Flickr · API Governance Rules

Flickr API Rules

Spectral linting rules defining API design standards and conventions for Flickr.

35 Rules error 13 warn 21 info 1
View Rules File View on GitHub

Rule Categories

flickr

Rules

warn
flickr-info-title-prefix
Spec title should start with "Flickr".
$.info.title
warn
flickr-info-description-required
API description must be present and substantive.
$.info.description
warn
flickr-info-contact-required
An info.contact block is required.
$.info.contact
warn
flickr-info-tos-required
termsOfService should be set (Flickr API ToS).
$.info.termsOfService
error
flickr-openapi-version
OpenAPI version must be 3.0.x.
$.openapi
error
flickr-servers-required
At least one server must be declared.
$.servers
error
flickr-servers-https
All Flickr API servers MUST use HTTPS.
$.servers[*].url
warn
flickr-servers-flickr-host
Servers should point at api.flickr.com or up.flickr.com.
$.servers[*].url
warn
flickr-paths-rest-prefix
Per-method paths should live under /rest or be the bare /rest dispatcher; uploads under /upload.
$.paths.*~
warn
flickr-paths-method-naming
Per-method paths should match /rest/flickr.{namespace}.{method} using camelCase method names.
$.paths.*~
error
flickr-paths-no-trailing-slash
Paths must not end with a trailing slash.
$.paths.*~
error
flickr-operation-id-required
Every operation must have an operationId.
$.paths.*[get,post,put,delete,patch].operationId
warn
flickr-operation-id-camel-case
operationId must be camelCase.
$.paths.*[get,post,put,delete,patch].operationId
error
flickr-operation-summary-required
Every operation must have a summary.
$.paths.*[get,post,put,delete,patch].summary
warn
flickr-operation-summary-title-case
Operation summaries should be in Title Case.
$.paths.*[get,post,put,delete,patch].summary
warn
flickr-operation-description-required
Every operation must have a description.
$.paths.*[get,post,put,delete,patch].description
error
flickr-operation-tags-required
Every operation must have at least one tag.
$.paths.*[get,post,put,delete,patch].tags
warn
flickr-tags-global-required
Global tags array must be declared at root.
$.tags
warn
flickr-tags-title-case
Tag names should be Title Case (e.g. "Photos Geo").
$.tags[*].name
warn
flickr-tags-description-required
Every global tag should have a description.
$.tags[*].description
warn
flickr-parameter-description-required
Every inline parameter should have a description.
$.paths.*[get,post,put,delete,patch].parameters[?(@.in)].description
warn
flickr-parameter-snake-case
Query parameter names must be snake_case (Flickr convention).
$.paths.*[get,post,put,delete,patch].parameters[?(@.in=='query')].name
warn
flickr-parameter-api-key-required
api_key parameter must be present on REST operations.
$.paths.*[get,post,put,delete,patch].parameters[?(@.in=='query' && @.name=='api_key')]
error
flickr-parameter-schema-required
Every parameter must declare a schema with a type.
$.paths.*[get,post,put,delete,patch].parameters[?(@.in)].schema
error
flickr-requestbody-content-required
Request bodies must declare content media types.
$.paths.*[post,put,patch].requestBody.content
error
flickr-response-200-required
Every operation must declare a 200 response.
$.paths.*[get,post,put,delete,patch].responses
warn
flickr-response-content-required
Successful responses should declare a content media type.
$.paths.*[get,post,put,delete,patch].responses[?(@property.match(/^2/))].content
warn
flickr-response-json-preferred
Successful responses should include application/json.
$.paths.*[get,post,put,delete,patch].responses[?(@property.match(/^2/))].content
warn
flickr-schema-property-snake-case
Schema property names should be snake_case to match Flickr response shape (allow _content underscore-prefix).
$.components.schemas[*].properties[*]~
warn
flickr-schema-type-required
Top-level schemas must declare a type.
$.components.schemas[*]
error
flickr-security-global-defined
Global security must be defined.
$.security
error
flickr-security-scheme-apikey
An ApiKeyAuth security scheme must be defined.
$.components.securitySchemes.ApiKeyAuth
warn
flickr-security-scheme-oauth
An OAuth1 security scheme placeholder must be defined for write/delete operations.
$.components.securitySchemes.OAuth1
error
flickr-get-no-request-body
GET operations must not declare a request body.
$.paths.*.get.requestBody
info
flickr-microcks-operation-extension
Each operation should declare x-microcks-operation for mock-friendly tooling.
$.paths.*[get,post,put,delete,patch]

