AB Tasty · API Governance Rules

AB Tasty API Rules

Spectral linting rules defining API design standards and conventions for AB Tasty.

40 Rules error 13 warn 22 info 5

Rule Categories

delete examples get info microcks no openapi operation parameter paths post request response schema security servers tag

Rules

error

info-title-required

API info must have a title

$.info

warn

info-title-prefix

API title should start with "AB Tasty"

$.info.title

error

info-description-required

API info must have a description

$.info

warn

info-description-min-length

API description should be meaningful (at least 30 characters)

$.info.description

error

info-version-required

API info must have a version

$.info

warn

info-contact-required

API info should have contact information

$.info

warn

openapi-version-3

Should use OpenAPI 3.x

error

servers-defined

Servers must be defined

error

servers-https

Server URLs must use HTTPS

$.servers[*].url

warn

servers-description

Each server should have a description

$.servers[*]

warn

paths-kebab-case

Path segments should use kebab-case

$.paths[*]~

warn

paths-no-trailing-slash

Paths should not have trailing slashes

$.paths[*]~

error

operation-summary-required

Every operation must have a summary

$.paths[*][get,post,put,patch,delete,options,head]

warn

operation-summary-prefix

Operation summaries should start with "AB Tasty"

$.paths[*][get,post,put,patch,delete,options,head].summary

warn

operation-description-required

Every operation must have a description

$.paths[*][get,post,put,patch,delete,options,head]

error

operation-id-required

Every operation must have an operationId

$.paths[*][get,post,put,patch,delete,options,head]

warn

operation-id-camel-case

operationId should use camelCase

$.paths[*][get,post,put,patch,delete,options,head].operationId

error

operation-tags-required

Every operation must have at least one tag

$.paths[*][get,post,put,patch,delete,options,head]

warn

tag-global-defined

Tags used in operations should be defined at the global level

$.tags

info

tag-description

Global tags should have descriptions

$.tags[*]

warn

parameter-description-required

All parameters must have a description

$..parameters[*]

warn

parameter-schema-type

All parameters should have a schema with type defined

$..parameters[*].schema

warn

parameter-api-key-in-header

API keys should be passed in headers, not query parameters

$.components.securitySchemes[?(@.type == 'apiKey')]

warn

request-body-content-type

Request bodies should use application/json content type

$.paths[*][post,put,patch].requestBody.content

error

response-success-required

Operations must have at least one 2xx response

$.paths[*][get,post,put,patch,delete]

error

response-description-required

All responses must have a description

$.paths[*][*].responses[*]

warn

response-401-for-secured-endpoints

Secured endpoints should document 401 responses

$.paths[*][post,get,put,delete].responses

info

response-429-rate-limit

APIs with rate limits should document 429 responses

$.paths[*][post].responses

warn

schema-description-required

Top-level schemas should have descriptions

$.components.schemas[*]

warn

schema-property-type

Schema properties should have types defined

$.components.schemas[*].properties[*]

info

schema-property-description

Schema properties should have descriptions

$.components.schemas[*].properties[*]

error

security-schemes-defined

Security schemes should be defined in components

$.components.securitySchemes

warn

security-scheme-description

Security schemes should have descriptions

$.components.securitySchemes[*]

warn

security-global-defined

Global security should be defined

error

get-no-request-body

GET operations should not have request bodies

$.paths[*].get

warn

delete-no-request-body

DELETE operations should not have request bodies

$.paths[*].delete

warn

post-should-have-request-body

POST operations should have request bodies

$.paths[*].post

error

no-empty-descriptions

Descriptions should not be empty strings

$..description

info

examples-encouraged

Schema properties should have examples

$.components.schemas[*].properties[*]

info

microcks-operation-extension

Operations should have x-microcks-operation extension for mock compatibility

$.paths[*][get,post,put,patch,delete]