Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@anttiviljami/json-schema-ref-parser
Advanced tools
Parse, Resolve, and Dereference JSON Schema $ref pointers
This package needs a new maintainer or at least some contributors, or a decent number of sponsors so I can hire contractors to do the work. For more information please read this article. I'll mark the repo as read-only and unmaintained on January 15th 2023 along with a bunch of other @apidevtools packages like swagger-parser, so I can focus on scaling up my reforestation charity instead of burning myself out trying to maintain a whole load of OSS projects I don't use in my vanishingly small spare time. - Phil Sturgeon
You've got a JSON Schema with $ref
pointers to other files and/or URLs. Maybe you know all the referenced files ahead of time. Maybe you don't. Maybe some are local files, and others are remote URLs. Maybe they are a mix of JSON and YAML format. Maybe some of the files contain cross-references to each other.
{
"definitions": {
"person": {
// references an external file
"$ref": "schemas/people/Bruce-Wayne.json"
},
"place": {
// references a sub-schema in an external file
"$ref": "schemas/places.yaml#/definitions/Gotham-City"
},
"thing": {
// references a URL
"$ref": "http://wayne-enterprises.com/things/batmobile"
},
"color": {
// references a value in an external file via an internal reference
"$ref": "#/definitions/thing/properties/colors/black-as-the-night"
}
}
}
JSON Schema $Ref Parser is a full JSON Reference and JSON Pointer implementation that crawls even the most complex JSON Schemas and gives you simple, straightforward JavaScript objects.
$ref
pointers to external files and URLs, as well as custom sources such as databases$ref
pointers$ref
pointers to the same value always resolve to the same object instance$RefParser.dereference(mySchema, (err, schema) => {
if (err) {
console.error(err);
}
else {
// `schema` is just a normal JavaScript object that contains your entire JSON Schema,
// including referenced files, combined into a single object
console.log(schema.definitions.person.properties.firstName);
}
})
Or use async
/await
syntax instead. The following example is the same as above:
try {
let schema = await $RefParser.dereference(mySchema);
console.log(schema.definitions.person.properties.firstName);
}
catch(err) {
console.error(err);
}
For more detailed examples, please see the API Documentation
Install using npm:
npm install @apidevtools/json-schema-ref-parser
When using JSON Schema $Ref Parser in Node.js apps, you'll probably want to use CommonJS syntax:
const $RefParser = require("@apidevtools/json-schema-ref-parser");
When using a transpiler such as Babel or TypeScript, or a bundler such as Webpack or Rollup, you can use ECMAScript modules syntax instead:
import $RefParser from "@apidevtools/json-schema-ref-parser";
If you are using Node.js < 18, you'll need a polyfill for fetch
, like node-fetch:
import fetch from "node-fetch";
globalThis.fetch = fetch;
JSON Schema $Ref Parser supports recent versions of every major web browser. Older browsers may require Babel and/or polyfills.
To use JSON Schema $Ref Parser in a browser, you'll need to use a bundling tool such as Webpack, Rollup, Parcel, or Browserify. Some bundlers may require a bit of configuration, such as setting browser: true
in rollup-plugin-resolve.
Full API documentation is available right here
I welcome any contributions, enhancements, and bug-fixes. Open an issue on GitHub and submit a pull request.
To build/test the project locally on your computer:
Clone this repo
git clone https://github.com/APIDevTools/json-schema-ref-parser.git
Install dependencies
npm install
Run the tests
npm test
JSON Schema $Ref Parser is 100% free and open-source, under the MIT license. Use it however you want.
This package is Treeware. If you use it in production, then we ask that you buy the world a tree to thank us for our work. By contributing to the Treeware forest you’ll be creating employment for local families and restoring wildlife habitats.
Thanks to these awesome companies for their support of Open Source developers ❤
FAQs
Parse, Resolve, and Dereference JSON Schema $ref pointers
The npm package @anttiviljami/json-schema-ref-parser receives a total of 321 weekly downloads. As such, @anttiviljami/json-schema-ref-parser popularity was classified as not popular.
We found that @anttiviljami/json-schema-ref-parser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.