Governance Pipeline pipeline.apicommons.org

The pipeline nobody in 1,005 repos fully built.

API Evangelist read 1,005 real public GitHub pipelines running Spectral in CI. The maturity ceiling was six out of eight; two repos reached it; nobody assembled the whole blueprint — even though every piece of it already ships somewhere in the data. This repo bolts the pieces together so you fork a good fragment instead of the bad one you'd find first.

npx @stoplight/spectral-cli lint -r ruleset/.spectral.yaml examples/openapi.yaml
63%run the tool's default ruleset — not governing at all
14of 215 Action users pin by commit; the rest float on @latest
14%have any security rules at all
0of 1,005 assembled the full blueprint

The blueprint, decision by decision

PieceThe finding it fixesReal exemplar
Gate on the pull requestA third lint on push-to-main, after the mergevtex/openapi-schemas
Path-filter to spec/rulesetOnly 22% run only when the spec changedmongodb/openapi
Spectral pinned by commit SHAOnly 14 of 215 pin by commitmongodb/openapi
An owned, grounded ruleset63% run the defaultsteamdigitale (national ruleset)
A separate OWASP security jobSecurity rules in just 14%geobeyond/fastgeoapi
A human-readable reportReadable report ~7%, SARIF ~3%geobeyond/fastgeoapi
Sparse blocking severityUntuned defaults or toothless continue-on-error

What you fork

starter/api-governance.yml

Copy-paste workflow, every decision commented with the finding it fixes and the real team that proved it.

action.yml

A one-step composite action bundling the whole blueprint: spec glob, ruleset path, fail-severity, security on/off.

ruleset/

An owned, grounded example ruleset — 11 rules, only 3 blocking, each with a why and a docs link, plus positive twins for progress reporting.

examples/

A clean spec and a half-complying one that teaches, so you can watch the pipeline gate and report before you touch your own.

# In your repo
cp starter/api-governance.yml .github/workflows/
cp -r ruleset/ .          # then rewrite the rules against YOUR operations