rules: # INFO / METADATA info-title-required: description: Info title must be present and non-empty. severity: error given: $.info then: field: title function: truthy info-title-prefix: description: API title should start with "Wayfair". severity: warn given: $.info then: field: title function: pattern functionOptions: match: '^Wayfair' info-description-required: description: Info description must be present and at least 50 characters. severity: warn given: $.info then: field: description function: minLength functionOptions: value: 50 info-version-required: description: API version must be defined. severity: error given: $.info then: field: version function: truthy info-contact-required: description: Contact information should be provided. severity: warn given: $.info then: field: contact function: truthy # OPENAPI VERSION openapi-version: description: OpenAPI version must be 3.1.x. severity: warn given: $ then: field: openapi function: pattern functionOptions: match: '^3\.1\.' # SERVERS servers-defined: description: At least one server must be defined. severity: error given: $ then: field: servers function: truthy servers-https: description: All server URLs must use HTTPS. severity: error given: $.servers[*] then: field: url function: pattern functionOptions: match: '^https://' servers-description: description: Each server should have a description. severity: warn given: $.servers[*] then: field: description function: truthy # PATHS — NAMING CONVENTIONS paths-kebab-case: description: Path segments must use kebab-case or standard REST conventions. severity: warn given: $.paths[*]~ then: function: pattern functionOptions: match: '^(/[a-z0-9{}-]+)+$' paths-no-trailing-slash: description: Paths must not have trailing slashes. severity: warn given: $.paths[*]~ then: function: pattern functionOptions: notMatch: '/$' # OPERATIONS operation-summary-required: description: Every operation must have a summary. severity: error given: $.paths[*][get,post,put,patch,delete,head,options] then: field: summary function: truthy operation-summary-title-case: description: Operation summaries should start with "Wayfair". severity: warn given: $.paths[*][get,post,put,patch,delete,head,options] then: field: summary function: pattern functionOptions: match: '^Wayfair ' operation-description-required: description: Every operation should have a description. severity: warn given: $.paths[*][get,post,put,patch,delete,head,options] then: field: description function: truthy operation-id-required: description: Every operation must have an operationId. severity: error given: $.paths[*][get,post,put,patch,delete,head,options] then: field: operationId function: truthy operation-id-camel-case: description: operationId must use camelCase. severity: warn given: $.paths[*][get,post,put,patch,delete,head,options] then: field: operationId function: pattern functionOptions: match: '^[a-z][a-zA-Z0-9]+$' operation-tags-required: description: Every operation must have at least one tag. severity: error given: $.paths[*][get,post,put,patch,delete,head,options] then: field: tags function: truthy # TAGS tags-defined: description: Global tags array should be defined. severity: warn given: $ then: field: tags function: truthy tag-description: description: Every tag should have a description. severity: warn given: $.tags[*] then: field: description function: truthy # PARAMETERS parameter-description-required: description: All parameters must have a description. severity: error given: $.paths[*][get,post,put,patch,delete][parameters][*] then: field: description function: truthy # REQUEST BODIES post-has-request-body: description: POST operations should have a request body. severity: warn given: $.paths[*].post then: field: requestBody function: truthy request-body-json-content: description: Request bodies should specify application/json content type. severity: warn given: $.paths[*][post,put,patch].requestBody.content then: field: application/json function: truthy # RESPONSES response-success-required: description: Every operation must have at least one 2xx response. severity: error given: $.paths[*][get,post,put,patch,delete] then: field: responses function: schema functionOptions: schema: type: object minProperties: 1 response-401-graphql: description: GraphQL endpoint must define a 401 response. severity: warn given: $.paths[/graphql].post then: field: responses function: schema functionOptions: schema: type: object required: - '401' response-description-required: description: Every response must have a description. severity: error given: $.paths[*][get,post,put,patch,delete].responses[*] then: field: description function: truthy # SCHEMAS — PROPERTY NAMING schema-description-required: description: Top-level schemas should have a description. severity: warn given: $.components.schemas[*] then: field: description function: truthy # SECURITY security-schemes-defined: description: Security schemes must be defined in components. severity: error given: $.components then: field: securitySchemes function: truthy graphql-security-required: description: GraphQL endpoint must declare security. severity: error given: $.paths[/graphql].post then: field: security function: truthy # HTTP METHOD CONVENTIONS get-no-request-body: description: GET operations must not have a request body. severity: error given: $.paths[*].get then: field: requestBody function: falsy # GENERAL QUALITY no-empty-descriptions: description: Descriptions must not be empty strings. severity: error given: $..description then: function: pattern functionOptions: match: '.+' microcks-operation-extension: description: Operations should include x-microcks-operation for mock support. severity: info given: $.paths[*][get,post,put,patch,delete] then: field: x-microcks-operation function: truthy