Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
126 tokens/sec
GPT-4o
47 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

RESTRuler: Towards Automatically Identifying Violations of RESTful Design Rules in Web APIs (2402.13710v1)

Published 21 Feb 2024 in cs.SE

Abstract: RESTful APIs based on HTTP are one of the most important ways to make data and functionality available to applications and software services. However, the quality of the API design strongly impacts API understandability and usability, and many rules have been specified for this. While we have evidence for the effectiveness of many design rules, it is still difficult for practitioners to identify rule violations in their design. We therefore present RESTRuler, a Java-based open-source tool that uses static analysis to detect design rule violations in OpenAPI descriptions. The current prototype supports 14 rules that go beyond simple syntactic checks and partly rely on natural language processing. The modular architecture also makes it easy to implement new rules. To evaluate RESTRuler, we conducted a benchmark with over 2,300 public OpenAPI descriptions and asked 7 API experts to construct 111 complicated rule violations. For robustness, RESTRuler successfully analyzed 99% of the used real-world OpenAPI definitions, with some failing due to excessive size. For performance efficiency, the tool performed well for the majority of files and could analyze 84% in less than 23 seconds with low CPU and RAM usage. Lastly, for effectiveness, RESTRuler achieved a precision of 91% (ranging from 60% to 100% per rule) and recall of 68% (ranging from 46% to 100%). Based on these variations between rule implementations, we identified several opportunities for improvements. While RESTRuler is still a research prototype, the evaluation suggests that the tool is quite robust to errors, resource-efficient for most APIs, and shows good precision and decent recall. Practitioners can use it to improve the quality of their API design.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (22)
  1. G. Schermann, J. Cito, and P. Leitner, “All the Services Large and Micro: Revisiting Industrial Practice in Services Computing,” in Lecture Notes in Computer Science.   Springer, Berlin, Heidelberg, 2016, vol. 9586, pp. 36–47.
  2. J. Bogner, J. Fritzsch, S. Wagner, and A. Zimmermann, “Microservices in Industry: Insights into Technologies, Characteristics, and Software Quality,” in 2019 IEEE International Conference on Software Architecture Companion (ICSA-C).   Hamburg, Germany: IEEE, Mar. 2019, pp. 187–195. [Online]. Available: https://ieeexplore.ieee.org/document/8712375/
  3. R. T. Fielding, “Architectural Styles and the Design of Network-based Software Architectures,” Ph.D. dissertation, University of California, Irvine, Irvine, CA, USA, 2000.
  4. R. T. Fielding and R. N. Taylor, “Principled Design of the Modern Web Architecture,” ACM Trans. Internet Technol., vol. 2, no. 2, p. 115–150, 2002.
  5. C. Rodríguez, M. Baez, F. Daniel, F. Casati, J. Trabucco, L. Canali, and G. Percannella, “REST APIs: A large-scale analysis of compliance with principles and best practices,” in Lecture Notes in Computer Science, vol. 9671.   Springer, 2016.
  6. D. Renzel, P. Schlebusch, and R. Klamma, “Today’s Top “RESTful” Services and Why They Are Not RESTful,” in Web Information Systems Engineering - WISE 2012.   Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 354–367.
  7. F. Palma, J. Gonzalez-Huerta, M. Founi, N. Moha, G. Tremblay, and Y.-G. Guéhéneuc, “Semantic analysis of restful apis for the detection of linguistic patterns and antipatterns,” International Journal of Cooperative Information Systems, vol. 26, no. 02, p. 1742001, 2017.
