Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@zapier/spectral-api-ruleset

Package Overview
Dependencies
Maintainers
0
Versions
19
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@zapier/spectral-api-ruleset

Spectral ruleset for Zapier API Guidelines.

  • 1.1.0
  • npm
  • Socket score

Version published
Weekly downloads
575
decreased by-27.12%
Maintainers
0
Weekly downloads
 
Created
Source

@zapier/spectral-api-ruleset

Node package for linting API schemas using Spectral.

OwnershipFeaturesInstallationUsageDevelopmentTesting


Ownership

#team-staff-engineering owns the API Design Guidelines and these spectral rules that help teams align with them.

MRs are always welcome!

Features

Provides a Spectral linting ruleset to lint OpenAPI schemas against Zapier's API Design Guidelines.

Installation

pnpm add -D @stoplight/spectral-cli
pnpm add -D @zapier/spectral-api-ruleset

For some reason, installing the CLI globally and running spectral lint or npx spectral lint always fails to find the package. Adding the CLI as a local dependency and then running pnpm exec spectral lint does work.

Usage

CLI

There are a few ways you can use this ruleset in your projects.

You can load the ruleset in a few different ways with Spectral.

They support direct http access, via NPM, and via the local file system.

If you'd like to extend the ruleset and and even more specific rules for your API service, you can create a local spectral.yaml that extends the ruleset:

extends:
  - '@zapier/spectral-api-ruleset'

Then run:

spectral lint your-schema.yaml

or

pnpm exec spectral lint your-schema.yaml

depending on whether you installed the CLI locally or globally.

See the Spectral CLI docs for more details.

CI

Use a GitLab job like the following:

openapi:lint:
  stage: validate
  before_script:
    - mkdir spectral
  script:
    - pnpm exec spectral lint your-schema.yaml -o spectral/junit.xml -f junit
  artifacts:
    when: always
    paths:
      - spectral
    reports:
      junit: spectral/junit.xml

For non-TypeScript projects, you can use the spectral docker image to avoid installing additional dependencies.

openapi:lint:
  stage: test
  image:
    name: stoplight/spectral:6.11.0
    entrypoint: [""]
  script:
    - spectral lint openapi.yaml
  only:
    - merge_requests

See Continuous Integration docs and our own openapi:lint guideance in the Engineering Index for more details.

Development

See CONTRIBUTING, also for information on how we use @changesets/cli to version and publish.

Setup

  1. Install dependencies:
pnpm install
  1. Run tests:
pnpm test
  1. Build the package:
pnpm run build
  1. Validate the package:
pnpm run validate

Adding Rules

You can add rules to src/index.ts. See the Alternative JS Ruleset Format docs for details.

We're using the JS format so that the package ruleset can also be used in JavaScript.

  • Provide the correct severity (error for musts and warn for shoulds).
  • Provide a clear description, as well as a documentationUrl that points to the relevant guide.
  • Provide a message, which in most cases should just be {{error}}.
  • Prefer Core Functions over Custom Functions.
  • Include a unit test for any custom functions you add to src/functions.
  • Update tests/schema.yaml to meet all rules (run pnpm run test:spectral to verify).
  • Add failing schemas to tests/__fixtures__ and run pnpm test integrations --updateSnapshot to update test/__snapshots__/integration.test.ts.snap and verify the found issues.

Testing

This project uses Vitest for testing. To run the tests:

pnpm test

Publishing

GitLab CI will automatically publish the package to NPM when a merge request is merged into the main branch.

FAQs

Package last updated on 12 Nov 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc