Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
json-schema
Advanced tools
The json-schema npm package is used to validate JSON data against a JSON schema. It ensures that the JSON data is structured in the way that is expected by the schema. This package can be used to validate configuration files, user input, or any other data represented in JSON format.
Validation
This feature allows you to validate JSON data against a schema. The code sample demonstrates how to define a schema and validate data against it, printing out whether the data is valid or not.
{"const validate = require('json-schema').validate; const schema = {type: 'object', properties: {name: {type: 'string'}, age: {type: 'number', minimum: 0}}, required: ['name', 'age']}; const data = {name: 'John Doe', age: 28}; const result = validate(data, schema); if (result.valid) {console.log('Valid!');} else {console.log('Invalid:', result.errors);} }
Schema Compilation
This feature compiles a JSON schema for faster validation of multiple data sets. The code sample shows how to compile a schema which can then be used to validate data more efficiently.
{"const jsonSchema = require('json-schema'); const schema = {type: 'object', properties: {name: {type: 'string'}, age: {type: 'number', minimum: 0}}, required: ['name', 'age']}; const compiledSchema = jsonSchema.compile(schema); }
Ajv is a fast JSON schema validator. It supports draft-06/07/2019-09 of JSON Schema, has better performance than json-schema, and provides a richer set of features like custom keywords and formats, asynchronous schema compilation, and more.
Tiny Validator (tv4) is a small and fast JSON Schema V4 validator. It is simpler and has a smaller footprint than json-schema but does not support newer JSON Schema drafts and might not be as actively maintained.
Joi is a powerful schema description language and data validator for JavaScript. Unlike json-schema, Joi provides a fluent API for describing data schemas and includes built-in types and validation rules that can be combined to express complex validation strategies.
This is a historical repository for the early development of the JSON Schema specification and implementation. This package is considered "finished": it holds the earlier draft specification and a simple, efficient, lightweight implementation of the original core elements of JSON Schema. This repository does not house the latest specifications nor does it implement the latest versions of JSON Schema. This package seeks to maintain the stability (in behavior and size) of this original implementation for the sake of the numerous packages that rely on it. For the latest JSON Schema specifications and implementations, please visit the JSON Schema site (or the respository).
Code is licensed under the AFL or BSD 3-Clause license.
FAQs
JSON Schema validation and specifications
The npm package json-schema receives a total of 16,289,562 weekly downloads. As such, json-schema popularity was classified as popular.
We found that json-schema demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.