
Product
Introducing Tier 1 Reachability: Precision CVE Triage for Enterprise Teams
Socket’s new Tier 1 Reachability filters out up to 80% of irrelevant CVEs, so security teams can focus on the vulnerabilities that matter.
Please report any problems to the GitLab issues <https://gitlab.com/doctormo/python-xsd-validator>
_
This module provides a way to validate data from many different file formats with a condensed XML Schema (XSD) subset. Errors are returned using a mirror-tree pattern instead of an exception based invalidation.
Based on xsd and xml validation, this is an attempt to provide those functions without requiring xml and to allow errors to be fed into machine readable mechanisms.
from xssd import Validator
val = Validator( definition ) err = val.validate( data )
print err or "All is well!"
An example definition for registering a user on a website:
.. code-block:: python
definition = {
'root' : [
{ 'name : 'username', 'type' : 'token' },
{ 'name : 'password', 'type' : 'password' },
{ 'name : 'confirm', 'type' : 'confirm' },
{ 'name : 'firstName', 'type' : 'rname' },
{ 'name : 'familyName', 'type' : 'name', 'minOccurs' : 0 },
{ 'name : 'nickName', 'type' : 'name', 'minOccurs' : 0 },
{ 'name : 'emailAddress', 'type' : 'email', 'minOccurs' : 1, 'maxOccurs' : 3 },
[
{ 'name' : 'aim', 'type' : 'index' },
{ 'name' : 'msn', 'type' : 'email' },
{ 'name' : 'jabber', 'type' : 'email' },
{ 'name' : 'irc', 'type' : 'string' },
],
],
'simpleTypes' : {
'confirm' : { 'base' : 'id', 'match' : '/input/password' },
'rname' : { 'base' : 'name', 'minLength' : 1 },
'password' : { 'base' : 'id', 'minLength' : 6 },
},
'complexTypes' : {},
}
And this is an example of the data that would validate against it:
.. code-block:: python
data = { 'username' : 'abcdef', 'password' : '1234567', 'confirm' : '1234567', 'firstName' : 'test', 'familyName' : 'user', 'nickName' : 'foobar', 'emailAddress' : [ 'foo@bar.com', 'some@other.or', 'great@nice.con' ], 'msn' : 'foo@msn.com', }
We are asking for a username, a password typed twice, some real names, a nick name, between 1 and 3 email addresses and at least one instant message account, foo is an extra string of information to show that the level is arbitary. bellow the definition and all options are explained.
The first result you get is a structure the second is a boolean, the boolean explains the total stuctures pass or fail status.
The structure that is returned is almost a mirror structure of the input:
.. code-block:: python
errors = {
'input' : {
'username' : NO_ERROR,
'password' : NO_ERROR,
'confirm' : NO_ERROR,
'firstName' : NO_ERROR,
'familyName' : NO_ERROR,
'nickName' : NO_ERROR,
'emailAddress' : NO_ERROR,
}
},
A simple type is a definition which will validate data directly, it will never validate lists or dictionaries.
Each simpleType is defined as an item in the definition's 'simpleTypes' list.
A complex type is a definition which will validate a dictionary. The optional very first structure, 'root' is a complex definition and follows the same syntax as all complex types. Each complex type is a list of data which should all occur in the hash, when a list entry is a hash it equates to one named entry in the hash data and has the following options:
Where the list entry is an array, it will toggle the combine mode and allow further list entries With in it this allows for parts of the sturcture to be optional only if different parts of the stucture exist.
By default these types are available to all definitions as base types.
The test suite provides the full supported schema and tests against itself to ensure sanity.
FAQs
Validating python structures based on XSD Subset rules.
We found that xssd demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket’s new Tier 1 Reachability filters out up to 80% of irrelevant CVEs, so security teams can focus on the vulnerabilities that matter.
Research
/Security News
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.
Security News
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.