Attach a direct-upload source-code revision (multipart)
POST/api/v1/assessments/:assessment_id/revisions/upload
Attach a fix_attempt revision from a directly uploaded archive.
Multipart counterpart to POST /assessments/{id}/revisions. The
bytes are extracted inline (no draft pre-upload + archive_id
round-trip), persisted under the revision's content-addressed object storage
key, and the assessment's current_revision_id is flipped to
the new head.
Head-SHA short-circuit: when the freshly-extracted inner-tar SHA matches the current head, returns the existing head row unchanged — no new revision row, no object storage PUT. Identical-to-historical (not head) still creates a new row by design (rollback semantics).
Same gates as /revisions: the fix verification flag release,
source:upload_zip + assessments:update scopes,
manager-or-above role,.
Rate-limit tier file_upload.
Request
Responses
- 200
- 400
- 401
- 403
- 404
- 409
- 422
- 429
- 500
Successful Response
Bad request — malformed input or failed validation.
Missing, expired, or invalid credentials.
Authenticated but not authorized for this resource. Note: cross-organization reads return 404, not 403.
Resource not found, or hidden for tenant-enumeration safety (the caller lacks permission to know whether the resource exists).
Conflict — the current resource state does not allow this operation (e.g. assessment already started, email already in use).
Semantic validation failure — request shape was valid but contents were not.
Too many requests — rate limited. Retry after the window resets.
Internal server error — unexpected failure.