Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
json-schema-deref-sync
Advanced tools
The json-schema-deref-sync npm package is used to dereference JSON schemas. It resolves all $ref pointers in a JSON schema synchronously, making it easier to work with complex schemas that have multiple references.
Dereferencing JSON Schema
This feature allows you to dereference a JSON schema, resolving all $ref pointers. The code sample demonstrates how to use the json-schema-deref-sync package to dereference a schema with internal references.
const deref = require('json-schema-deref-sync');
const schema = {
"$id": "http://example.com/root.json",
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"address": {
"type": "object",
"properties": {
"street_address": { "type": "string" },
"city": { "type": "string" },
"state": { "type": "string" }
},
"required": ["street_address", "city", "state"]
}
},
"type": "object",
"properties": {
"billing_address": { "$ref": "#/definitions/address" },
"shipping_address": { "$ref": "#/definitions/address" }
}
};
const dereferencedSchema = deref(schema);
console.log(JSON.stringify(dereferencedSchema, null, 2));
json-schema-ref-parser is a powerful library for parsing, resolving, and dereferencing JSON schema $ref pointers. Unlike json-schema-deref-sync, it supports both synchronous and asynchronous operations, making it more flexible for different use cases.
json-schema-deref is another library for dereferencing JSON schemas. It is similar to json-schema-deref-sync but focuses on asynchronous operations, which can be beneficial for handling large schemas or when working in environments where non-blocking operations are preferred.
Dereference JSON pointers in a JSON schemas with their true resolved values. Basically a lighter, synchronous version of json-schema-deref but omits web references and custom loaders.
npm install json-schema-deref-sync
Let's say you have the following JSON Schema:
{
"description": "Just some JSON schema.",
"title": "Basic Widget",
"type": "object",
"definitions": {
"id": {
"description": "unique identifier",
"type": "string",
"minLength": 1,
"readOnly": true
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"foo": {
"$ref": "http://www.mysite.com/myschema.json#/definitions/foo"
},
"bar": {
"$ref": "bar.json"
}
}
Sometimes you just want that schema to be fully expanded, with $ref
's being their (true) resolved values:
{
"description": "Just some JSON schema.",
"title": "Basic Widget",
"type": "object",
"definitions": {
"id": {
"description": "unique identifier",
"type": "string",
"minLength": 1,
"readOnly": true
}
},
"properties": {
"id": {
"description": "unique identifier",
"type": "string",
"minLength": 1,
"readOnly": true
},
"foo": {
"description": "foo property",
"readOnly": true,
"type": "number"
},
"bar": {
"description": "bar property",
"type": "boolean"
}
}
}
This utility lets you do that:
var deref = require('json-schema-deref-sync');
var myschema = require('schema.json');
var fullSchema = deref(myschema);
Object
| Error
Derefs $ref
's in JSON Schema to actual resolved values. Supports local, and file refs.
Kind: global function
Returns: Object
| Error
- the deref schema oran instance of Error
if error.
Param | Type | Description |
---|---|---|
schema | Object | The JSON schema |
options | Object | options |
options.baseFolder | String | the base folder to get relative path files from. Default is process.cwd() |
options.failOnMissing | Boolean | By default missing / unresolved refs will be left as is with their ref value intact. If set to true we will error out on first missing ref that we cannot resolve. Default: false . |
FAQs
Simple Node.js JSON Schema dereferencer
The npm package json-schema-deref-sync receives a total of 469,118 weekly downloads. As such, json-schema-deref-sync popularity was classified as popular.
We found that json-schema-deref-sync demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.