Issue with undefined core function and custom extensions

[christosgkoros]

Describe the bug When searching for custom extensions non-existence under $paths.*.* (verbs) any custom extension (starting with x-) under apath.* (resource name) will trigger the rule

To Reproduce

1. Given this OpenAPI/AsyncAPI document

   
   openapi: 3.0.3
   info:
   version: 1.0.0
   title: Valid Definition
   description: A definition to perform positive test on the full ruleset
   contact:
   name: Test
   email: test@test.com
   servers:
   - url: "https://ruleset-beta.tech"

paths: /resource: x-test: test

and the given rule:

rules: test_verb_ext: formats:

• oas3 given: $.paths[][] then: field: x-custom-extension function: undefined message: '{{error}}' description: test verb custom extension severity: warn

  2. Run the Javascript API

  const oneRuleSpectral = new Spectral(); oneRuleSpectral.setRuleset({ rules: { [rule.name]: rule.definition // Creating a ruleset with a single rule. } }); const results = await oneRuleSpectral.run(targetDocument);

  4. See error

  "x-test" property must be undefined

Expected behavior No error since x-test is not mentioned in the ruleset.

Environment (remove any that are not applicable):

• Library version: [e.g. 1.18.0]
• OS: [e.g. MacOS Ventura 13]

Additional context Add any other context about the problem here.

[arno-di-loreto]

I did some tests, and it seems that if given returns an atomic like a string (so not an object), then.field is ignored, and the function is applied to the atomic value.

In the example above, the given path returns the value of x-test, which is a string "test", so the field.then is ignored and the undefined function is applied to this value, so an issue is detected. If we replace the value of x-test with an object, as shown below, the bug doesn't occur. In that case, the returned value is value: value an object, so field is used and as this object doesn't contain the x-custom-extension property, no issue is detected (as expected).

openapi: 3.0.3
info:
  version: 1.0.0
  title: Valid Definition
  description: A definition to perform positive test on the full ruleset
  contact:
    name: Test
    email: test@test.com
servers:
  - url: "https://ruleset-beta.tech"

paths:
  /resource:
    x-test: 
      value: value

The expected behavior would be "if the value found by the given path is not an object and then.field is defined, the then.function is not executed".

Temporary workaround: In that specific case, as this rule aims to ensure that the extension is not present, it can be modified as follow (move the value of field in the given path) to avoid the bug.

rules:
 test_verb_ext:
  formats:
   - oas3
  given: $.paths[*][*].x-custom-extension
  then:
   function: undefined
  message: '{{error}}'
  description: test verb custom extension
  severity: warn