Keeping track of Spectral Rulesets in the wild, covering all sorts of use-cases like enforcing organization's API Style Guides, security scanning, spellchecking, and helping folks write better quality API descriptions.
Rulesets focused on helping you design and build better APIs.
- Adidas - Adidas were one of the first companies to release their API Style Guide in a written guide and a Spectral ruleset. Lots of good rules to try in here.
- APIs You Won't Hate - An opinionated collection of rules based on advice in the book APIs You Won't Hate community.
- Box - Lots of Custom Functions being used to enforce good practices that the Box API governance folks are interested in.
- Tranascom - Don't even think about using anything other than
application/json. - SPS Commerce - Holistic and opinionated API style guide with documentation portal and associated sprectral ruleset.
Rulesets helping you write better OpenAPI or AsyncAPI, but doesn't really tell you how to write the API itself.
- Documentation - Scan an OpenAPI description to make sure you're leveraging enough of its features to help documentation tools like Stoplight Elements, ReDoc, and Swagger UI build the best quality API Reference Documentation possible.
- Azure - Ruleset and complimentary style guide for creating OpenAPI 2 or 3 definitions of Azure services.
- DigitalOcean - Keeping their OpenAPI nice and tidy, enforcing use of
$ref(probably to minimize conflicts), naming conventions for Operation IDs, and all sorts of other handy OpenAPI tips. - Monite - A written API Style Guide being implemented bit at a time with create Spectral rules, with a brilliant monite-language-non-inclusive rule.
- Nexmo - Communication company (now part of Vonage) have some handy rules like enforcing SemVer, requiring properties to have an example, and determining a preferred order of HTTP method definitions.
- Red Hat - Available as a npm module, this ruleset enforces the use of the companies preferred license, URL conventions for the whole path, and sets up consistent error responses across all APIs.
- SchwarzIT - Ruleset from the IT service provider behind Lidl, Kaufland and other companies from the Schwarz group.
- Team Digitale - The Italian government have an interesting ruleset with great caching rules, helping teams avoid confusion like using both Cache-Control and Expires at once.
- VRChat Community - Very interesting use of the
resolved: falseoption to make sure teams are using$refinstead of inlining things. Keep it DRY! - VTex - This Digital Commerce Platform loves style guides. They have one for their React components, so why not have one for their many many Web APIs.
Guiding people to write APIs that conform to certain standards, or to work with specific tooling.
- AWS Gateway - Made by @andylockran to help avoid some of the quirks of AWS Gateway's OpenAPI compatibility.
- OWASP API Security - Improve the security of your API by detecting common vulnerabilities as defined by OWASP and enforced with Spectral.
- URL Versioning - API versioning can be a scary topic but there are a few easy wins that are always best avoided.
Checkout more style guides at API Stylebook by @stoplightio and API Guidelines by @dret