S&P Global · API Governance Rules

S&P Global API Rules

Spectral linting rules defining API design standards and conventions for S&P Global.

8 Rules error 1 warn 7
View Rules File View on GitHub

Rule Categories

spg

Rules

warn
spg-summary-title-case
All operation summaries must use Title Case
$.paths[*][*].summary
warn
spg-tags-title-case
All tags must use Title Case
$.paths[*][*].tags[*]
error
spg-bearer-auth-required
All non-auth operations must use Bearer token authentication
$.paths[?(!@ == '/auth/api')][get,post,put,patch,delete]
warn
spg-operation-ids-camel-case
Operation IDs must use camelCase
$.paths[*][*].operationId
warn
spg-date-params-format
Date parameters must use YYYY-MM-DD format
$.paths[*][*].parameters[?(@.name =~ /[Dd]ate/)]
warn
spg-pagination-params
List operations should include pageSize and page parameters
$.paths[*][get]
warn
spg-parameters-have-descriptions
All parameters must have descriptions
$.paths[*][*].parameters[*]
warn
spg-schema-names-pascal-case
Component schema names must use PascalCase
$.components.schemas[*]~

Spectral Ruleset

Raw ↑ 
extends: spectral:oas
rules:
  spg-summary-title-case:
    description: All operation summaries must use Title Case
    message: "Operation summary '{{value}}' must use Title Case"
    severity: warn
    given: "$.paths[*][*].summary"
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][a-zA-Z0-9]*(\\s[A-Z&][a-zA-Z0-9]*)*$"

  spg-tags-title-case:
    description: All tags must use Title Case
    message: "Tag '{{value}}' must use Title Case"
    severity: warn
    given: "$.paths[*][*].tags[*]"
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][a-zA-Z0-9 &]*$"

  spg-bearer-auth-required:
    description: All non-auth operations must use Bearer token authentication
    message: "Operations must use Bearer authentication"
    severity: error
    given: "$.paths[?(!@ == '/auth/api')][get,post,put,patch,delete]"
    then:
      field: security
      function: truthy

  spg-operation-ids-camel-case:
    description: Operation IDs must use camelCase
    message: "Operation ID '{{value}}' must use camelCase"
    severity: warn
    given: "$.paths[*][*].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  spg-date-params-format:
    description: Date parameters must use YYYY-MM-DD format
    message: "Date query parameters must be formatted as YYYY-MM-DD"
    severity: warn
    given: "$.paths[*][*].parameters[?(@.name =~ /[Dd]ate/)]"
    then:
      field: schema.format
      function: enumeration
      functionOptions:
        values:
          - date
          - date-time

  spg-pagination-params:
    description: List operations should include pageSize and page parameters
    message: "Collection GET endpoints should include pageSize and page parameters"
    severity: warn
    given: "$.paths[*][get]"
    then:
      function: schema
      functionOptions:
        schema:
          type: object

  spg-parameters-have-descriptions:
    description: All parameters must have descriptions
    message: "Parameter must include a description"
    severity: warn
    given: "$.paths[*][*].parameters[*]"
    then:
      field: description
      function: truthy

  spg-schema-names-pascal-case:
    description: Component schema names must use PascalCase
    message: "Schema name must use PascalCase"
    severity: warn
    given: "$.components.schemas[*]~"
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][a-zA-Z0-9&]*$"