Trelica · API Governance Rules

Trelica API Rules

Spectral linting rules defining API design standards and conventions for Trelica.

13 Rules error 2 warn 7 info 4
View Rules File View on GitHub

Rule Categories

trelica

Rules

warn
trelica-operation-id-camel-case
Operation IDs must use camelCase
$.paths[*][*].operationId
warn
trelica-operation-summary-title-case
Operation summaries must use Title Case
$.paths[*][*].summary
info
trelica-pagination-cursor-pattern
List operations should support cursor-based pagination with 'after' parameter
$.paths[*].get
info
trelica-limit-parameter
List operations should include a limit parameter
$.paths[*].get.parameters[*]
error
trelica-security-defined
All operations must define security requirements
$.paths[*][get,post,put,patch,delete]
error
trelica-response-200-defined
All GET operations must define a 200 response
$.paths[*].get
warn
trelica-response-401-defined
Operations using OAuth must define a 401 response
$.paths[*][get,post,put,patch,delete]
warn
trelica-tag-defined
All operations must have at least one tag
$.paths[*][get,post,put,patch,delete]
warn
trelica-path-kebab-case
API paths must use kebab-case
$.paths[*]~
warn
trelica-versioned-paths
API paths should include a version segment (v1, v2, etc.)
$.paths[*]~
info
trelica-scim-users-separate-pagination
SCIM endpoints use startIndex/count pagination, not cursor-based
$.paths['/scim/v2/Users'].get
warn
trelica-request-body-post
POST operations should define a request body
$.paths[*].post
info
trelica-since-filter-datetime
The 'since' filter parameter should be ISO 8601 date-time format
$.paths[*][*].parameters[?(@.name=='since')].schema

Spectral Ruleset

Raw ↑ 
rules:
  trelica-operation-id-camel-case:
    description: Operation IDs must use camelCase
    message: "Operation ID '{{value}}' must use camelCase"
    severity: warn
    given: "$.paths[*][*].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  trelica-operation-summary-title-case:
    description: Operation summaries must use Title Case
    message: "Summary '{{value}}' should use Title Case"
    severity: warn
    given: "$.paths[*][*].summary"
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][a-zA-Z0-9 ()-]*$"

  trelica-pagination-cursor-pattern:
    description: List operations should support cursor-based pagination with 'after' parameter
    message: "List operations should include 'after' pagination cursor parameter"
    severity: info
    given: "$.paths[*].get"
    then:
      function: schema
      functionOptions:
        schema:
          properties:
            parameters:
              type: array

  trelica-limit-parameter:
    description: List operations should include a limit parameter
    message: "List endpoints should support a 'limit' query parameter"
    severity: info
    given: "$.paths[*].get.parameters[*]"
    then:
      function: schema
      functionOptions:
        schema:
          type: object

  trelica-security-defined:
    description: All operations must define security requirements
    message: "Operation '{{path}}' must define security requirements"
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: security
      function: defined

  trelica-response-200-defined:
    description: All GET operations must define a 200 response
    message: "GET operation must define a 200 success response"
    severity: error
    given: "$.paths[*].get"
    then:
      field: responses.200
      function: defined

  trelica-response-401-defined:
    description: Operations using OAuth must define a 401 response
    message: "Authenticated operation should define a 401 Unauthorized response"
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: responses.401
      function: defined

  trelica-tag-defined:
    description: All operations must have at least one tag
    message: "Operation must include at least one tag"
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: tags
      function: defined

  trelica-path-kebab-case:
    description: API paths must use kebab-case
    message: "Path '{{path}}' should use kebab-case segments"
    severity: warn
    given: "$.paths[*]~"
    then:
      function: pattern
      functionOptions:
        match: "^(/[a-z0-9][a-z0-9-]*(/[a-z0-9][a-z0-9-]*|/\\{[a-zA-Z][a-zA-Z0-9]*\\})*)+$"

  trelica-versioned-paths:
    description: API paths should include a version segment (v1, v2, etc.)
    message: "Path '{{path}}' should include a version segment"
    severity: warn
    given: "$.paths[*]~"
    then:
      function: pattern
      functionOptions:
        match: "^/[a-z]+/v[0-9]"

  trelica-scim-users-separate-pagination:
    description: SCIM endpoints use startIndex/count pagination, not cursor-based
    message: "SCIM endpoints use startIndex and count parameters"
    severity: info
    given: "$.paths['/scim/v2/Users'].get"
    then:
      function: defined

  trelica-request-body-post:
    description: POST operations should define a request body
    message: "POST operation should include a requestBody"
    severity: warn
    given: "$.paths[*].post"
    then:
      field: requestBody
      function: defined

  trelica-since-filter-datetime:
    description: The 'since' filter parameter should be ISO 8601 date-time format
    message: "Parameter 'since' should use format: date-time"
    severity: info
    given: "$.paths[*][*].parameters[?(@.name=='since')].schema"
    then:
      field: format
      function: enumeration
      functionOptions:
        values:
          - date-time