Spectral Ruleset

Raw ↑ 
# Flickr API Spectral Ruleset
#
# Enforces the conventions observed across the Flickr REST API:
#   - Single dispatcher endpoint pattern: /rest/flickr.{namespace}.{method}
#   - api_key + OAuth 1.0a auth
#   - snake_case query parameters
#   - JSON responses with a top-level `stat` field
#   - Operation IDs are camelCase matching the method name
#   - Tags are Title Case namespace groupings (e.g. "Photos", "Photos Geo")

extends: [[spectral:oas, recommended]]

rules:
  # ============================================================
  # INFO / METADATA
  # ============================================================
  flickr-info-title-prefix:
    description: Spec title should start with "Flickr".
    severity: warn
    given: $.info.title
    then:
      function: pattern
      functionOptions:
        match: "^Flickr"
  flickr-info-description-required:
    description: API description must be present and substantive.
    severity: warn
    given: $.info.description
    then:
      function: length
      functionOptions:
        min: 80
  flickr-info-contact-required:
    description: An info.contact block is required.
    severity: warn
    given: $.info.contact
    then:
      function: truthy
  flickr-info-tos-required:
    description: termsOfService should be set (Flickr API ToS).
    severity: warn
    given: $.info.termsOfService
    then:
      function: pattern
      functionOptions:
        match: "^https://"

  # ============================================================
  # OPENAPI VERSION
  # ============================================================
  flickr-openapi-version:
    description: OpenAPI version must be 3.0.x.
    severity: error
    given: $.openapi
    then:
      function: pattern
      functionOptions:
        match: "^3\\.0\\."

  # ============================================================
  # SERVERS
  # ============================================================
  flickr-servers-required:
    description: At least one server must be declared.
    severity: error
    given: $.servers
    then:
      function: length
      functionOptions:
        min: 1
  flickr-servers-https:
    description: All Flickr API servers MUST use HTTPS.
    severity: error
    given: $.servers[*].url
    then:
      function: pattern
      functionOptions:
        match: "^https://"
  flickr-servers-flickr-host:
    description: Servers should point at api.flickr.com or up.flickr.com.
    severity: warn
    given: $.servers[*].url
    then:
      function: pattern
      functionOptions:
        match: "flickr\\.com"

  # ============================================================
  # PATHS — NAMING CONVENTIONS
  # ============================================================
  flickr-paths-rest-prefix:
    description: Per-method paths should live under /rest or be the bare /rest dispatcher; uploads under /upload.
    severity: warn
    given: $.paths.*~
    then:
      function: pattern
      functionOptions:
        match: "^/(rest|upload)"
  flickr-paths-method-naming:
    description: Per-method paths should match /rest/flickr.{namespace}.{method} using camelCase method names.
    severity: warn
    given: $.paths.*~
    then:
      function: pattern
      functionOptions:
        match: "^/(rest(/flickr\\.[a-z]+(\\.[a-z]+){0,3}\\.[a-z][a-zA-Z]*)?|upload)$"
  flickr-paths-no-trailing-slash:
    description: Paths must not end with a trailing slash.
    severity: error
    given: $.paths.*~
    then:
      function: pattern
      functionOptions:
        notMatch: ".+/$"

  # ============================================================
  # OPERATIONS
  # ============================================================
  flickr-operation-id-required:
    description: Every operation must have an operationId.
    severity: error
    given: $.paths.*[get,post,put,delete,patch].operationId
    then:
      function: truthy
  flickr-operation-id-camel-case:
    description: operationId must be camelCase.
    severity: warn
    given: $.paths.*[get,post,put,delete,patch].operationId
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"
  flickr-operation-summary-required:
    description: Every operation must have a summary.
    severity: error
    given: $.paths.*[get,post,put,delete,patch].summary
    then:
      function: truthy
  flickr-operation-summary-title-case:
    description: Operation summaries should be in Title Case.
    severity: warn
    given: $.paths.*[get,post,put,delete,patch].summary
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z]"
  flickr-operation-description-required:
    description: Every operation must have a description.
    severity: warn
    given: $.paths.*[get,post,put,delete,patch].description
    then:
      function: truthy
  flickr-operation-tags-required:
    description: Every operation must have at least one tag.
    severity: error
    given: $.paths.*[get,post,put,delete,patch].tags
    then:
      function: length
      functionOptions:
        min: 1

