
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
react-schema
Advanced tools
Use react like PropTypes for generic object validation.
Note: Due to changes in React, PropTypes can no longer be accessed externally without causing warnings. So, the dependency on React has been dropped allowing the same wonderful schema functionality to be provided but without the ugly warnings (many thanks to @eliot-akira).
React provides an extraordinarily concise yet powerful way of defining component API's via PropTypes. This module:
npm install react-schema
Validate an object against an API definition:
import schema, { PropTypes } from "react-schema";
// An API schema.
const mySchema = {
isEnabled: PropTypes.bool.isRequired,
width: PropTypes.numberOrString,
};
const myData = {
isEnabled: true,
width: "10px"
};
// Validate an object against the API.
schema.validate(mySchema, myData); // returns: { isValid: true }
You can introspect details about each type:
import { PropTypes } from "react-schema";
const myObject = PropTypes.shape({ isEnabled: PropTypes.bool });
myObject.$meta.type; // Equals: "shape"
myObject.$meta.args; // Equals: { isEnabled: PropTypes.bool }
const myEnum = PropTypes.oneOf(['one', 'two']);
myEnum.$meta.type; // Equals: "oneOf"
myEnum.$meta.args; // Equals: ['one', 'two']
If you need the introspection behavior on a custom type, you need to wrap it using createIntrospectableChecker
:
const { PropTypes } = require('react-schema');
const createIntrospectableChecker = require('react-schema/lib/utils/createIntrospectableChecker');
const MyCustomPropType = function() {
// ...
};
// First, we create an introspectable instance of it:
const MyIntrospectableCustomPropType = createIntrospectableChecker(MyCustomPropType);
// Now, we register it as a PropType:
PropTypes.MyCustomPropType = MyIntrospectableCustomPropType;
Here's how to register an analyzer for a certain propType:
const PropTypeAnalyzer = require('react-schema/lib/PropTypeAnalyzer');
// @args will be whatever the propType checker was instantiated with
PropTypeAnalyzer.defineAnalyzer('MyCustomPropType', function(args) {
return {
type: 'whatever',
fields: args.map(function(arg) {
return { type: 'literal', value: arg };
})
}
});
// Later on in your consumer code:
const schema = {
someProp: PropTypes.MyCustomPropType(['foo'])
};
console.log(PropTypeAnalyzer.generateAST(schema));
// => { type: 'whatever', fields: [{ type: 'literal', value: 'foo' }]}
And here's how to register a custom formatter:
const PropTypeFormatter = require('react-schema/lib/PropTypeFormatter');
// @args will be whatever the propType checker was instantiated with
PropTypeFormatter.defineFormatter('MyCustomPropType', function(args) {
return `MyCustomProp: [${args.join(', ')}]`;
});
// Later on in your consumer code:
const schema = PropTypes.MyCustomPropType(['foo']);
console.log(PropTypeFormatter.format(schema));
// => "MyCustomProp: [foo]"
Property definitions created from the module wrapper provides expressive details about each type when converted to a string.
You can cast a PropType node to a descriptive string (provided it has a formatter defined) using the PropTypeFormatter
:
import { PropTypes } from "react-schema";
import { format } from "react-schema/lib/PropTypeFormatter";
const myEnum = PropTypes.oneOf(['one', 'two']);
format(myEnum); // => "oneOf(one, two)"
The complement the base PropTypes, the following commonly used definitions are available:
PropType.numberOrString
PropType.boolOrString
# Run tests.
npm test
# Watch and re-run tests.
npm run tdd
FAQs
Use react like PropTypes for generic object validation.
The npm package react-schema receives a total of 75 weekly downloads. As such, react-schema popularity was classified as not popular.
We found that react-schema demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
Security News
Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.