rules: # ─── INFO / METADATA ─────────────────────────────────────────────── info-title-required: description: Info title must be present and non-empty. severity: error given: $.info then: field: title function: truthy info-title-prefix: description: Info title should start with 'Microsoft Word'. severity: warn given: $.info.title then: function: pattern functionOptions: match: "^Microsoft Word" info-description-required: description: Info description must be present. severity: error given: $.info then: field: description function: truthy info-description-min-length: description: Info description should be at least 50 characters. severity: warn given: $.info.description then: function: length functionOptions: min: 50 info-version-required: description: Info version must be present. severity: error given: $.info then: field: version function: truthy info-contact-required: description: Info should include contact information. severity: warn given: $.info then: field: contact function: truthy info-license-required: description: Info should include license information. severity: info given: $.info then: field: license function: truthy # ─── OPENAPI VERSION ─────────────────────────────────────────────── openapi-version: description: OpenAPI version must be 3.0.x. severity: error given: $ then: field: openapi function: pattern functionOptions: match: "^3\\.0\\." # ─── SERVERS ──────────────────────────────────────────────────────── servers-defined: description: At least one server must be defined. severity: error given: $ then: field: servers function: truthy servers-https: description: Server URLs should use HTTPS. severity: warn given: $.servers[*].url then: function: pattern functionOptions: match: "^https://" servers-description: description: Each server should have a description. severity: warn given: $.servers[*] then: field: description function: truthy # ─── PATHS — NAMING CONVENTIONS ──────────────────────────────────── paths-kebab-case: description: Path segments should use kebab-case. severity: warn given: $.paths then: field: "@key" function: pattern functionOptions: match: "^(/[a-z0-9{}()'=-]+)+$" paths-no-trailing-slash: description: Paths must not have trailing slashes. severity: error given: $.paths then: field: "@key" function: pattern functionOptions: notMatch: "/$" # ─── OPERATIONS ───────────────────────────────────────────────────── operation-summary-required: description: Every operation must have a summary. severity: error given: $.paths[*][get,post,put,patch,delete] then: field: summary function: truthy operation-summary-prefix: description: Operation summaries should start with 'Microsoft Word'. severity: warn given: $.paths[*][get,post,put,patch,delete].summary then: function: pattern functionOptions: match: "^Microsoft Word" operation-description-required: description: Every operation must have a description. severity: error given: $.paths[*][get,post,put,patch,delete] then: field: description function: truthy operation-operationid-required: description: Every operation must have an operationId. severity: error given: $.paths[*][get,post,put,patch,delete] then: field: operationId function: truthy operation-operationid-camelcase: description: OperationId should use camelCase. severity: warn given: $.paths[*][get,post,put,patch,delete].operationId then: function: pattern functionOptions: match: "^[a-z][a-zA-Z0-9]*$" operation-tags-required: description: Every operation must have at least one tag. severity: error given: $.paths[*][get,post,put,patch,delete] then: field: tags function: truthy # ─── TAGS ─────────────────────────────────────────────────────────── tags-defined: description: Global tags array should be defined. severity: warn given: $ then: field: tags function: truthy tags-description: description: Each tag should have a description. severity: info given: $.tags[*] then: field: description function: truthy # ─── PARAMETERS ───────────────────────────────────────────────────── parameter-description-required: description: Every parameter must have a description. severity: warn given: $.paths[*][*].parameters[*] then: field: description function: truthy parameter-schema-required: description: Every parameter must have a schema with a type. severity: error given: $.paths[*][*].parameters[*] then: field: schema function: truthy # ─── REQUEST BODIES ───────────────────────────────────────────────── request-body-json-content: description: Request bodies should specify application/json content type. severity: warn given: $.paths[*][post,put,patch].requestBody.content then: field: application/json function: truthy # ─── RESPONSES ────────────────────────────────────────────────────── response-success-required: description: Every operation must have at least one 2xx response. severity: error given: $.paths[*][get,post,put,patch,delete].responses then: function: schema functionOptions: schema: anyOf: - required: ['200'] - required: ['201'] - required: ['202'] - required: ['204'] response-description-required: description: Every response must have a description. severity: error given: $.paths[*][*].responses[*] then: field: description function: truthy response-401-required: description: Operations should include a 401 Unauthorized response. severity: warn given: $.paths[*][get,post,put,patch,delete].responses then: field: '401' function: truthy response-404-for-get: description: GET operations should include a 404 Not Found response. severity: warn given: $.paths[*].get.responses then: field: '404' function: truthy # ─── SCHEMAS — PROPERTY NAMING ────────────────────────────────────── schema-type-required: description: All schemas must have a type defined. severity: error given: $.components.schemas[*] then: field: type function: truthy schema-description-required: description: Top-level schemas should have descriptions. severity: warn given: $.components.schemas[*] then: field: description function: truthy schema-properties-camelcase: description: Schema properties should use camelCase naming. severity: warn given: $.components.schemas[*].properties then: field: "@key" function: pattern functionOptions: match: "^[a-z@$][a-zA-Z0-9.@]*$" # ─── SECURITY ─────────────────────────────────────────────────────── security-defined: description: Global security must be defined. severity: error given: $ then: field: security function: truthy security-schemes-defined: description: Security schemes must be defined in components. severity: error given: $.components then: field: securitySchemes function: truthy security-schemes-oauth2: description: OAuth2 security scheme should be defined for Microsoft Graph APIs. severity: warn given: $.components.securitySchemes then: field: oauth2 function: truthy # ─── HTTP METHOD CONVENTIONS ──────────────────────────────────────── get-no-request-body: description: GET operations must not have a request body. severity: error given: $.paths[*].get then: field: requestBody function: falsy delete-no-request-body: description: DELETE operations should not have a request body. severity: warn given: $.paths[*].delete then: field: requestBody function: falsy # ─── GENERAL QUALITY ──────────────────────────────────────────────── no-empty-descriptions: description: Descriptions must not be empty strings. severity: error given: $..description then: function: truthy examples-encouraged: description: Schema properties should include example values. severity: info given: $.components.schemas[*].properties[*] then: field: example function: truthy microcks-operation-extension: description: Operations should include x-microcks-operation extension. severity: info given: $.paths[*][get,post,put,patch,delete] then: field: x-microcks-operation function: truthy