object hierarchies. It describes data. The schema says what is allowed. The application decides what to do.

I stopped pretending I knew the final model. I accepted the contract would evolve. Updating a contract is fast. You do not change a whole code structure. You do not change a DTO hierarchy. Only the contract changes.

Stable patterns emerge over time. Then it makes sense to create domain concepts.

I still use DTOs. I still use validation rules. But I do not start with them.

Start with the contract when requirements change often. It reflects reality better.

How do you handle changing requirements?

Source: https://dev.to/outcomer/i-stopped-following-api-validation-best-practices-heres-why-1fmj