Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
json-schema-generator
Advanced tools
JSON schema generated based on draft-v4 of the specification. Note that the full spec if not yet supported. The compiler will be enhanced to support as much as possible. More specifically, there's no support for $ref nodes or special nodes like location (lat, long), etc. These features will be added in future releases or you can always fork and make it better :-)
git clone https://github.com/krg7880/json-schema-generator
cd json-schema-generator
npm install .
Run on the command line:
npm install -g json-schema-generator
Then use (for example):
#### JSON PATH
json-schema-generator path/to/input.json -o path/to/output.json
#### JSON URL
json-schema-generator https://sample.com/path/to/input.json --jsondir ./source/backup -o ./path/to/dir/
#### JSON STDIN | STDOUT
cat input.json | json-schema-generator > output.json
Run on the command line:
npm install json-schema-generator --save-dev
Then, in your project:
var jsonSchemaGenerator = require('json-schema-generator'),
obj = { some: { object: true } },
schemaObj;
schemaObj = jsonSchemaGenerator(json);
Usage: json-schema-generator [<target>|--url <url>|--file <file>|--stdin]
If <target> is specified, it is interpreted as follows: a protocol (like http://)
means url; anything else is treated as path to a local file.
If no input file is specified and stdin is provided, stdin is used.
Options:
--stdin Use stdin as input.
--url Remote json document to use as input.
--file Local json document to use as input.
--schemadir, -o Directory (or file, if ending with .json) where the schema will
be stored.
--jsondir Directory (or file, if ending with .json) where the source
document is copied to. Useful with --url.
--pretty Whether to use pretty json format. Use --no-pretty for false.
[default: true]
--force, -f If a destination file already exists, overwrite it.
--help, -h Show this help text.
{
"title": "fresh fruit schema v1",
"type": "object",
"required": ["skin", "colors", "taste"],
"properties": {
"colors": {
"type": "array",
"minItems": 1,
"uniqueItems": true,
"items": {
"type": "string"
}
},
"skin": {
"type": "string"
},
"taste": {
"type": "number",
"minimum": 5
}
}
}
{
"$schema": "http://json-schema.org/draft-04/schema#",
"description": "",
"type": "object",
"properties": {
"title": {
"type": "string",
"minLength": 1
},
"type": {
"type": "string",
"minLength": 1
},
"required": {
"type": "array",
"items": {
"required": [
],
"properties": {
}
}
},
"properties": {
"type": "object",
"properties": {
"colors": {
"type": "object",
"properties": {
"type": {
"type": "string",
"minLength": 1
},
"minItems": {
"type": "number"
},
"uniqueItems": {
"type": "boolean"
},
"items": {
"type": "object",
"properties": {
"type": {
"type": "string",
"minLength": 1
}
},
"required": [
"type"
]
}
},
"required": [
"type",
"minItems",
"uniqueItems",
"items"
]
},
"skin": {
"type": "object",
"properties": {
"type": {
"type": "string",
"minLength": 1
}
},
"required": [
"type"
]
},
"taste": {
"type": "object",
"properties": {
"type": {
"type": "string",
"minLength": 1
},
"minimum": {
"type": "number"
}
},
"required": [
"type",
"minimum"
]
}
},
"required": [
"colors",
"skin",
"taste"
]
}
},
"required": [
"title",
"type",
"required",
"properties"
]
}
I created this schema generator to validate JSON responses from APIs. As the JSON API is enhanced and nodes are added or removed from the response, the schema is regenerated and validated against the newly deployed API.
To run tests, including fetching documents via HTTP, we've added node-stubby-server-cli to help with serving mock data. The ports for the stub server is defined under test/helpers/stubby-cli, in the event the default port is in use, you can change them there.
npm install -g stubby
Install mocha globally (as cli) and run
npm test
JSON documents can be validated against schemas using chai-json-schema. See the tests under test for example usage.
Thanks to those who have contributed. These kind folks are listed below:
FAQs
JSON schema generator based on draft-v4.
The npm package json-schema-generator receives a total of 17,809 weekly downloads. As such, json-schema-generator popularity was classified as popular.
We found that json-schema-generator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.