-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.spectral.yml
126 lines (126 loc) · 4.63 KB
/
.spectral.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
extends:
- - 'spectral:oas'
- all
rules:
required-unauthorized-response:
description: 'If this operation has a security scheme the 401 Unauthorized response is probably needed. Careful for false positives!'
given: '$.paths.*[*].responses'
recommended: true
severity: error
then:
field: '401'
function: truthy
required-forbidden-response:
description: 'If this operation has a security scheme the 403 Forbidden response is probably needed. Careful for false positives!'
given: '$.paths.*[*].responses'
recommended: true
severity: error
then:
field: '403'
function: truthy
required-not-found-response:
description: 'This operation needs to have a 404 response. Careful for false positives!'
given: "$.paths.*[?( @property === 'get' || @property === 'put' || @property === 'delete')].responses"
recommended: true
severity: error
then:
field: '404'
function: truthy
required-bad-request-response:
description: 'This POST operation needs to have a 400 response. Careful for false positives!'
given: "$.paths.*[?( @property === 'post' )].responses"
recommended: true
severity: error
then:
field: '400'
function: truthy
summary-approved-verbs:
description: 'Operation `summary` should use a standard verb (Create, Read, Update, Delete) at the beginning.'
given: "$.paths.*[?( @property === 'get' || @property === 'put' || @property === 'post' || @property === 'delete' || @property === 'options' || @property === 'head' || @property === 'patch' || @property === 'trace' )]"
recommended: true
type: style
then:
field: summary
function: pattern
functionOptions:
match: '^(Create|Read|Update|Delete)'
tags:
- operation
severity: error
operation-summary-formatted:
description: Operation `summary` should start with upper case and end with a dot.
given: "$.paths.*[?( @property === 'get' || @property === 'put' || @property === 'post' || @property === 'delete' || @property === 'options' || @property === 'head' || @property === 'patch' || @property === 'trace' )]"
recommended: true
type: style
then:
field: summary
function: pattern
functionOptions:
match: "^[A-Z].*\\.$"
tags:
- operation
severity: error
operation-description-formatted:
description: Operation `description` should start with upper case and end with a dot.
given: "$.paths.*[?( @property === 'get' || @property === 'put' || @property === 'post' || @property === 'delete' || @property === 'options' || @property === 'head' || @property === 'patch' || @property === 'trace' )]"
recommended: true
type: style
then:
field: description
function: pattern
functionOptions:
match: "^[A-Z].*\\.$"
tags:
- operation
severity: error
semver:
description: Require 3-part Semantic Versions as the spec versions
severity: error
recommended: true
message: 'Specs should follow semantic versioning. {{value}} is not a valid version.'
given: $.info.version
then:
function: pattern
functionOptions:
match: '^([0-9]+.[0-9]+.[0-9]+)$'
oas3-operation-security-defined: error
oas3-parameter-description: error
oas3-server-not-example.com: error
oas3-server-trailing-slash: error
openapi-tags: error
openapi-tags-alphabetical: error
operation-2xx-response: error
operation-default-response: error
operation-description: error
operation-operationId: error
operation-operationId-valid-in-url: error
operation-parameters: error
operation-singular-tag: error
operation-tag-defined: error
operation-tags: error
path-declarations-must-exist: error
path-keys-no-trailing-slash: error
path-not-include-query: error
path-params: error
tag-description: error
oas2-unused-definition: error
except:
'api/openapi.yaml#/paths/~1organizations/get/responses':
- required-forbidden-response
- required-not-found-response
'api/openapi.yaml#/paths/~1users/get/responses':
- required-not-found-response
'api/openapi.yaml#/paths/~1user~1anonymous/post/responses':
- required-bad-request-response
- required-forbidden-response
'api/openapi.yaml#/paths/~1user~1login/post/responses':
- required-bad-request-response
- required-forbidden-response
'api/openapi.yaml#/paths/~1user~1password~1recovery/post/responses':
- required-bad-request-response
- required-unauthorized-response
- required-forbidden-response
'api/openapi.yaml#/paths/~1version/get/responses':
- required-unauthorized-response
- required-forbidden-response
- required-not-found-response