  # ============================================================
  # TAGS
  # ============================================================
  flickr-tags-global-required:
    description: Global tags array must be declared at root.
    severity: warn
    given: $.tags
    then:
      function: truthy
  flickr-tags-title-case:
    description: Tag names should be Title Case (e.g. "Photos Geo").
    severity: warn
    given: $.tags[*].name
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][A-Za-z0-9 ]*$"
  flickr-tags-description-required:
    description: Every global tag should have a description.
    severity: warn
    given: $.tags[*].description
    then:
      function: truthy

  # ============================================================
  # PARAMETERS
  # ============================================================
  flickr-parameter-description-required:
    description: Every inline parameter should have a description.
    severity: warn
    given: $.paths.*[get,post,put,delete,patch].parameters[?(@.in)].description
    then:
      function: truthy
  flickr-parameter-snake-case:
    description: Query parameter names must be snake_case (Flickr convention).
    severity: warn
    given: $.paths.*[get,post,put,delete,patch].parameters[?(@.in=='query')].name
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-z0-9_]*$"
  flickr-parameter-api-key-required:
    description: api_key parameter must be present on REST operations.
    severity: warn
    given: $.paths.*[get,post,put,delete,patch].parameters[?(@.in=='query' && @.name=='api_key')]
    then:
      function: truthy
  flickr-parameter-schema-required:
    description: Every parameter must declare a schema with a type.
    severity: error
    given: $.paths.*[get,post,put,delete,patch].parameters[?(@.in)].schema
    then:
      function: truthy

  # ============================================================
  # REQUEST BODIES
  # ============================================================
  flickr-requestbody-content-required:
    description: Request bodies must declare content media types.
    severity: error
    given: $.paths.*[post,put,patch].requestBody.content
    then:
      function: truthy

  # ============================================================
  # RESPONSES
  # ============================================================
  flickr-response-200-required:
    description: Every operation must declare a 200 response.
    severity: error
    given: $.paths.*[get,post,put,delete,patch].responses
    then:
      field: "200"
      function: truthy
  flickr-response-content-required:
    description: Successful responses should declare a content media type.
    severity: warn
    given: $.paths.*[get,post,put,delete,patch].responses[?(@property.match(/^2/))].content
    then:
      function: truthy
  flickr-response-json-preferred:
    description: Successful responses should include application/json.
    severity: warn
    given: $.paths.*[get,post,put,delete,patch].responses[?(@property.match(/^2/))].content
    then:
      field: application/json
      function: truthy

  # ============================================================
  # SCHEMAS — PROPERTY NAMING
  # ============================================================
  flickr-schema-property-snake-case:
    description: Schema property names should be snake_case to match Flickr response shape (allow _content underscore-prefix).
    severity: warn
    given: $.components.schemas[*].properties[*]~
    then:
      function: pattern
      functionOptions:
        match: "^_?[a-z][a-z0-9_]*$"
  flickr-schema-type-required:
    description: Top-level schemas must declare a type.
    severity: warn
    given: $.components.schemas[*]
    then:
      field: type
      function: truthy

  # ============================================================
  # SECURITY
  # ============================================================
  flickr-security-global-defined:
    description: Global security must be defined.
    severity: error
    given: $.security
    then:
      function: truthy
  flickr-security-scheme-apikey:
    description: An ApiKeyAuth security scheme must be defined.
    severity: error
    given: $.components.securitySchemes.ApiKeyAuth
    then:
      function: truthy
  flickr-security-scheme-oauth:
    description: An OAuth1 security scheme placeholder must be defined for write/delete operations.
    severity: warn
    given: $.components.securitySchemes.OAuth1
    then:
      function: truthy

  # ============================================================
  # HTTP METHOD CONVENTIONS
  # ============================================================
  flickr-get-no-request-body:
    description: GET operations must not declare a request body.
    severity: error
    given: $.paths.*.get.requestBody
    then:
      function: falsy

  # ============================================================
  # MICROCKS / MOCKING
  # ============================================================
  flickr-microcks-operation-extension:
    description: Each operation should declare x-microcks-operation for mock-friendly tooling.
    severity: info
    given: $.paths.*[get,post,put,delete,patch]
    then:
      field: x-microcks-operation
      function: truthy