Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
@asyncapi/avro-schema-parser
Advanced tools
Avro Schema Parser
An AsyncAPI schema parser for Avro 1.x schemas.
Note Version >=
2.0.0of this package is only supported by the@asyncapi/parserversion >=2.0.0.
Installation
npm install @asyncapi/avro-schema-parser
// OR
yarn add @asyncapi/avro-schema-parser
Usage
import { Parser } from '@asyncapi/parser';
import { AvroSchemaParser } from '@asyncapi/avro-schema-parser';
const parser = new Parser();
parser.registerSchemaParser(AvroSchemaParser());
const asyncapiWithAvro = `
asyncapi: 2.0.0
info:
title: Example with Avro
version: 0.1.0
channels:
example:
publish:
message:
schemaFormat: 'application/vnd.apache.avro;version=1.9.0'
payload: # The following is an Avro schema in YAML format (JSON format is also supported)
type: record
name: User
namespace: com.company
doc: User information
fields:
- name: displayName
type: string
- name: email
type: string
- name: age
type: int
`
const { document } = await parser.parse(asyncapiWithAvro);
const { Parser } = require('@asyncapi/parser');
const { AvroSchemaParser } = require('@asyncapi/raml-dt-schema-parser');
const parser = new Parser();
parser.registerSchemaParser(AvroSchemaParser());
const asyncapiWithAvro = `
asyncapi: 2.0.0
info:
title: Example with Avro
version: 0.1.0
channels:
example:
publish:
message:
schemaFormat: 'application/vnd.apache.avro;version=1.9.0'
payload: # The following is an Avro schema in YAML format (JSON format is also supported)
type: record
name: User
namespace: com.company
doc: User information
fields:
- name: displayName
type: string
- name: email
type: string
- name: age
type: int
Usage with remote references
import { Parser } from '@asyncapi/parser';
import { AvroSchemaParser } from '@asyncapi/avro-schema-parser';
const parser = new Parser();
parser.registerSchemaParser(AvroSchemaParser());
const asyncapiWithAvro = `
asyncapi: 2.0.0
info:
title: Example with Avro
version: 0.1.0
channels:
example:
publish:
message:
schemaFormat: 'application/vnd.apache.avro;version=1.9.0'
payload:
$ref: 'https://schemas.example.com/user'
`
const { document } = await parser.parse(asyncapiWithAvro);
const { Parser } = require('@asyncapi/parser');
const { AvroSchemaParser } = require('@asyncapi/raml-dt-schema-parser');
const parser = new Parser();
parser.registerSchemaParser(AvroSchemaParser());
const asyncapiWithAvro = `
asyncapi: 2.0.0
info:
title: Example with Avro
version: 0.1.0
channels:
example:
publish:
message:
schemaFormat: 'application/vnd.apache.avro;version=1.9.0'
payload:
$ref: 'https://schemas.example.com/user'
`
const { document } = await parser.parse(asyncapiWithAvro);
Usage with local references
import { Parser } from '@asyncapi/parser';
import { AvroSchemaParser } from '@asyncapi/avro-schema-parser';
const parser = new Parser();
parser.registerSchemaParser(AvroSchemaParser());
const asyncapiWithAvro = `
asyncapi: 2.0.0
info:
title: Example with Avro
version: 0.1.0
channels:
example:
publish:
message:
schemaFormat: 'application/vnd.apache.avro;version=1.9.0'
payload:
$ref: 'local/path/to/file/user'
`
const { document } = await parser.parse(asyncapiWithAvro);
const { Parser } = require('@asyncapi/parser');
const { AvroSchemaParser } = require('@asyncapi/raml-dt-schema-parser');
const parser = new Parser();
parser.registerSchemaParser(AvroSchemaParser());
const asyncapiWithAvro = `
asyncapi: 2.0.0
info:
title: Example with Avro
version: 0.1.0
channels:
example:
publish:
message:
schemaFormat: 'application/vnd.apache.avro;version=1.9.0'
payload:
$ref: 'local/path/to/file/user'
`
const { document } = await parser.parse(asyncapiWithAvro);
Usage with Confluent Schema Registry
Create an API key
Copy the key and the secret
Use them on your AsyncAPI document
import { Parser } from '@asyncapi/parser';
import { AvroSchemaParser } from '@asyncapi/avro-schema-parser';
const parser = new Parser();
parser.registerSchemaParser(AvroSchemaParser());
const asyncapiWithAvro = `
asyncapi: 2.0.0
info:
title: Example with Avro
version: 0.1.0
channels:
example:
publish:
message:
schemaFormat: 'application/vnd.apache.avro;version=1.9.0'
payload:
$ref: 'https://LY422RBU2HN6JQ5T:+f8wz9a0iM06AX7xfwbzSM9YPw/JIkr22Cvl5EKT5Hb1d/nz5nOpbXV/vZC+Iz5c@example.europe-west3.gcp.confluent.cloud/subjects/test/versions/1/schema'
`
const { document } = await parser.parse(asyncapiWithAvro);
const { Parser } = require('@asyncapi/parser');
const { AvroSchemaParser } = require('@asyncapi/raml-dt-schema-parser');
const parser = new Parser();
parser.registerSchemaParser(AvroSchemaParser());
const asyncapiWithAvro = `
asyncapi: 2.0.0
info:
title: Example with Avro
version: 0.1.0
channels:
example:
publish:
message:
schemaFormat: 'application/vnd.apache.avro;version=1.9.0'
payload:
$ref: 'https://LY422RBU2HN6JQ5T:+f8wz9a0iM06AX7xfwbzSM9YPw/JIkr22Cvl5EKT5Hb1d/nz5nOpbXV/vZC+Iz5c@example.europe-west3.gcp.confluent.cloud/subjects/test/versions/1/schema'
`
const { document } = await parser.parse(asyncapiWithAvro);
Features
Validation of Avro schemas
Avro schemas included in parsed AsyncAPI documents are validated using avsc. The parser.validate(...) function returns all validation issues.
