Much progress has been made since The Big List of Possibilities #1466 was created 18+ months ago! Now as we head toward an actual 3.1 release, it is time to collect together all of improvements that may not be backwards compatible. The following is a list of the issues in scope for 3.1, and they should be considered launch blockers until each related PR has been approved and merged into 3.1.0-dev.

Nb: this is not an exhaustive changelog for v3.1.0.

• Resolve the SemVer ambiguities in Paraphrasing SemVer Caused Confusion #2022
• Update Schema Objects to JSON Schema Draft 2019-09 Update Schema Objects to JSON Schema Draft 2019-09 #1977
• Mutual Auth Certificate Support [OpenAPI.Next Proposal] Add client certificate to authentication methods #1004
• "Scopes" on Security Requirements for schemes other than OAuth2 Scopes for jwt-based security scheme #1393 API Key authentication should allow scopes to be defined. #1366
• CSV-serialized form-data arrays OpenAPI 3.0 does not support csv-serialized form-data arrays #2018
• Rewording constraints on bodies in HEAD/DELETE PR allow, but discourage, requestBody for GET, HEAD, DELETE #1937 allow, but discourage, requestBody for GET, HEAD, DELETE #2117
• Clarify difference in behavior between $ref inside and outside of schema object Reference Object and Schema Object use of $ref updates for 2019-09 / OAS 3.1 #2107
• Post-Update Schema Objects to JSON Schema Draft 2019-09 #1977 knock-on issues Remaining JSON Schema Tweaks for OAS 3.1 #2099

We anticipate at least one release candidate (RC) on the path to the actual release.

Known issues that could be included but might not make the 3.1 release:

• Overlays Yet another Overlay proposal Overlay-Specification#36