Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
ajv-draft-04
Advanced tools
The ajv-draft-04 package is an extension for AJV, a popular JSON schema validator, enabling it to validate schemas written according to the JSON Schema Draft 04 specification. This package allows users to leverage AJV's fast validation capabilities while ensuring compatibility with older schema versions.
Validating JSON objects against a Draft 04 schema
This code demonstrates how to create a new AJV instance compatible with Draft 04 schemas, compile a schema, and validate a JSON object against it. It checks if the object meets the schema requirements (in this case, having a name as a string and an age as a number not less than 18), and prints whether the object is valid or not.
{"const Ajv = require('ajv-draft-04'); const ajv = new Ajv(); const schema = { 'type': 'object', 'properties': { 'name': { 'type': 'string' }, 'age': { 'type': 'number', 'minimum': 18 } }, 'required': ['name', 'age'] }; const validate = ajv.compile(schema); const valid = validate({ 'name': 'John Doe', 'age': 25 }); if (valid) console.log('Valid!'); else console.log('Invalid: ' + ajv.errorsText(validate.errors));"}
The jsonschema package is a JSON Schema validator that supports various draft versions, including Draft 04. It provides a straightforward way to validate JSON data. Compared to ajv-draft-04, jsonschema is more focused on simplicity and direct implementation of the JSON Schema specification, potentially making it less performant but easier to use for basic validation tasks.
Tiny Validator (tv4) is a lightweight JSON Schema validator that supports Draft 04 of the JSON Schema. It's designed to be simple and fast, making it a good choice for projects that require basic validation without the need for the latest schema features. Compared to ajv-draft-04, tv4 offers a simpler API and smaller footprint at the expense of some of the advanced optimization and features found in AJV.
Ajv with JSON Schema draft-04 support
You need to install both ajv and this package (to allow upgrading ajv without upgrading this package):
npm i ajv ajv-draft-04
// ESM/TypeScript import
import Ajv from "ajv-draft-04"
// Node.js require:
const Ajv = require("ajv-draft-04")
const ajv = new Ajv()
See ajv site for documentation.
npm install
git submodule update --init
npm test
FAQs
Ajv class for JSON Schema draft-04
The npm package ajv-draft-04 receives a total of 2,367,923 weekly downloads. As such, ajv-draft-04 popularity was classified as popular.
We found that ajv-draft-04 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.