Spanning · API Governance Rules

Spanning API Rules

Spectral linting rules defining API design standards and conventions for Spanning.

8 Rules error 1 warn 5 info 2
View Rules File View on GitHub

Rule Categories

spanning

Rules

warn
spanning-operation-summary-title-case
All operation summaries must use Title Case
$.paths[*][*].summary
warn
spanning-operation-id-camel-case
All operationIds must use camelCase
$.paths[*][*].operationId
warn
spanning-tags-title-case
All tags must use Title Case
$.tags[*].name
warn
spanning-operations-require-security
All operations must specify security requirements
$.paths[*][*]
warn
spanning-response-must-have-description
All responses must have a description
$.paths[*][*].responses[*]
info
spanning-schema-properties-have-descriptions
Schema properties should have descriptions
$.components.schemas[*].properties[*]
error
spanning-servers-must-be-https
All server URLs must use HTTPS
$.servers[*].url
info
spanning-security-scheme-is-api-key
Spanning APIs use API key authentication
$.components.securitySchemes[*]

Spectral Ruleset

Raw ↑ 
rules:
  spanning-operation-summary-title-case:
    description: All operation summaries must use Title Case
    message: Operation summary "{{value}}" must use Title Case
    severity: warn
    given: "$.paths[*][*].summary"
    then:
      function: pattern
      functionOptions:
        match: "^([A-Z][a-z0-9-]*)(\\s[A-Z][a-z0-9-]*)*$"

  spanning-operation-id-camel-case:
    description: All operationIds must use camelCase
    message: OperationId "{{value}}" must use camelCase
    severity: warn
    given: "$.paths[*][*].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  spanning-tags-title-case:
    description: All tags must use Title Case
    message: Tag "{{value}}" must use Title Case
    severity: warn
    given: "$.tags[*].name"
    then:
      function: pattern
      functionOptions:
        match: "^([A-Z][a-z0-9-]*)(\\s[A-Z][a-z0-9-]*)*$"

  spanning-operations-require-security:
    description: All operations must specify security requirements
    message: Operation must define security requirements
    severity: warn
    given: "$.paths[*][*]"
    then:
      field: security
      function: truthy

  spanning-response-must-have-description:
    description: All responses must have a description
    message: Response must have a description
    severity: warn
    given: "$.paths[*][*].responses[*]"
    then:
      field: description
      function: truthy

  spanning-schema-properties-have-descriptions:
    description: Schema properties should have descriptions
    message: Schema property "{{path}}" should have a description
    severity: info
    given: "$.components.schemas[*].properties[*]"
    then:
      field: description
      function: truthy

  spanning-servers-must-be-https:
    description: All server URLs must use HTTPS
    message: Server URL "{{value}}" must use HTTPS
    severity: error
    given: "$.servers[*].url"
    then:
      function: pattern
      functionOptions:
        match: "^https://"

  spanning-security-scheme-is-api-key:
    description: Spanning APIs use API key authentication
    message: Security scheme should be apiKey type
    severity: info
    given: "$.components.securitySchemes[*]"
    then:
      field: type
      function: enumeration
      functionOptions:
        values:
          - apiKey