Superhero API (akabab) · API Governance Rules

Superhero API (akabab) API Rules

Spectral linting rules defining API design standards and conventions for Superhero API (akabab).

9 Rules error 6 warn 3
View Rules File View on GitHub

Rule Categories

superheroes

Rules

error
superheroes-operation-id-required
Every operation MUST have an operationId.
$.paths[*][get,post,put,patch,delete]
error
superheroes-operation-id-camelcase
operationId MUST be camelCase.
$.paths[*][get,post,put,patch,delete].operationId
warn
superheroes-operation-summary-title-case
Operation summaries SHOULD be Title Case.
$.paths[*][get,post,put,patch,delete].summary
error
superheroes-get-only
The static API is read-only — only GET methods are allowed.
$.paths[*]
error
superheroes-json-extension-on-data-paths
Data endpoints MUST end in `.json` (static file convention).
$.paths
warn
superheroes-character-id-range
The CharacterId parameter MUST constrain id to 1..731.
$.components.parameters.CharacterId.schema
error
superheroes-image-size-enum
Image size path parameter MUST be one of xs, sm, md, lg.
$.paths['/images/{size}/{filename}'].get.parameters[?(@.name=='size')].schema
error
superheroes-license-required
The info.license block MUST be present (project is MIT-licensed).
$.info
warn
superheroes-servers-include-cdn
The servers array SHOULD include the jsDelivr CDN mirror.
$.servers[*].url

Spectral Ruleset

Raw ↑ 
extends:
  - "spectral:oas"
rules:
  # API surface conventions for the akabab/superhero-api static REST API.

  superheroes-operation-id-required:
    description: Every operation MUST have an operationId.
    given: "$.paths[*][get,post,put,patch,delete]"
    severity: error
    then:
      field: operationId
      function: truthy

  superheroes-operation-id-camelcase:
    description: operationId MUST be camelCase.
    given: "$.paths[*][get,post,put,patch,delete].operationId"
    severity: error
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  superheroes-operation-summary-title-case:
    description: Operation summaries SHOULD be Title Case.
    given: "$.paths[*][get,post,put,patch,delete].summary"
    severity: warn
    then:
      function: pattern
      functionOptions:
        match: "^([A-Z][a-zA-Z0-9]*)(\\s+[A-Z][a-zA-Z0-9]*)*$"

  superheroes-get-only:
    description: The static API is read-only — only GET methods are allowed.
    given: "$.paths[*]"
    severity: error
    then:
      function: schema
      functionOptions:
        schema:
          type: object
          additionalProperties: true
          not:
            anyOf:
              - required: [post]
              - required: [put]
              - required: [patch]
              - required: [delete]

  superheroes-json-extension-on-data-paths:
    description: Data endpoints MUST end in `.json` (static file convention).
    given: "$.paths"
    severity: error
    then:
      function: schema
      functionOptions:
        schema:
          type: object
          patternProperties:
            "^/(all|id|powerstats|appearance|biography|work|connections)":
              type: object
          additionalProperties: true

  superheroes-character-id-range:
    description: The CharacterId parameter MUST constrain id to 1..731.
    given: "$.components.parameters.CharacterId.schema"
    severity: warn
    then:
      - field: minimum
        function: truthy
      - field: maximum
        function: truthy

  superheroes-image-size-enum:
    description: Image size path parameter MUST be one of xs, sm, md, lg.
    given: "$.paths['/images/{size}/{filename}'].get.parameters[?(@.name=='size')].schema"
    severity: error
    then:
      field: enum
      function: truthy

  superheroes-license-required:
    description: The info.license block MUST be present (project is MIT-licensed).
    given: "$.info"
    severity: error
    then:
      field: license
      function: truthy

  superheroes-servers-include-cdn:
    description: The servers array SHOULD include the jsDelivr CDN mirror.
    given: "$.servers[*].url"
    severity: warn
    then:
      function: pattern
      functionOptions:
        match: "(akabab\\.github\\.io|cdn\\.jsdelivr\\.net)"