Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
awesome-ajv-errors
Advanced tools
awesome-ajv-errors pretty-prints ajv errors
It has a gorgeous human-understandable output, predicts human errors and suggests fixes.
awesome-ajv-errors/node
explicitly (if you have e.g. webpack DefinePlugin configured to hack around missing things like process is not defined
), orawesome-ajv-errors/try-styled
which has a promise-based prettify
function (prettifyTryStyled
) or a promise which will eventually resolve to a synchronous function (styledPrettify
).@babel/code-frame
failed. This will likely be entirely resolved once Babel 8 is released; then awesome output will by default work in browsers too.awesome-ajv-errors
for auto-detecting node vs browserawesome-ajv-errors/dist/index-node.js
or awesome-ajv-errors/dist/index-browser.js
for explicit importing depending on environmentawesome-ajv-errors/dist/index-try-styled.js
for dynamic trying to load color support (e.g. in browsers)Suggest similar properties
schema.json
{
"title": "Second-level two similar properties",
"type": "object",
"properties": {
"foo": {
"type": "object",
"properties": {
"bar": {},
"bak": {}
},
"additionalProperties": false
}
}
}
data.json
{
"foo": {
"bar": "42",
"baz": "33"
}
}
Suggests multiple valid property names
schema.json
{
"title": "Second-level three similar properties",
"type": "object",
"properties": {
"foo": {
"type": "object",
"properties": {
"bar": {},
"bak": {},
"bam": {}
},
"additionalProperties": false
}
}
}
data.json
{
"foo": {
"bar": "42",
"baz": "33"
}
}
Suggests the valid value type when mistaken
schema.json
{
"title": "One option (number to string)",
"type": "object",
"properties": {
"foo": {
"anyOf": [
{
"type": "string"
}
]
}
}
}
data.json
{
"foo": 42
}
Suggests the valid value type when mistaken
schema.json
{
"title": "One option (string to number)",
"type": "object",
"properties": {
"foo": {
"anyOf": [
{
"type": "number"
}
]
}
}
}
data.json
{
"foo": "42"
}
When the type mismatch, and one type is much "better" than the rest (as in probably the right solution), it will be suggested for conversion
schema.json
{
"title": "Two options",
"type": "object",
"properties": {
"foo": {
"anyOf": [
{
"type": "string"
},
{
"type": "boolean"
}
]
}
}
}
data.json
{
"foo": 42
}
schema.json
{
"title": "Three options",
"type": "object",
"properties": {
"foo": {
"anyOf": [
{
"type": "string"
},
{
"type": "boolean"
},
{
"type": "null"
}
]
}
}
}
data.json
{
"foo": 42
}
schema.json
{
"title": "2 too few",
"type": "object",
"properties": {
"foo": {
"type": "array",
"minItems": 3
}
}
}
data.json
{
"foo": [
1
]
}
schema.json
{
"title": "Less than or equal to",
"type": "object",
"properties": {
"foo": {
"type": "number",
"maximum": 17
}
}
}
data.json
{
"foo": 42
}
schema.json
{
"title": "One value of same type",
"type": "object",
"properties": {
"foo": {
"enum": [
41
]
}
}
}
data.json
{
"foo": 42
}
schema.json
{
"title": "Two options (one of different type)",
"type": "object",
"properties": {
"foo": {
"enum": [
41,
"42"
]
}
}
}
data.json
{
"foo": 42
}
schema.json
{
"title": "Four options (one of different type)",
"type": "object",
"properties": {
"foo": {
"enum": [
"falso",
"other",
"False",
false
]
}
}
}
data.json
{
"foo": "false"
}
schema.json
{
"title": "time invalid",
"type": "object",
"properties": {
"foo": {
"type": "string",
"format": "time"
}
}
}
data.json
{
"foo": "11:22:334"
}
schema.json
{
"title": "email invalid",
"type": "object",
"properties": {
"foo": {
"type": "string",
"format": "email"
}
}
}
data.json
{
"foo": "quite@invalid@email.com"
}
schema.json
{
"title": "if-then on first-level object",
"properties": {
"foo": {
"if": {
"properties": {
"firstName": {
"const": true
}
}
},
"then": {
"required": [
"lastName"
]
}
}
}
}
data.json
{
"foo": {
"firstName": true
}
}
schema.json
{
"title": "Multiple of",
"type": "object",
"properties": {
"foo": {
"type": "number",
"multipleOf": 4
}
}
}
data.json
{
"foo": 17
}
schema.json
{
"title": "Root-level required",
"type": "object",
"properties": {
"foo": {}
},
"required": [
"foo"
]
}
data.json
{
"bar": 42
}
Import the ajv
package, and prettify
from awesome-ajv-errors
:
import * as Ajv from 'ajv'
import { prettify } from 'awesome-ajv-errors'
Create an ajv instance and validate objects:
const ajv = new Ajv( { allErrors: true } ); // allErrors is optional
let data, schema; // Get the JSON schema and the JSON data from somewhere
const validate = ajv.compile( schema );
validate( data );
Now, the validation error is stored on the validate
function. Use prettify
to pretty-print the errors, and provide the data so that awesome-ajv-errors can suggest fixes:
console.log( prettify( validate, { data } ) );
Instead of auto-detecting based on the platform (Node.js or a browser), you can turn on/off colors, location printing (the json-snippet of the error) and whether to print big ascii numbers to the left of each error, if there are more than one error.
With the options object containing data
provided to prettify
you can include colors
, location
and bigNumbers
as booleans, to override the defaults.
Turning colors explicitly on will only enable colors if it's detected to be supported by the platform, but turning them off will always output non-colored text.
Turning location on will also only enable the location printing if colors are detected to be supported by the underlying platform (this is a limitation in the current @babel/code-frame
and will likely be resolved in Babel 8).
bigNumbers
will only be enabled if location printing is enabled, but can be explicitly turned off.
Example:
const colors = false;
const location = false;
const explanation = prettify( validate, { data, colors, location } );
FAQs
Prettified AJV errors
The npm package awesome-ajv-errors receives a total of 34,245 weekly downloads. As such, awesome-ajv-errors popularity was classified as popular.
We found that awesome-ajv-errors demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.