spectral
spectral copied to clipboard
stoplightio
Add option to support override-ready paths in Spectral diagnotsics
User story.
As a Spectral user, I can use a command line option so that the locations in Spectral's error/warning/information diagnostics use the same notation/syntax as the overrides/files notation in a Spectral ruleset.
Is your feature request related to a problem?
It is tedious and error prone to manually specify the files locations in ruleset overrides.
The diagnostics emitted by Spectral use one format that differs from that used in a ruleset.
I.e. for the Redocly Museum sample OpenAPI
and the oas and Spectral OWASP ruleset, Spectral emits many diagnostics, such as
108:17 warning owasp:api4:2023-rate-limit-responses-429 Operation is missing rate limiting response in responses[429]. paths./special-events/{eventId}.get.responses
If one wanted to add an override for a specific instance (not just disable the entire rule), one must "map" the path notation paths./special-events/{eventId}.get.responses to
overrides:
files:
- 'test/data/openapi.yaml#/paths/~1special-events~1%7BeventId%7D/get/responses'
Describe the solution you'd like
Add a command line option so that the Spectral output uses the notation required for the ruleset overrides Such as
108:17 warning owasp:api4:2023-rate-limit-responses-429 Operation is missing rate limiting response in responses[429]. test/data/openapi.yaml#/paths/~1special-events~1%7BeventId%7D/get/responses
Additional context
Note that the new location should use the relative file location, not the absolute file location that Spectral emits when processing a file, since ruleset files normally use relative files file paths (i.e. relative to the current directory when running the spectral CLI)
Another option is to add a json-pointer or similar property to each item in the output when using --format json.
I don't know which other output formats are extensible - I don't what most of the output formats
["json", "stylish", "junit", "html", "text", "teamcity", "pretty", "github-actions", "sarif", "markdown","gitlab"]
mean, so only adding to JSON will meet the need without getting too complex.
I tried to work on a PR to address this in packages/formatters/src/json.ts but when I clone the repo, yarn && yarn build yielded errors and the CONTRIBUTING guide does not make it clear how to add a dependency (the formatters uses package.json -- so how/where do I add a dependency to the json-pointer package?
@DavidBiesack We could potentially add the json pointer to the CLI output under the verbose flag. We don't think it requires a new formatter as the goal with formatters is a different formatting for the output depending on where its being used. Would you mind taking a stab at creating a PR based on that? If not, we'll add it to the list of enhancements.
Thank you @mnaumanali94 - I will try to submit a PR for this. Thank you!
@mnaumanali94
Perhaps someone can assist ... I'm following CONTRIBUTING.md
When I clone the repo, I get over 2,100 build errors, which makes contributing quite difficult.
It looks like a misconfiguration - as if tsc is trying to compile things in node_modules or perhaps not use the correct tsc?
I'm on MacOS and have yarn 3.5.0
$ yarn build
...
node_modules/@types/lodash/common/common.d.ts:262:65 - error TS1005: '?' expected.
262 type StringToNumber<T> = T extends `${infer N extends number}` ? N : never;
~
node_modules/@types/lodash/common/object.d.ts:1026:46 - error TS1005: '?' expected.
1026 : K extends `${infer N extends number}` ? T[N]
~
node_modules/@types/lodash/common/object.d.ts:1031:46 - error TS1005: '?' expected.
1031 : K extends `${infer N extends number}` ? T[N]
~
node_modules/@types/lodash/common/object.d.ts:1041:46 - error TS1005: '?' expected.
1041 : K extends `${infer N extends number}`
~
... about 2,100 other errors omitted here