Bad path ref parameter breaks the linter

Question

Bad path ref parameter breaks the linter

Closed this issue 3 years ago · 3 comments

When lint-openapi is called with a YAML file which contains a path parameter, and the referenced parameter has an invalid definition (no "in" property), it causes lint-openapi to fail with:

[Error] There was a problem with a validator.
Cannot read property 'toLowerCase' of undefined

TypeError: Cannot read property 'toLowerCase' of undefined
    at /usr/local/lib/node_modules/ibm-openapi-validator/src/plugins/validation/2and3/semantic-validators/paths-ibm.js:58:37
    at Array.filter (<anonymous>)
    at /usr/local/lib/node_modules/ibm-openapi-validator/src/plugins/validation/2and3/semantic-validators/paths-ibm.js:58:12
    at Array.forEach (<anonymous>)
    at Object.module.exports.validate (/usr/local/lib/node_modules/ibm-openapi-validator/src/plugins/validation/2and3/semantic-validators/paths-ibm.js:36:13)
    at /usr/local/lib/node_modules/ibm-openapi-validator/src/cli-validator/utils/validator.js:119:51
    at Array.forEach (<anonymous>)
    at validateSwagger (/usr/local/lib/node_modules/ibm-openapi-validator/src/cli-validator/utils/validator.js:118:41)
    at processInput (/usr/local/lib/node_modules/ibm-openapi-validator/src/cli-validator/runValidator.js:274:17)

Sample YAML file:

openapi: 3.0.3

info:
  version: 0.0.1
  title: Example Title
  description: |
    A brief description of the API.
    It can be multiple lines.

servers: 
  - url: https://api.example.com

paths:
  '/persons/{name}':
    parameters:
      - $ref: "#/components/headers/Broken-Header"
    get:
      summary: 'Get People by Name'
      description: "Test API"
      responses:
        '200':
          description: Successful response
          content:
            application/json:
              schema:
                type: object
                properties:
                  persons:
                    type: array
                    items:
                      $ref: '#/components/schemas/Person'

components:
  schemas:
    Person:
      title: Person
      type: object
      properties:
        name:
          description: "Person"
  
  headers:
    "Broken-Header":
      description: "This ref breaks the linter"
      schema:
        type: string
      required: true

This can be worked around by setting paths-ibm.js:58 to include a defined check: .filter(param => param.in && param.in.toLowerCase() === 'path') but since "in" is required by spec it may make more sense to include specific validation logic rather than simply ignoring it.

Answer 1 · 2021-07-12T05:38:58.000Z

Sorry, I forgot to include that this was tested on:
$ lint-openapi --version
0.46.1

Answer 2 · 2021-07-13T19:29:05.000Z

That's a good catch, thanks for the issue. I thought we did flag parameters without an in value, so I'll have to check on this.

Answer 3 · 2021-07-14T14:09:31.000Z

🎉 This issue has been resolved in version 0.46.2 🎉

The release is available on:

Your semantic-release bot 📦🚀