Security News
OpenJS: “XZ Utils Cyberattack Likely Not an Isolated Incident”
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
skema
Advanced tools
Weekly downloads
Readme
skema
provides a handy and composable way to validate/transform JavaScript variables:
Supports both async and sync flows. Skema has two working modes to support either async or sync validators, setters, etc, making it capable with much more complicated challenges.
NOT only type checker. Unlike TypeScript, joi, and many others, Skema is not only a JavaScript type checker, but also a good solution for your Anti-Corruption Layer (ACL) to transform and purify the input data. And Skema could also be configured as a simple schema validator too.
Pluggable basic types. Even basic types such as Number
could also be replaced and customized if using Skema. Actually, in the core of Skema, there is NOT a single definition of one type.
Powerful custom types. Every single type is able to be customized that you can handle almost everything including descriptor, conditions, default values, validators and so on.
Composable structures. You could build a much bigger schema with the small ones into the whole world.
npm i skema
import {shape} from 'skema'
// Schema definitions are ONLY objects.
const User = shape({
id: 'number?',
name: String
})
// Then use these definitions to purify our data.
const user = User.from({
id: '1',
name: 'Steve'
})
console.log(user)
// {
// id: 1,
// name: 'Steve'
// }
user.id = 'boooom!'
// throw TypeError
// - message: 'not a number'
// - code: 'VALIDATION_FAILS'
from()
MIT
FAQs
Skema provides a handy & composable way to validate / transform / purify the input data.
The npm package skema receives a total of 22,181 weekly downloads. As such, skema popularity was classified as popular.
We found that skema demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
Company News
Come meet the Socket team at BSidesSF and RSA! We're sponsoring several fun networking events and we would love to see you there.
Security News
OSI is starting a conversation aimed at removing the excuse of the SaaS loophole for companies navigating licensing and the complexities of doing business with open source.