fix(sdd): add Spectral ruleset so contract-validate passes

Spectral v6 ships no implicit ruleset — the CI job exited 'no ruleset found'. Adds .spectral.yaml (extends spectral:oas, documentation-only warnings relaxed for design-time stubs), adds operation tags to the _example contract so it lints clean (0 results), and aligns the api-contract-stub note. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 12:16:48 +02:00
parent d50e239a2f
commit dc25b77a1c
3 changed files with 24 additions and 4 deletions
--- a/.specify/features/_example/api-contract.yaml
+++ b/.specify/features/_example/api-contract.yaml
@@ -45,6 +45,7 @@ paths:
  /api/users/me/avatar:
    post:
      summary: Upload or replace the current user's avatar
+      tags: [Users]
      operationId: uploadMyAvatar
      security:
        - cookieAuth: []
@@ -78,6 +79,7 @@ paths:
              schema: { $ref: '#/components/schemas/ErrorResponse' }
    delete:
      summary: Remove the current user's avatar
+      tags: [Users]
      operationId: deleteMyAvatar
      security:
        - cookieAuth: []
@@ -95,6 +97,7 @@ paths:
  /api/users/{id}/avatar:
    get:
      summary: Stream a user's avatar image (authenticated proxy)
+      tags: [Users]
      operationId: getUserAvatar
      security:
        - cookieAuth: []
@@ -113,6 +116,7 @@ paths:
        '404': { description: User has no avatar, content: { application/json: { schema: { $ref: '#/components/schemas/ErrorResponse' } } } }
    delete:
      summary: Remove another user's avatar (admin only)
+      tags: [Users]
      operationId: deleteUserAvatar
      description: Requires Permission.ADMIN_USER (enforced by @RequirePermission on the controller).
      security: