this post was submitted on 19 Nov 2025
36 points (95.0% liked)

Programming

23517 readers
271 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 2 years ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz
UlrikHD@programming.dev
36
What's the best way to monitor an API for breaking changes? (sh.itjust.works)
submitted 1 day ago by clay_pidgin@sh.itjust.works to c/programming@programming.dev
40 comments fedilink hide all child comments
 

I have a vendor that sucks donkey balls. Their systems break often. An endpoint we rely on will start returning [] and take months to fix. They'll change a data label in their backend and not notice that it flows into all of their filters and stuff.

I have some alerts when my consumers break, but I think I'd like something more direct. What's the best way to monitor an external API?

I'm imagining some very basic ML that can pop up and tell me that something has changed, like there are more hosts or categories or whatever than usual, that a structure has gone blank or is missing, that some field has gone to 0 or null across the structure. Heck, that a field name has changed.

Is the best way to basically write tests for everything I can think of, and add more as things break, or is there a better tool? I see API monitoring tools but they are for calculating availability for your own APIs, not for enforcing someone else's!

you are viewing a single comment's thread
view the rest of the comments
[–] clay_pidgin@sh.itjust.works 2 points 1 day ago (1 children)

The main one I have issues with is a read only API. I guess I make it harder on myself from this perspective by not maintaining one big client, but lots of separate single-purpose tools.

[–] whotookkarl@lemmy.dbzer0.com 2 points 1 day ago (1 children)

Yeah then I would setup a call or set of calls on an interval to test the response on, and if a critical test fails send an alert, if there are less critical alerts maybe treat as warnings and send a report periodically. In either case I'd log and archive all of it so if they are bullshitting or violating contact SLAs I'll have some data to reference.

[–] clay_pidgin@sh.itjust.works 2 points 1 day ago (1 children)

They do have an API Accuracy SLA but it's not defined anywhere so we do our best. They've only avoided penalties a few months out of the last several years!

[–] whotookkarl@lemmy.dbzer0.com 2 points 1 day ago* (last edited 1 day ago)

Oof that is a rough one. If they are just absorbing the penalties it sounds like the penalties need to be increased to make it more financially necessary to change the incentive to actually do the work, but in the meantime I'd just collect and report on as much data as I could.