Get Early Access
Protonosis

Diagnose your API before your users do.

Inconsistent naming, misused status codes, semantic drift, and design smells that style linters can't catch — found before they reach your consumers.

diagnosis.log — openapi.yaml
$ protonosis scan openapi.yaml
 
Scanning 42 endpoints across 8 resources...
 
BREAKING `GET /users/{id}` — field `email` removed from response
BREAKING `POST /orders` — `quantity` changed from string to integer
WARNING  `GET /users` returns object. `GET /orders` returns array. Inconsistent.
WARNING  `GET /invoices` — returns 200 on error; convention elsewhere is 4xx
 
─────────────────────────────────────────────
2 breaking changes · 2 warnings · 3 suggestions

The bugs your linter never finds.

GET /users returns an object. GET /orders returns an array. Nobody noticed until the SDK broke.

That endpoint returns 200 with {"{"}"error": ...{"}"} in the body. Your consumers' retry logic never fires.

Someone renamed a field in a "minor" PR. Three downstream services broke on Friday.

Style linters check your commas. Protonosis checks your meaning.

Three steps. One diagnosis.

Upload or paste

Drop your OpenAPI / Swagger spec, or point us at a URL. No install required.

Get a diagnosis

Semantic issues, design inconsistencies, and REST anti-patterns — each with severity and a suggested fix.

Share the report

Send a link to your team or drop it in the PR. The shareable report is built-in.

What a real diagnosis looks like.

protonosis-report.txt — stripe-api-v3.yaml
Protonosis Diagnostic Report — stripe-api-v3.yaml
BREAKING CHANGES (2)
  • BREAKING `GET /customers/{id}` — field `metadata` removed from response schema
  • BREAKING `POST /charges` — `currency` changed from optional to required
SEMANTIC WARNINGS (3)
  • WARNING `DELETE /subscriptions/{id}` returns 200; convention elsewhere is 204
  • WARNING `GET /invoices` — response shape differs from `GET /invoices/{id}`
  • WARNING `POST /refunds` — missing 409 conflict response for duplicate refund
SUGGESTIONS (2)
  • Consider paginating `GET /events` — unbounded array response
  • `customerId` and `customer_id` used interchangeably across resources

Catch breaking changes before they ship.

Add Protonosis to your CI pipeline and every PR that touches your API contract gets diagnosed automatically.

Breaking-change detection

Removed fields, changed types, narrowed enums, altered status codes. Flagged before merge, not after the incident.

Semantic drift alerts

New endpoints that break your API's existing conventions are caught automatically.

PR comments, not dashboards

Findings show up where developers already work — inline in the pull request.

protonosis-ci commented on this PR
protonosis: 2 breaking changes detected in openapi.yaml
 
BREAKING `GET /users/{id}` — field `email` removed from response
BREAKING `POST /orders` — `quantity` changed from string to integer
WARNING  `GET /invoices` — returns 200 on error; convention elsewhere is 4xx
Set up CI checks → CI integration is on the roadmap — join the waitlist to be first in line.

Built for you. Scales to your team.

For you For your team
Spec diagnosis CI checks on every PR
Learn REST best practices from real findings Block breaking changes before merge
Shareable report links Consistency enforcement across services
Severity-ranked findings with suggested fixes History & drift tracking over time

Get early access.

We're building the tool that catches what linters miss. Sign up to be first in line.

How would you use Protonosis?
No spam. We'll only reach out when something new is ready for you.