v2.0.1

2.0.1 (2024-03-12)

Bug Fixes

• use tostring to match url (#64) (913348e)

v2.0.0

2.0.0 (2024-03-05)

Features

• Removes duplicated test case

• Moves API3 rules that focused on defining 400, 401, 500 responses out into API8.

• Adds unevaluatedproperties rule for OAS 3.1

• Adds owasp-api3-2023-constrained-additional/unevaluated tests

• Updates year on api1 and api2 unchanged

• Renames api4:2019 to api4:2023 only

• Adds owasp:api2:2023-write-restricted and owasp:api2:2023-read-restricted

• Fixes #25: adds owasp:api5:2023-admin-security-unique

• Fixes #21 and makes no-nimeric-ids support any string

• Adds support for no-server-http to use relative path.

• Partially fixes #52: Require servers use x-internal true/false to explicitly explain what is public or internal for documentation tools

• Fixes #52: Servers, define which environment is the API running in

BREAKING CHANGES

• Adds/Removes rule to cater for OWASP 2023 top 10 list

v1.4.3

1.4.3 (2023-04-06)

Bug Fixes

• do not warn if an operation defines 400 and 422 responses (#38) (2fd49c3)

v1.4.2

1.4.2 (2023-03-29)

Bug Fixes

• tweak jsonpath expeession (#40) (143d735)

v1.4.1

1.4.1 (2023-03-29)

Bug Fixes

• module.exports present in ESM bundle (#39) (d27fcbd)

v1.4.0

1.4.0 (2022-12-31)

Features

• rate limit responses check for content too (95b862d)

v1.3.0

1.3.0 (2022-12-31)

Features

• 401 messages now require content too (2791084)
• 500 messages now require content too (edb735b)

v1.2.2

1.2.2 (2022-12-29)

Bug Fixes

• update spectral functions and types (4cfca98)

v1.2.1

1.2.1 (2022-12-07)

Bug Fixes

• improve the type array lookup (#20) (c941063)

v1.2.0

1.2.0 (2022-11-16)

Features

• added owasp api limits for array, string and integer (8b95700), closes #16