Skip to content

ci: pin @stoplight/spectral-rulesets to 1.22.2#1966

Merged
carlhoerberg merged 3 commits into
mainfrom
fix/pin-spectral-rulesets
May 25, 2026
Merged

ci: pin @stoplight/spectral-rulesets to 1.22.2#1966
carlhoerberg merged 3 commits into
mainfrom
fix/pin-spectral-rulesets

Conversation

@viktorerlingsson
Copy link
Copy Markdown
Member

@viktorerlingsson viktorerlingsson commented May 25, 2026
edited
Loading

Summary

  • Pin @stoplight/spectral-rulesets to 1.22.2 in the lint-openapi target.
  • 1.22.3 introduced a regression in the duplicated-entry-in-enum rule that crashes Spectral with Cannot read properties of null (reading 'enum'). See stoplightio/spectral#2959.
  • Fix is in flight upstream (#2960 / #2963)

Test plan

  • make lint-openapi passes locally with the pin (0 errors, pre-existing warnings only).
  • Lint OpenAPI passes in CI

@viktorerlingsson
ci: pin @stoplight/spectral-rulesets to 1.22.2
7767ac3 
Version 1.22.3 introduces a regression in the duplicated-entry-in-enum
rule that crashes Spectral with "Cannot read properties of null (reading
'enum')". See stoplightio/spectral#2959. Pin until the fix in #2960/#2963
is released.
@viktorerlingsson viktorerlingsson marked this pull request as ready for review May 25, 2026 14:52
@viktorerlingsson viktorerlingsson requested a review from a team as a code owner May 25, 2026 14:52
@dentarg
Copy link
Copy Markdown
Member

dentarg commented May 25, 2026
edited
Loading

  • Fix is in flight upstream (#2960 / #2963); remove the pin once released.

No, move the pin forward :) ...as we talked about in Slack

dentarg
dentarg reviewed May 25, 2026
View reviewed changes
Comment thread Makefile Outdated
@viktorerlingsson @dentarg
use long flags
76fa549 
Co-authored-by: Patrik Ragnarsson <patrik@starkast.net>
dentarg
dentarg reviewed May 25, 2026
View reviewed changes
Comment thread Makefile Outdated
dentarg
dentarg reviewed May 25, 2026
View reviewed changes
Comment thread Makefile Outdated
@viktorerlingsson
Copy link
Copy Markdown
Member Author

viktorerlingsson commented May 25, 2026

  • Fix is in flight upstream (#2960 / #2963); remove the pin once released.

No, move the pin forward :)

Oops, removed that part of the description.

Not sure how we should handle moving the pin forward. Would be nice if that is handled almost automatically (like dependabot?)

@dentarg
Copy link
Copy Markdown
Member

dentarg commented May 25, 2026

Not sure how we should handle moving the pin forward. Would be nice if that is handled almost automatically (like dependabot?)

No, I think it is a feature that it is not handled automatically. We should upgrade when there's a need, not because there's a new version. In this area, I think that is a completely fine approach.

dentarg
dentarg reviewed May 25, 2026
View reviewed changes
Comment thread Makefile Outdated
.PHONY: lint-openapi
lint-openapi:
npx --package=@stoplight/spectral-cli spectral --ruleset openapi/.spectral.json lint static/docs/openapi.yaml
npx --yes --package=@stoplight/spectral-cli -p @stoplight/spectral-rulesets@1.22.2 spectral --ruleset openapi/.spectral.json lint static/docs/openapi.yaml
Copy link
Copy Markdown
Member

@dentarg dentarg May 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This must be what we want?

Suggested change
npx --yes --package=@stoplight/spectral-cli -p @stoplight/spectral-rulesets@1.22.2 spectral --ruleset openapi/.spectral.json lint static/docs/openapi.yaml
npx --yes --package=@stoplight/spectral-rulesets@1.22.2 spectral --ruleset openapi/.spectral.json lint static/docs/openapi.yaml

Copy link
Copy Markdown
Member Author

@viktorerlingsson viktorerlingsson May 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it should be

npx --yes --package=@stoplight/spectral-cli --package=@stoplight/spectral-rulesets@1.22.2 spectral --ruleset openapi/.spectral.json lint static/docs/openapi.yaml

Copy link
Copy Markdown
Member

@dentarg dentarg May 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah right, it is the @stoplight/spectral-cli dependency @stoplight/spectral-rulesets we need to pin. That makes me wonder how many other dependencies @stoplight/spectral-cli have? That we aren't pinning?

...19 in total it seems: https://www.npmjs.com/package/@stoplight/spectral-cli?activeTab=dependencies 😐

@viktorerlingsson
Copy link
Copy Markdown
Member Author

viktorerlingsson commented May 25, 2026

No, I think it is a feature that it is not handled automatically. We should upgrade when there's a need, not because there's a new version. In this area, I think that is a completely fine approach.

Okay! Yeah I guess there's no need to be bleeding edge on lint rules :)

@carlhoerberg carlhoerberg merged commit 7b661fe into main May 25, 2026
18 of 19 checks passed
@carlhoerberg carlhoerberg deleted the fix/pin-spectral-rulesets branch May 25, 2026 20:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dentarg dentarg dentarg left review comments

Assignees

@viktorerlingsson viktorerlingsson

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@viktorerlingsson @dentarg @carlhoerberg @kickster97