We ran into a problem in our schema that could have been avoided by following a SpiceDB best practice. Specifically, a permission's definition should not contain the relation of another resource. Rather it should only contain 'local' relations or permissions of those relations (I can't remember where I read it). Here's a minimal example version of what was happening:

definition actor {
}

definition user {
    relation self: actor
    
    permission use = self
}

definition organization {
    relation member: user
    
    permission use = member->use
}

definition foo {
    relation parent: organization
    
    // ERROR! We should only be calling permissions on the `parent` relation, not relations of the `parent`.
    permission use = parent->member    // this should be parent->use
}

If we had a linter that warned us not to call

parent->member

in the

foo

resource definition, we would have avoided the bug. So I wanted to see if there was a linter project already available/underway. If not, I'll probably start work on one so we can run it as part of our CI.