📝 Description

This PR fixes a Pydantic validation error that occurs when fetching full commit details with verification information. The issue arises because GitHub's OpenAPI specification incorrectly lists verified_at as a required field in the verification object, but GitHub's actual API response doesn't include this field.

The Problem

When using GitHubKit to fetch full commit details (particularly for commits with GPG/signature verification), the library throws a validation error:

pydantic.error_wrappers.ValidationError: 1 validation error for Verification
verified_at
  field required (type=value_error.missing)

Why This Bug Only Appears in Certain Cases

This bug specifically affects endpoints that return full commit details with verification information. Most GitHub operations work with simplified commit objects that don't include the verification field:

# Simple commit from PR listing - works fine
{
  "sha": "abc123",
  "commit": {
    "message": "Fix bug",  # Just the first line
    "author": {...}
  }
}

# Full commit details - triggers the bug
{
  "sha": "abc123", 
  "commit": {
    "message": "Fix bug\n\nThis is the extended description...",  # Full message
    "author": {...},
    "verification": {  # This field causes the Pydantic validation error
      "verified": false,
      "reason": "unsigned",
      "signature": null,
      "payload": null
      # githubkit expects "verified_at" here, but GitHub doesn't provide it
    }
  }
}

The verification object is only included when:

• Fetching individual commits via /repos/{owner}/{repo}/commits/{ref}
• Fetching commit details via /repos/{owner}/{repo}/git/commits/{commit_sha}
• Other endpoints that return detailed commit information

This explains why the bug may not have been discovered earlier - most common operations (listing commits, PR data, etc.) use simplified commit objects without verification details.

OpenAPI Spec Issue

The OpenAPI spec at https://raw.githubusercontent.com/github/rest-api-description/main/descriptions-next/api.github.com/api.github.com.2022-11-28.json incorrectly defines:

{
  "title": "Verification",
  "type": "object",
  "properties": {
    "verified": { "type": "boolean" },
    "reason": { "type": "string" },
    "payload": { "type": ["string", "null"] },
    "signature": { "type": ["string", "null"] },
    "verified_at": { "type": ["string", "null"] }
  },
  "required": ["verified", "reason", "payload", "signature", "verified_at"]
}

The verified_at field is listed in the required array but isn't actually returned by the API.

We have reported this issue to the GitHub REST API description repository: Schema Inaccuracy: verification.verified_at marked as required but not present in API response #4995

🔗 Related Issue(s)

• Related to github/rest-api-description#4995 - OpenAPI spec issue: verification.verified_at marked as required but not present in API response

✔️ Type of Change

• 🐛 Bug fix (non-breaking change which fixes an issue)
• 🚀 New feature (non-breaking change which adds functionality)
• ⚠️ Breaking change (fix or feature that would cause existing functionality to not work as expected)
• 🛠️ Refactoring/Technical debt (internal code improvements with no direct user-facing changes)
• 📄 Documentation update
• ⚙️ Chore (build process, CI, tooling, etc.)
• ✨ Other (please describe):

🎯 Key Changes & Implementation Details

• Added an override in pyproject.toml to remove verified_at from the required fields in the verification schema
• This override will be applied during code generation to fix the mismatch between the OpenAPI spec and actual API behavior
• The fix follows the established pattern in GitHubKit for handling OpenAPI spec discrepancies

🧪 Testing Done

• New unit tests added/updated
• Integration tests performed
• Manual E2E testing performed (describe steps/scenarios):
  • Scenario 1: Verified that the current models fail to parse GitHub's verification response without verified_at
  • Scenario 2: Confirmed that removing verified_at from required fields allows successful parsing
  • Scenario 3: Tested with actual GitHub API responses from commit endpoints that include verification data
• All existing tests pass (pending code regeneration with dependencies installed)

Reproduction Steps

1. Use GitHubKit to fetch a commit with full details:

   from githubkit import GitHub
   
   github = GitHub(auth="your-token")
   # This will fail with current version when the commit has verification info
   response = github.rest.repos.get_commit("owner", "repo", "commit_sha")
   # OR
   response = github.rest.git.get_commit("owner", "repo", "commit_sha")

2. The request fails with:

   pydantic.error_wrappers.ValidationError: 1 validation error for Verification
   verified_at
     field required (type=value_error.missing)
   

3. Note: This only happens for commits that have verification information. Commits without GPG signatures work fine.

✅ Checklist

• My code follows the style guidelines of this project (e.g., ran pre-commit run -a).
• I have commented my code, particularly in hard-to-understand areas.
• I have made corresponding changes to the documentation (if applicable).
• My changes generate no new warnings.
• I have added/updated relevant diagrams (if applicable).
• I have updated release-notes.md with a summary of my changes under the appropriate version (if applicable, for significant user-facing changes or bug fixes).