hrefna, (edited ) Okay, thinking about how to represent a #ActivityStreams in #OpenAPI some more, a few thoughts:
Q1: Why validate incoming values?
A 1.1: Per OWASP API6:2019: There are a lot of things that can go sideways very easily if you just openly accept values from the internet and write them into a database and, even to the extent this isn't a problem with the way it is written today, the extension mechanism means it might always become an issue in the future.
1/
Add comment