  8. S. Kotstein and J. Bogner, “Which RESTful API Design Rules Are Important and How Do They Improve Software Quality? A Delphi Study with Industry Experts,” in Service-Oriented Computing. SummerSOC 2021. Communications in Computer and Information Science, vol 1429.   Springer International Publishing, 2021, pp. 154–173. [Online]. Available: http://dx.doi.org/10.1007/978-3-030-87568-8_10https://link.springer.com/10.1007/978-3-030-87568-8_10
  9. J. Bogner, S. Kotstein, and T. Pfaff, “Do RESTful API design rules have an impact on the understandability of Web APIs?” Empirical Software Engineering, vol. 28, no. 6, p. 132, Nov. 2023. [Online]. Available: https://link.springer.com/10.1007/s10664-023-10367-y
  10. C. Pautasso, “RESTful web services: Principles, patterns, emerging technologies,” in Web Services Foundations.   New York, NY: Springer New York, 2014, vol. 9781461475, pp. 31–51.
  11. F. Petrillo, P. Merle, N. Moha, and Y.-G. Guéhéneuc, “Are REST APIs for Cloud Computing Well-Designed? An Exploratory Study,” in Service-Oriented Computing.   Cham: Springer International Publishing, 2016, pp. 157–170.
  12. F. Palma, J. Dubois, N. Moha, and Y.-G. Guéhéneuc, “Detection of rest patterns and antipatterns: a heuristics-based approach,” in International Conference on Service-Oriented Computing.   Springer, 2014, pp. 230–244.
  13. A. Neumann, N. Laranjeiro, and J. Bernardino, “An Analysis of Public REST Web Service APIs,” IEEE Transactions on Services Computing, vol. PP, no. c, pp. 1–1, 2018.
  14. N. Moha, F. Palma, M. Nayrolles, B. J. Conseil, Y.-G. Guéhéneuc, B. Baudry, and J.-M. Jézéquel, “Specification and detection of soa antipatterns,” in Service-Oriented Computing, C. Liu, H. Ludwig, F. Toumani, and Q. Yu, Eds.   Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 1–16.
  15. F. Palma, O. Zarraa, and A. Sadia, “Are developers equally concerned about making their apis restful and the linguistic quality? a study on google apis,” in Service-Oriented Computing, H. Hacid, O. Kao, M. Mecella, N. Moha, and H.-y. Paik, Eds.   Cham: Springer International Publishing, 2021, pp. 171–187.
  16. F. Palma, T. Olsson, A. Wingkvist, F. Ahlgren, and D. Toll, “Investigating the linguistic design quality of public, partner, and private rest apis,” in 2022 IEEE International Conference on Services Computing (SCC), 2022, pp. 20–30.
  17. F. Palma, T. Olsson, A. Wingkvist, and J. Gonzalez-Huerta, “Assessing the linguistic quality of rest apis for iot applications,” Journal of Systems and Software, vol. 191, p. 111369, 2022. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0164121222000954
  18. H. Brabra, A. Mtibaa, F. Petrillo, P. Merle, L. Sliman, N. Moha, W. Gaaloul, Y.-G. Guéhéneuc, B. Benatallah, and F. Gargouri, “On semantic detection of cloud api (anti)patterns,” Information and Software Technology, vol. 107, pp. 65–82, 2019. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S095058491830226X
  19. H. Brabra, A. Mtibaa, L. Sliman, W. Gaaloul, B. Benatallah, and F. Gargouri, “Detecting cloud (anti)patterns: Occi perspective,” in Service-Oriented Computing, Q. Z. Sheng, E. Stroulia, S. Tata, and S. Bhiri, Eds.   Cham: Springer International Publishing, 2016, pp. 202–218.
  20. N. M. Devadiga, “Tailoring architecture centric design method with rapid prototyping,” in 2017 2nd International Conference on Communication and Electronics Systems (ICCES).   IEEE, 2017, pp. 924–930.
  21. W. P. Alexander, R. F. Berry, F. E. Levine, and R. J. Urquhart, “A unifying approach to performance analysis in the java environment,” IBM Systems Journal, vol. 39, no. 1, pp. 118–134, 2000.
  22. F. Palma, J. Gonzalez-Huerta, N. Moha, Y.-G. Guéhéneuc, and G. Tremblay, “Are restful apis well-designed? detection of their linguistic (anti) patterns,” in International Conference on Service-Oriented Computing.   Springer, 2015, pp. 171–187.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets