Gathering detailed insights and metrics for @har-sdk/validator
Gathering detailed insights and metrics for @har-sdk/validator
Installations
npm install @har-sdk/validatorDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
18.16.0
NPM Version
8.19.3
Releases
214
@har-sdk/oas@2.10.0
@har-sdk/oas@2.10.0
Published on 07 Oct 2024
@har-sdk/postman@2.4.6
@har-sdk/postman@2.4.6
Published on 22 Aug 2024
@har-sdk/oas@2.9.3
@har-sdk/oas@2.9.3
Published on 22 Aug 2024
@har-sdk/oas@2.9.2
@har-sdk/oas@2.9.2
Published on 14 Aug 2024
@har-sdk/openapi-sampler@2.2.1
@har-sdk/openapi-sampler@2.2.1
Published on 14 Aug 2024
@har-sdk/oas@2.9.1
@har-sdk/oas@2.9.1
Published on 22 Apr 2024
Contributors
25
Unable to fetch Contributors
Languages
3
TypeScript
JavaScript
Shell
TypeScript (98.02%)
JavaScript (1.94%)
Shell (0.04%)
Developer
NeuraLegion
Download Statistics
Total Downloads
18,678
Last Day
3
Last Week
53
Last Month
325
Last Year
5,361
GitHub Statistics
11 Stars
142 Commits
5 Forks
16 Watching
10 Branches
25 Contributors
Bundle Size
245.25 kB
Minified
58.99 kB
Minified + Gzipped
Maintainers
2
Package Meta Information
Latest Version
2.5.0
Package Id
@har-sdk/validator@2.5.0
Unpacked Size
459.66 kB
Size
66.71 kB
File Count
74
NPM Version
8.19.3
Node Version
18.16.0
Publised On
08 Jun 2023
Total Downloads
Cumulative downloads
Total Downloads
18,678
Last day
-57.1%
3
Compared to previous day
Last week
-29.3%
53
Compared to previous week
Last month
52.6%
325
Compared to previous month
Last year
-11.1%
5,361
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
6
Dev Dependencies
3
Versions
@har-sdk/validator
A validator for HAR v1.2 Spec, OpenAPI and Postman documents.
Setup
1npm i --save @har-sdk/validator
Usage
1import { OpenAPIV2 } from '@har-sdk/types'; 2import { OASValidator, ErrorHumanizer } from '@har-sdk/validator'; 3 4const apiDoc = { 5 swagger: '2.0', 6 host: 'localhost', 7 info: { 8 title: 'Some valid API document' 9 }, 10 paths: {} 11} as OpenAPIV2.Document; 12 13const errors = await new OASValidator().verify(apiDoc as any); 14console.log(errors); 15// [ 16// { 17// "instancePath": "/info", 18// "schemaPath": "#/required", 19// "keyword": "required", 20// "params": { 21// "missingProperty": "version" 22// }, 23// "message": "must have required property 'version'" 24// } 25// ] 26 27const humanizedErrors = await new ErrorHumanizer().humanizeErrors(errors); 28console.log(humanizedErrors); 29// [ 30// { 31// "originalError": { 32// "instancePath": "/info", 33// "schemaPath": "#/required", 34// "keyword": "required", 35// "params": { 36// "missingProperty": "version" 37// }, 38// "message": "must have required property 'version'" 39// }, 40// "message": "the value at /info is missing the required field `version`", 41// "messageParts": [ 42// { 43// "text": "the value at /info", 44// "jsonPointer": "/info" 45// }, 46// { 47// "text": "is missing the required field `version`" 48// } 49// ] 50// } 51// ]
See Error Object
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 21/22 approved changesets -- score normalized to 9
Reason
dependency not pinned by hash detected -- score normalized to 5
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-build.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/NeuraLegion/har-sdk/auto-build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-build.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/NeuraLegion/har-sdk/auto-build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-build.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/NeuraLegion/har-sdk/auto-build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-build.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/NeuraLegion/har-sdk/auto-build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-build.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/NeuraLegion/har-sdk/auto-build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-build.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/NeuraLegion/har-sdk/auto-build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-build.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/NeuraLegion/har-sdk/auto-build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-build.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/NeuraLegion/har-sdk/auto-build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-build.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/NeuraLegion/har-sdk/auto-build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-build.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/NeuraLegion/har-sdk/auto-build.yml/master?enable=pin
- Info: 0 out of 9 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 3 out of 3 npmCommand dependencies pinned
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/auto-build.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
13 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Score
4
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More