import { Parser } from '@asyncapi/parser';
import { AvroSchemaParser } from '@asyncapi/avro-schema-parser';
const parser = new Parser();
parser.registerSchemaParser(AvroSchemaParser());
const asyncapiWithInvalidAvro = `
asyncapi: 2.0.0
info:
title: Example with Avro
version: 0.1.0
channels:
example:
publish:
message:
schemaFormat: 'application/vnd.apache.avro;version=1.9.0'
payload:
type: notAValidAvroType
`;
const diagnostics = await parser.validate(doc);
// Custom schema issues are stored by the code "asyncapi-schemas-v2"
const avroDiagnostics = diagnostics.filter(d => d.code === 'asyncapi-schemas-v2');
console.log(avroDiagnostics);
const { Parser } = require('@asyncapi/parser');
const { AvroSchemaParser } = require('@asyncapi/raml-dt-schema-parser');
const parser = new Parser();
parser.registerSchemaParser(AvroSchemaParser());
const asyncapiWithInvalidAvro = `
asyncapi: 2.0.0
info:
title: Example with Avro
version: 0.1.0
channels:
example:
publish:
message:
schemaFormat: 'application/vnd.apache.avro;version=1.9.0'
payload:
type: notAValidAvroType
`;
const diagnostics = await parser.validate(doc);
// Custom schema issues are stored by the code "asyncapi-schemas-v2"
const avroDiagnostics = diagnostics.filter(d => d.code === 'asyncapi-schemas-v2');
console.log(avroDiagnostics);
Note
parser.parse(...)function also returnsdiagnosticsdata with all the validation issues.
Support of required attributes
Required fields are fields with no default value and without the "null" union element.
Support for extra attributes on top of Avro specification
Additional attributes not defined in the Avro Specification are permitted and are treated as a metadata by the specification. To improve human readability of generated AsyncAPI documentation and to leverage more features from the JSON schema we included support for the extra attributes that can be added into Avro document.
List of all supported extra attributes
example- Can be used to define the example value from the business domain of given field. Value will be propagated into examples attribute of JSON schema and therefore will be picked for the generated "Example of payload" when using some AsyncAPI documentation generator.
For Number instances:
multipleOf- Can be used to define the multipleOf value of a numeric instance. ThemultipleOfMUST be a number, strictly greater than 0.maximum- Can be used to define the maximum value of a numeric instance.exclusiveMaximum- Can be used to define the exclusiveMaximum value of a numeric instance.minimum- Can be used to define the minimum value of a numeric instance.exclusiveMinimum- Can be used to define the exclusiveMinimum value of a numeric instance.
For String instances:
maxLength- Can be used to define the maxLength value of a string instance. The value of this keyword MUST be a non-negative integer.minLength- Can be used to define the minLength value of a string instance. The value of this keyword MUST be a non-negative integer.pattern- Can be used to define the pattern value of a string instance.
For Array instances:
maxItems- Can be used to define the maxItems value of a string instance. The value of this keyword MUST be a non-negative integer.minItems- Can be used to define the minItems value of a string instance. The value of this keyword MUST be a non-negative integer.uniqueItems- Can be used to define the uniqueItems value of a string instance. The value of this keyword MUST be a boolean.
Support for names and namespaces
If, at the top level of the Avro schema, the 'name' attribute is defined, it will be copied to the corresponding JSON schema's 'x-parser-schema-id' attribute. If the Avro schema also has the 'namespace' attribute defined, then that schema's fully qualified name will be put into that attribute. The fully qualified name is defined by the namespace, followed by a dot, followed by the name.
If there are two schemas that resolve to the same fully qualified name, only the last one will be returned by the parser. Make sure names of your schemas are unique.
If no name attribute is present, the 'x-parser-schema-id' will have a generated unique id with a name like 'anonymous-schema-1' generated by the main parser. 'x-parser-schema-id' is one of the custom extensions supported by the parser.
Limitations
Float and double-precision numbers
JSON numbers (RFC 4627, section 2.4) don't define any limit to the scale and/or precision of numbers. That said, we can enforce limits on int and long but we can't enforce them on float and double because they can't accurately be represented on JSON Schema.
Since we support extra attributes on field, you can set
minimumandmaximumattribute on float and double types to display number limits.
Hardcoded key and secret
This is not a limitation of this package per se but of the JSON Reference RFC. So far, you can only hardcode the values for key and secret on the $ref URL.
Contributors
Thanks goes to these wonderful people (emoji key):
 Fran Méndez 💻 🚧 👀 🤔 |  Lukasz Gornicki 🚧 👀 🚇 |  Ludovic Dussart 💻 🚧 👀 |  Dale Lane 💻 🚧 👀 |  Jonathan 💻 |  Radim Loskot 💻 |  Michael Davis 💻 |
 Germán Schnyder 💻 |
This project follows the all-contributors specification. Contributions of any kind welcome!
FAQs
An AsyncAPI schema parser for Avro 1.x schemas.
The npm package @asyncapi/avro-schema-parser receives a total of 133,824 weekly downloads. As such, @asyncapi/avro-schema-parser popularity was classified as popular.
We found that @asyncapi/avro-schema-parser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 12 Jun 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025