extends:
  - spectral:oas
rules:
  charityapi-info-contact:
    description: CharityAPI definition must declare contact information.
    severity: error
    given: $.info
    then:
      field: contact
      function: truthy
  charityapi-server-https:
    description: CharityAPI servers must use HTTPS.
    severity: error
    given: $.servers[*].url
    then:
      function: pattern
      functionOptions:
        match: '^https://'
  charityapi-ein-pattern:
    description: EIN path parameters must enforce the 9-digit IRS pattern.
    severity: warn
    given: $.paths[*].*.parameters[?(@.name == 'ein')].schema
    then:
      field: pattern
      function: truthy
  charityapi-operation-tags:
    description: Operations must declare at least one tag.
    severity: warn
    given: $.paths[*][get,post,put,delete,patch]
    then:
      field: tags
      function: truthy
  charityapi-rate-limit-doc:
    description: Operations should document 429 rate-limit responses.
    severity: info
    given: $.paths[*][get,post,put,delete,patch].responses
    then:
      field: '429'
      function: truthy