extends:
- spectral:oas
# - https://italia.github.io/api-oas-checker/spectral.yml
- https://italia.github.io/api-oas-checker/spectral-generic.yml
- https://italia.github.io/api-oas-checker/spectral-security.yml
functionsDir: './functions'
functions:
- pagination-response
rules:
no-default-additionalProperties: hint
string-maxlength: hint
typed-enum: error
response-with-json-object: error
# Disabled, since we don't want a /status endpoint.
# See https://git.fitko.de/fit-connect/api/-/merge_requests/37
paths-status: off
paths-status-return-problem: off
paths-status-problem-schema: off
use-semver: off
patch-media-type: off
cache-responses-undocumented: off
check-for-pagination:
description: An operation that returns a list and less than 4 properties could perhaps support pagination.
message: '{{error}}'
severity: warn
given:
- $.paths.*[get]
then:
function: pagination-response
patch-without-request-body: # Remove once upstream ruleset is fixed (https://github.com/italia/api-oas-checker/pull/454)
description: |-
The PATCH method requests that a set of changes described in the
`requestBody` be applied to the target resource.
A PATCH specification without a `requestBody`
just applies no changes to the target resource.
Since PATCH has impacts on caches, using it
on a different target resource may result in non-interoperable
behavior.
For example, to modify the resource at `/user/123`,
you can use the following PATCH request:
```
PATCH /user/123
Content-Type: application/json-patch
{"op": "replace", "path": "enable", "value": true}
```
or POST request with the semantic implied by the target url:
```
POST /user/123/enable
```
Instead, the following request
is expected to modify the `/user/123/enable`
subresource, and not the `/user/123` one.
```
PATCH /user/123/enable
````
message: PATCH requires a non empty requestBody.
severity: error
given: $.paths.*.patch
then:
- field: requestBody
function: defined
- field: requestBody.required
function: truthy