While continuing to process the Spectral rules in use by API producers as part of their efforts to govern their API operations I am always looking for interesting and useful patterns being applied by API producers, and I recently came across the use of standardized OpenAPI extensions to override governance rules in specific circumstances. This particular use case was about enforcing encryption on server URLs, but it also provides a way to override the need for encryption using x-sandbox OpenA...
