linting options for validation

[karenetheridge]

These would be checks done at runtime when validating requests and responses. The idea is to suggest ways to enhance the specification to cover more things.

• produce a list of headers, query parameters, cookies that were not specified (allow providing a list of headers that are to be ignored)
• request or response body seen that wasn't specified
• response code that was validated via 'default' rather than an explicitly specified code

[karenetheridge]

• example, examples that don't validate against the adjacent schema
• $ref that points to the wrong entity type (we already do this check at runtime when evaluating a $ref, but we can do it earlier for any $refs that don't go to another document)
• requestBody for a GET, HEAD, DELETE endpoint
• use of discouraged keyword allowEmptyValue
• use of allowReserved with media-types other than application/x-www-form-urlencoded or multipart/form-data
• missing 2xx response code in responses definition (unless only default is present)
• missing path parameter definition

[karenetheridge]

• properties that are required in the specification, but are of length zero ('')