Easyship · API Governance Rules

Easyship API Rules

Spectral linting rules defining API design standards and conventions for Easyship.

14 Rules error 4 warn 7 info 3
View Rules File View on GitHub

Rule Categories

easyship

Rules

warn
easyship-operation-id-camel-case
Operation IDs must use camelCase
$.paths[*][get,post,put,patch,delete].operationId
warn
easyship-path-snake-case
Path segments use lowercase snake_case or kebab-case; identifiers in curly braces (e.g. {id}) are permitted.
$.paths
error
easyship-must-have-summary
All operations must have a summary
$.paths[*][get,post,put,patch,delete]
warn
easyship-must-have-tags
All operations must have at least one tag
$.paths[*][get,post,put,patch,delete]
error
easyship-must-have-operation-id
All operations must have an operationId
$.paths[*][get,post,put,patch,delete]
warn
easyship-response-200-must-have-schema
200 responses must have a content schema
$.paths[*][get,post,put,patch,delete].responses[200]
warn
easyship-post-must-have-request-body
POST operations should have a request body
$.paths[*].post
error
easyship-security-defined
Bearer token security must be declared at the root level
$
info
easyship-bearer-auth
Easyship uses OAuth 2.0 bearer token authentication
$.components.securitySchemes[*]
error
easyship-no-trailing-slash
Paths must not have trailing slashes
$.paths
info
easyship-parameters-have-description
All parameters should have a description
$.paths[*][get,post,put,patch,delete].parameters[*]
info
easyship-country-alpha2-fields
Country fields should follow the *_alpha2 naming convention and be two-character ISO 3166-1 alpha-2 codes (string, length 2).
$..properties[?(@property.match(/.*country.*alpha2/i))]
warn
easyship-components-schemas-exist
OpenAPI spec should define component schemas
$.components
warn
easyship-version-in-server-url
Server base URL should include a versioned path segment (e.g. /2024-09)
$.servers[*].url

Spectral Ruleset

Raw ↑ 
extends: spectral:oas
rules:
  # Easyship API Naming Conventions
  easyship-operation-id-camel-case:
    description: Operation IDs must use camelCase
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]+$"

  easyship-path-snake-case:
    description: >-
      Path segments use lowercase snake_case or kebab-case; identifiers in
      curly braces (e.g. {id}) are permitted.
    severity: warn
    given: "$.paths"
    then:
      function: pattern
      functionOptions:
        match: "^(/[a-z0-9{}_-]+)+$"

  easyship-must-have-summary:
    description: All operations must have a summary
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: summary
      function: defined

  easyship-must-have-tags:
    description: All operations must have at least one tag
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: tags
      function: defined

  easyship-must-have-operation-id:
    description: All operations must have an operationId
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: operationId
      function: defined

  easyship-response-200-must-have-schema:
    description: 200 responses must have a content schema
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete].responses[200]"
    then:
      field: content
      function: defined

  easyship-post-must-have-request-body:
    description: POST operations should have a request body
    severity: warn
    given: "$.paths[*].post"
    then:
      field: requestBody
      function: defined

  easyship-security-defined:
    description: Bearer token security must be declared at the root level
    severity: error
    given: "$"
    then:
      field: security
      function: defined

  easyship-bearer-auth:
    description: Easyship uses OAuth 2.0 bearer token authentication
    severity: info
    given: "$.components.securitySchemes[*]"
    then:
      function: schema
      functionOptions:
        schema:
          type: object
          properties:
            type:
              enum: [http, oauth2]

  easyship-no-trailing-slash:
    description: Paths must not have trailing slashes
    severity: error
    given: "$.paths"
    then:
      function: pattern
      functionOptions:
        notMatch: ".*/$"

  easyship-parameters-have-description:
    description: All parameters should have a description
    severity: info
    given: "$.paths[*][get,post,put,patch,delete].parameters[*]"
    then:
      field: description
      function: defined

  easyship-country-alpha2-fields:
    description: >-
      Country fields should follow the *_alpha2 naming convention and be
      two-character ISO 3166-1 alpha-2 codes (string, length 2).
    severity: info
    given: "$..properties[?(@property.match(/.*country.*alpha2/i))]"
    then:
      function: schema
      functionOptions:
        schema:
          type: object

  easyship-components-schemas-exist:
    description: OpenAPI spec should define component schemas
    severity: warn
    given: "$.components"
    then:
      field: schemas
      function: defined

  easyship-version-in-server-url:
    description: Server base URL should include a versioned path segment (e.g. /2024-09)
    severity: warn
    given: "$.servers[*].url"
    then:
      function: pattern
      functionOptions:
        match: ".*/\\d{4}-\\d{2}.*|.*/v\\d+.*"