Linting Rules

Linting Rules

This is project for managing linting rules that can be applied as part of API governance during design, development in the CLI, IDE, or in Postman, as well as via a Ci/CD pipeline. To use, just grab the link to one of rulesets, or individual rules and add as a parameter to this a collection in this public workspace pass in an OpenAPI, and the rules will be applied.



Base Rulesets

These are base rulesets that can be used to jumpstart your linting.

Base - This provides a base of rules that should be considered for all OpenAPI.

  • Info Title - The API must have a title.
  • Info Title Max Length - The title of the API must not be more than 50 characters.
  • Info Title Word Check - The title of the API must not contain specific words, including REST, Public, and Developer.
  • Info Title In Kebab Case - The title of the API must be in kebab case.
  • Info Summary - The API must have a summary applied.
  • Info Summary Max Length - The summary for the API should not be more than 50 characters in length.
  • Info Summary Word Check - The API summary not contain specific words, including REST, Public, and Developer.
  • Info Description - API must have a description available.
  • Info Description Max Length - The description of the API must not be greater than 250 characters.
  • Info Description Word Check - The API description must not contain specific words, including REST, Public, and Developer.
  • Info Contact - API must have a contact information available.
  • Info Contact Name - API must have a contact name available.
  • Info Contact Email - API must have a contact email available.
  • Info Contact Url - API must have a contact url available.
  • Info License - API must have a license applied.
  • Info License Name - API must have a license name applied.
  • Info License Url - API must have a license url applied.
  • Info Terms Of Service - The API must have a terms of service applied.
  • Info Version - The API must have version information applied.
  • Paths Trailing Slash - All paths must end with a trailing slash.
  • Paths No Empty - There should be no empty path segments.
  • Operations Description -
  • Operations Description Length - Operation description should be short and sweet, no full stops, and less than 20 characters
  • Operations Description Words Check - Must not contain specific words, including REST, Public, and Developer.
  • Operations Summary -
  • Operations Summary Length - Operation summary should be short and sweet, no full stops, and less than 20 characters
  • Operations Summary Words Check - Must not contain specific words, including REST, Public, and Developer.
  • Operations Tags - Operation must have tags.
  • Operations Tags One - Must have at least one tag.
  • Parameters Name - Must not contain specific words, including REST, Public, and Developer.
  • Parameters Name Length - The name can't be more than 20 characters.
  • Parameters Name Word Check - Must not contain specific words, including REST, Public, and Developer.
  • Parameters Description - Must not contain specific words, including REST, Public, and Developer.
  • Parameters Description Length - The description can't be more than 20 characters.
  • Parameters Description Word Check - Must not contain specific words, including REST, Public, and Developer.
  • Parameters In - Parameters must have an in.
  • Parameters Example - Parameters must have a example.
  • Parameters Schema - Parameters must have a schema.
  • Parameters Schema Type - Parameters must have a schema.
  • Request Bodies Get Oas3 - GET methods must have a request body.
  • Request Bodies Post Oas3 - POST methods must have a request body.
  • Request Bodies Post Media Type Oas3 - POST request bodies must have a application/json media type.
  • Request Bodies Patch Oas3 - PATCH methods must have a request body.
  • Request Bodies Patch Media Type Oas3 - PATCH request bodies must have a application/json media type.
  • Request Bodies Put Oas3 - PUT methods must have a request body.
  • Request Bodies Put Media Type Oas3 - PUT request bodies must have a application/json media type.
  • Request Bodies Delete Oas3 - DELETE methods must have a request body.
  • Response Get 200 Status Code - A get operation should have a 200 response.
  • Response Get 200 Media Type - GET responses should not have body.
  • Response Get 200 No Body - GET responses should not have body.
  • Response Get 500 Status Code - A get operation should have a 500 response.
  • Response Get 500 Media Type - GET responses should have a 500 with Problem JSON media type.
  • Response Post 201 Status Code - A post operation should have a 201 response.
  • Response Post 201 Media Type - POST responses should have a JSON body.
  • Response Post 500 Status Code - A post operation should have a 500 response.
  • Response Post 500 Media Type - POST responses should have a 500 with Problem JSON media type.
  • Response Put 204 Status Code - A put operation should have a 204 response.
  • Response Put 204 No Body - PUT responses should not have body.
  • Response Put 500 Status Code - A put operation should have a 500 response.
  • Response Put 500 Media Type - PUT responses should have a 500 with Problem JSON media type.
  • Response Delete 204 Status Code - A delete operation should have a 204 response.
  • Response Delete 204 No Body - DELETE responses should not have body.
  • Response Delete 500 Status Code - A delete operation should have a 500 response.
  • Response Delete 500 Media Type - DELETE responses should have a 500 with Problem JSON media type.
  • Schema Names Length - Schema names should be no more than 10 characters.
  • Schema Names Words - Schema names should not contain certain words.
  • Schema Description - All schemas properties should have a description.
  • Schema Description Length - All schemas descriptions should be shorter than 20 characters.
  • Schema Description Words - Some words should not be be contained within the schema description.
  • Schema Required - All schemas properties should have a required.
  • Schema Type - All schemas should have a type.
  • Schema Properties - All schemas should have a properties.
  • Schema Properties Type - All schemas properties should have a type.
  • Schema Properties Descriptions - All schemas properties should have a description.
  • Schema Properties Descriptions Length - The length of the description needs to be lest than 20 characters.
  • Schema Properties Descriptions Words - Some words should not exist within the property description.
  • Schema Properties Maximum - All schemas properties should have a maximum.
  • Schema Properties Minimum - All schemas properties should have a minimum.
  • Tags Object - Must have tags object.
  • Tags One - Must have at least one tag.
  • Tags Name - Tags must have a name.
  • Tags Description - Tags must have a description.


