You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: packages/jentic-openapi-validator-spectral/README.md
+24-12Lines changed: 24 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,6 +1,8 @@
1
1
# jentic-openapi-validator-spectral
2
2
3
-
A [Spectral](https://github.com/stoplightio/spectral) validator backend for the Jentic OpenAPI Tools ecosystem. This package provides OpenAPI document validation using Stoplight's Spectral CLI with comprehensive error reporting and flexible configuration options.
3
+
A [Spectral](https://github.com/stoplightio/spectral) validator backend for the Jentic OpenAPI Tools ecosystem. This
4
+
package provides OpenAPI document validation using Stoplight's Spectral CLI with comprehensive error reporting and
- Restricts access to allowed directories only (when `allowed_base_dir` is set)
145
149
- Validates file extensions (`.yaml`, `.yml`, `.json`) - **always enforced**, even when `allowed_base_dir=None`
146
150
- Checks symlinks don't escape boundaries (when `allowed_base_dir` is set)
147
151
- Validates both document and ruleset paths
148
152
149
-
**Note:** File extension validation (`.yaml`, `.yml`, `.json`) is always performed for filesystem paths, regardless of whether `allowed_base_dir` is set. When `allowed_base_dir=None`, only the base directory containment check is skipped.
153
+
**Note:** File extension validation (`.yaml`, `.yml`, `.json`) is always performed for filesystem paths, regardless of
154
+
whether `allowed_base_dir` is set. When `allowed_base_dir=None`, only the base directory containment check is skipped.
150
155
151
156
## Advanced Usage
152
157
@@ -196,7 +201,7 @@ Create a custom Spectral ruleset file:
196
201
197
202
```yaml
198
203
# custom-rules.yaml
199
-
extends: ["spectral:oas"]
204
+
extends: ["spectral:oas"]
200
205
201
206
rules:
202
207
info-contact: error
@@ -225,7 +230,8 @@ result = validator.validate("file:///path/to/openapi.yaml")
225
230
226
231
### Integration Tests
227
232
228
-
The integration tests require Spectral CLI to be available. They will be automatically skipped if Spectral is not installed.
233
+
The integration tests require Spectral CLI to be available. They will be automatically skipped if Spectral is not
234
+
installed.
229
235
230
236
**Run the integration test:**
231
237
@@ -240,29 +246,35 @@ uv run --package jentic-openapi-validator-spectral pytest packages/jentic-openap
-`ruleset_path`: Path to a custom ruleset file (optional)
254
261
-`timeout`: Maximum execution time in seconds
255
-
-`allowed_base_dir`: Optional base directory for path security validation. When set, all document and ruleset paths are validated to be within this directory, providing defense against path traversal attacks. When `None` (default), only file extension validation is performed (no base directory containment check). Recommended for web services or untrusted input (optional)
262
+
-`allowed_base_dir`: Optional base directory for path security validation. When set, all document and ruleset paths are
263
+
validated to be within this directory, providing defense against path traversal attacks. When `None` (default), only
264
+
file extension validation is performed (no base directory containment check). Recommended for web services or
265
+
untrusted input (optional)
256
266
257
267
**Methods:**
258
268
259
269
-`accepts() -> list[Literal["uri", "dict"]]`: Returns supported document format identifiers
260
270
-`validate(document: str|dict) -> ValidationResult`: Validates an OpenAPI document
Copy file name to clipboardExpand all lines: packages/jentic-openapi-validator-spectral/src/jentic/apitools/openapi/validator/backends/spectral/__init__.py
0 commit comments