Valid "servers" URL values cause Spectral to crash

[dpopp07]

Describe the bug
Spectral expects all URLs in the "servers" field of an API definition to create valid Node URL objects, despite the fact that this excludes valid field values according to the OpenAPI specification.

To Reproduce

1. Add this "servers" entry to any API document that would otherwise validate cleanly. It is an example copied directly from the OpenAPI specification.

servers:
- url: https://{username}.gigantic-server.com:{port}/{basePath}
  description: The production API server
  variables:
    username:
      # note! no enum here means it is an open value
      default: demo
      description: this value is assigned by the service provider, in this example `gigantic-server.com`
    port:
      enum:
        - '8443'
        - '443'
      default: '8443'
    basePath:
      # open meaning there is the opportunity to use special base paths as assigned by the provider, default is `v2`
      default: v2

2. Run Spectral CLI on the document
   spectral lint api-definition.yaml

3. See error: Error running Nimma

It's a rather uninformative error but I am aware that work is being done to address this problem. Digging a bit deeper, this is the error happening inside nimma:
RuntimeError: $ threw: NodeError("Invalid URL: https://{username}.gigantic-server.com:{port}/{basePath}")

caused by this Node exception:
cause: TypeError [ERR_INVALID_URL]: Invalid URL: https://{username}.gigantic-server.com:{port}/{basePath}

Expected behavior
I would expect URL values that are allowed by the OpenAPI specification to not cause Spectral to crash. It surprises me that 1) these values are being used to create Node URL objects and 2) that these values are not at least being resolved (with the server variables and their default values, etc.) before validated with Node. Whatever the approach is, it should allow valid values for these fields.

Environment (remove any that are not applicable):

• Library version: 6.2.1
• OS: Mac

[P0lip]

Hmmm, we don't use URL anywhere directly in the codebase. Well, we do it, but once and that's not related to the validation at all.
Feels like there might be an issue with the uri-template format. Let me check it out and get back to you.

Hm, uri-template doesn't use URL either. It uses regexp instead.
I'm having trouble reproducing the issue. The lining passes just fine for me.

We actually even have a test fixture having the very same server urls https://github.com/stoplightio/spectral/blob/develop/test-harness/scenarios/oas3.1/petstore.scenario.

Are you sure it's not a custom ruleset that has some logic that's breaking?

[dpopp07]

Thanks for looking into this!

Are you sure it's not a custom ruleset that has some logic that's breaking?

If you're not able to reproduce the issue, I suppose it must be. Though, I believe I isolated my testing of this issue from any custom rulesets and I don't think we use URL anywhere either. I'll double check to see if I missed anything the first time around. Thanks again!

[dpopp07]

Oops, turns out this is coming from a custom rule. Must've used the wrong .spectral.yaml file to test. My apologies, thanks again for investigating.