Open API Rulesets

These are rulesets organized to apply to specific OpenAPI objects.

Contact - A set of rules centered on the contact information.

  • Info Contact - API must have a contact information available.
  • Info Contact Name - API must have a contact name available.
  • Info Contact Email - API must have a contact email available.
  • Info Contact Url - API must have a contact url available.
Info - A ruleset that focus on governance applied to the info object of the OpenAPI.

  • Info Title - The API must have a title.
  • Info Title Max Length - The title of the API must not be more than 50 characters.
  • Info Title Word Check - The title of the API must not contain specific words, including REST, Public, and Developer.
  • Info Title In Kebab Case - The title of the API must be in kebab case.
  • Info Summary - The API must have a summary applied.
  • Info Summary Max Length - The summary for the API should not be more than 50 characters in length.
  • Info Summary Word Check - The API summary not contain specific words, including REST, Public, and Developer.
  • Info Description - API must have a description available.
  • Info Description Max Length - The description of the API must not be greater than 250 characters.
  • Info Description Word Check - The API description must not contain specific words, including REST, Public, and Developer.
  • Info Contact - API must have a contact information available.
  • Info Contact Name - API must have a contact name available.
  • Info Contact Email - API must have a contact email available.
  • Info Contact Url - API must have a contact url available.
  • Info License - API must have a license applied.
  • Info License Name - API must have a license name applied.
  • Info License Url - API must have a license url applied.
  • Info License Url Apache - API must have an Apache license applied.
  • Info License Url Mit - API must have a MIT license applied.
  • Info Terms Of Service - The API must have a terms of service applied.
  • Info Version - The API must have version information applied.
  • Info X Api Id - The `#/info/x-api-id` field can be used to associate an identifier to an API. This is useful to track an API even when its `#/info/title` changes.
  • Info X Audience - MUST contain API meta information [218]
  • Info X Summary - The `#/info/x-summary` can be used to specify a brief, one-liner description of your API: this is very useful for catalog purposes (eg. this can be shown as your API subtitle in catalogs and developer portals). In OAS3.1 you can use the standard `#/info/summary` field.
Operations - A ruleset that focus on governance applied to the operations object of the OpenAPI.

  • Operations Tags - Operation must have tags.
  • Operations Description Length - Operation description should be short and sweet, no full stops, and less than 20 characters
  • Operations Description Words Check - Must not contain specific words, including REST, Public, and Developer.
  • Operations Description -
  • Operations Operationids Camel Case - Operation IDs MUST be written in camelCase.
  • Operations Operationids Kebab Case - Operation IDs MUST be written in kebab-case.
  • Operations Operationids Pascal Case - Operation IDs MUST be written in PascalCase.
  • Operations Summary Length - Operation summary should be short and sweet, no full stops, and less than 20 characters
  • Operations Summary Words Check - Must not contain specific words, including REST, Public, and Developer.
  • Operations Summary -
  • Operations Tags One - Must have at least one tag.
Parameters - A ruleset that focus on governance applied to the parameter object of the OpenAPI.

  • Parameters Default Not Allowed - A required parameter should not specify a default value.
  • Parameters Description Length - The description can't be more than 20 characters.
  • Parameters Description Word Check - Must not contain specific words, including REST, Public, and Developer.