Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
browser-json-schema-to-openapi-schema
Advanced tools
Converts a JSON Schema to OpenAPI Schema Object
A little NodeJS package to convert JSON Schema to a OpenAPI Schema Object.
type: ['foo', 'null']
to type: foo
and nullable: true
allOf
s etc.patternProperties
to x-patternProperties
dependencies
to an allOf + oneOf OpenAPI-valid equivalentnpm install --save @openapi-contrib/json-schema-to-openapi-schema
Requires NodeJS v10 or greater.
Here's a small example to get the idea:
const convert = require('@openapi-contrib/json-schema-to-openapi-schema');
const schema = {
$schema: 'http://json-schema.org/draft-04/schema#',
type: ['string', 'null'],
format: 'date-time',
};
(async () => {
const convertedSchema = await convert(schema);
console.log(convertedSchema);
})();
The example prints out
{
type: 'string',
format: 'date-time',
nullable: true
}
The function accepts options
object as the second argument.
cloneSchema
(boolean)If set to false
, converts the provided schema in place. If true
, clones the schema by converting it to JSON and back. The overhead of the cloning is usually negligible. Defaults to true
.
dereference
(boolean)If set to true
, all local and remote references (http/https and file) $refs will be dereferenced. Defaults to false
.
Usage:
json-schema-to-openapi-schema <command> [options] <file>
Commands:
convert Converts JSON Schema Draft 04 to OpenAPI 3.0 Schema Object
Options:
-h, --help Show help for any command
-v, --version Output the CLI version number
-d, --dereference If set all local and remote references (http/https and file) $refs will be dereferenced
OpenAPI is often described as an extension of JSON Schema, but both specs have changed over time and grown independently. OpenAPI v2 was based on JSON Schema draft v4 with a long list of deviations, but OpenAPI v3 shrank that list, upping their support to draft v4 and making the list of discrepancies shorter. This has been solved for OpenAPI v3.1, but for those using OpenAPI v3.0, you can use this tool to solve the divergence.
This tool sets out to allow folks to convert from JSON Schema (their one source of truth for everything) to OpenAPI (a thing for HTML docs and making SDKs).
† Draft v5 is also known as Draft Wright 00, as the drafts are often named after the author, and this was the first one by A. Wright. Amongst other things, draft v5 aimed to rewrite the meta files, but the experiment failed, meaning we need to continue to use the draft v4 metafiles. Ugh.
To convert the other way, check out openapi-schema-to-json-schema, which this package was based on.
To run the test-suite:
npm test
This package is Treeware. If you use it in production, then we ask that you buy the world a tree to thank us for our work. By contributing to the Treeware forest you’ll be creating employment for local families and restoring wildlife habitats.
FAQs
Converts a JSON Schema to OpenAPI Schema Object
The npm package browser-json-schema-to-openapi-schema receives a total of 1 weekly downloads. As such, browser-json-schema-to-openapi-schema popularity was classified as not popular.
We found that browser-json-schema-to-openapi-schema demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.