search

Redocly / redocly-cli

⚒️ Redocly CLI makes OpenAPI easy. Lint/validate to any standard, generate beautiful docs, and more.
https://redocly.com/docs/cli/
MIT License
899 stars 137 forks source link

Linting does not catch default value types not conforming to specified field type #1628

Open matt-duffett opened 1 month ago

matt-duffett commented 1 month ago

Redocly CLI does not seem to recognise when a fields default value does not conform to the type specified for that field. This also applies to the vscode extension.

Apologies if there is some config I am missing or already a plugin that adds this behaviour!

Steps to reproduce the behavior:

  1. Given this OpenAPI file: 
    openapi: 3.0.0
info:
description: Example
title: Example
version: 1.0.0
license: 
name: Example License
url: foo
servers:
- url: /apis/v0
paths:
/foo:
get: 
  operationId: getFoo
  summary: bar
  responses: 
    '200':
      description: successful operation
      content:
        application/json:
          schema:
            type: string
            default: 123
    '400':
      description: error 400
  security: 
    - foo_security:
      - read:foo
components: 
securitySchemes:
foo_security:
  type: oauth2
  flows:
    clientCredentials:
      tokenUrl: /openId/token
      scopes:
        read:foo: read foo
  2. Run redocly lint openapi.yaml
  3. See output

Expected Behaviour

I would expect there to be a warning or error for the default value of 123 not to match the type of string.

Redocly Version(s)

1.17.1

Node.js Version(s)

20

jeremyfiel commented 1 month ago

linting is provided by two sources. Ajv JSON Schema validation per the schema and configurable rules.

JSON Schema does not consider the default keyword as a validation keyword, thus it only provides informational data about the data type, it is not used for validation. In JSON Schema land, this is called an annotation

I don't think Redocly has a configurable rule for default values. If you happen to write a new configurable rule, please consider sharing it with the Redocly CookBook

lornajane commented 1 month ago

Thanks @matt-duffett and @jeremyfiel . We have type checking on examples, but I don't think we have it on defaults now. It's a good suggestion, I'll leave this issue open in case others have thoughts about this feature.