Gathering detailed insights and metrics for @openapi-contrib/openapi-schema-to-json-schema
Gathering detailed insights and metrics for @openapi-contrib/openapi-schema-to-json-schema
Due to the OpenAPI v3.0 and JSON Schema discrepancy, you can use this JS library to convert OpenAPI Schema objects to proper JSON Schema.
Installations
npm install @openapi-contrib/openapi-schema-to-json-schemaDeveloper
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>=14.0.0
Typescript Support
Yes
Node Version
18.16.1
NPM Version
9.8.0
Statistics
244 Stars
124 Commits
20 Forks
6 Watching
5 Branches
13 Contributors
Updated on 20 Nov 2024
Languages
TypeScript (97.1%)
JavaScript (2.9%)
Total Downloads
Cumulative downloads
Total Downloads
23,596,617
Last day
4.3%
46,793
Compared to previous day
Last week
10%
238,512
Compared to previous week
Last month
4.3%
994,814
Compared to previous month
Last year
59%
9,781,149
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
OpenAPI Schema to JSON Schema
A little NodeJS package to convert OpenAPI Schema Object or Parameter Object to JSON Schema.
Currently converts from OpenAPI 3.0 to JSON Schema Draft 4.
Why?
OpenAPI is a specification for describing RESTful APIs. OpenAPI v3.0 allows us to describe the structures of request and response payloads in a detailed manner. This would, theoretically, mean that we should be able to automatically validate request and response payloads. However, as of writing there aren't many validators around.
The good news is that there are many validators for JSON Schema for different languages. The bad news is that OpenAPI v3.0 is not entirely compatible with JSON Schema. The Schema Object of OpenAPI v3.0 is an extended subset of JSON Schema Specification Wright Draft 00 with some differences. This will be resolved in OpenAPI v3.1, but until then... this tool will fill that gap.
There is also a CLI tool for creating a JSON of schemas from the whole API specification.
If you need to do the conversion in reverse, checkout json-schema-to-openapi-schema.
Features
- converts OpenAPI v3.0 Schema Object to JSON Schema Draft 4
- converts OpenAPI v3.0 Parameter Object to JSON Schema Draft 4
- deletes
nullableand adds"null"totypearray ifnullableistrue - supports deep structures with nested
allOfs etc. - removes OpenAPI specific properties such as
discriminator,deprecatedetc. unless specified otherwise - optionally supports
patternPropertieswithx-patternPropertiesin the Schema Object
NOTE: $refs are not handled in any way, so please use a resolver such as json-schema-ref-parser or swagger-cli bundle prior to using this package.
Installation
npm install --save @openapi-contrib/openapi-schema-to-json-schema
CLI
1npx "@openapi-contrib/openapi-schema-to-json-schema" --input openapi.json --output json-schema.json
Converting OpenAPI schema
Here's a small example to get the idea:
1var { openapiSchemaToJsonSchema: toJsonSchema } = require("@openapi-contrib/openapi-schema-to-json-schema"); 2 3var schema = { 4 type: "string", 5 format: "date-time", 6 nullable: true, 7}; 8 9var convertedSchema = toJsonSchema(schema); 10 11console.log(convertedSchema);
The example prints out
1{ 2 type: ['string', 'null'], 3 format: 'date-time', 4 '$schema': 'http://json-schema.org/draft-04/schema#' 5}
Provide the function the schema object with possible options.
Options
The function accepts options object as the second argument.
cloneSchema (boolean)
If set to false, converts the provided schema in place. If true, clones the schema by converting it to JSON and back. The overhead of the cloning is usually negligible. Defaults to true.
dateToDateTime (boolean)
This is false by default and leaves date format as is. If set to true, sets format: 'date' to format: 'date-time'.
For example
1var schema = { 2 type: "string", 3 format: "date", 4}; 5 6var convertedSchema = toJsonSchema(schema, { dateToDateTime: true }); 7 8console.log(convertedSchema);
prints
1{ 2 type: 'string', 3 format: 'date-time', 4 '$schema': 'http://json-schema.org/draft-04/schema#' 5}
keepNotSupported (array)
By default, the following fields are removed from the result schema: nullable, discriminator, readOnly, writeOnly, xml, externalDocs, example and deprecated as they are not supported by JSON Schema Draft 4. Provide an array of the ones you want to keep (as strings) and they won't be removed.
removeReadOnly (boolean)
If set to true, will remove properties set as readOnly. If the property is set as required, it will be removed from the required array as well. The property will be removed even if readOnly is set to be kept with keepNotSupported.
removeWriteOnly (boolean)
Similar to removeReadOnly, but for writeOnly properties.
supportPatternProperties (boolean)
If set to true and x-patternProperties property is present, change x-patternProperties to patternProperties and call patternPropertiesHandler. If patternPropertiesHandler is not defined, call the default handler. See patternPropertiesHandler for more information.
patternPropertiesHandler (function)
Provide a function to handle pattern properties and set supportPatternProperties to take effect. The function takes the schema where x-patternProperties is defined on the root level. At this point x-patternProperties is changed to patternProperties. It must return the modified schema.
If the handler is not provided, the default handler is used. If additionalProperties is set and is an object, the default handler sets it to false if the additionalProperties object has deep equality with a pattern object inside patternProperties. This is because we might want to define additionalProperties in OpenAPI spec file, but want to validate against a pattern. The pattern would turn out to be useless if additionalProperties of the same structure were allowed. Create you own handler to override this functionality.
See test/pattern_properties.test.js for examples how this works.
definitionKeywords (array)
By default, definitions are not converted. If your documents follow the convention of having a definitions object at the root of a (sub)schema, you can set definitionKeywords to ['definitions'].
1var schema = { 2 definitions: { 3 sharedDefinition: { 4 type: "object", 5 properties: { 6 foo: { 7 type: "string", 8 nullable: true, 9 }, 10 }, 11 }, 12 }, 13}; 14var convertedSchema = toJsonSchema(schema, { 15 definitionKeywords: ["definitions"], 16}); 17console.log(convertedSchema);
prints
1{ 2 $schema: 'http://json-schema.org/draft-04/schema#', 3 definitions: { 4 sharedDefinition: { 5 type: 'object', 6 properties: { 7 foo: { 8 type: ['string', 'null'] 9 } 10 } 11 } 12 } 13}
Converting OpenAPI parameters
OpenAPI parameters can be converted:
1var { fromParameter } = require("@openapi-contrib/openapi-schema-to-json-schema"); 2 3var param = { 4 name: "parameter name", 5 in: "query", 6 schema: { 7 type: "string", 8 format: "date", 9 }, 10}; 11 12var convertedSchema = fromParameter(param); 13 14console.log(convertedSchema);
The result is as follows:
1{ 2 type: 'string', 3 format: 'date', 4 '$schema': 'http://json-schema.org/draft-04/schema#' 5}
When a parameter has several schemas (one per MIME type) a map is returned instead.
1{ 2 name: 'parameter name', 3 in: 'query', 4 content: { 5 'application/javascript': { 6 schema: { 7 type: 'string' 8 } 9 }, 10 'text/css': { 11 schema: { 12 type: 'string' 13 } 14 } 15 } 16}
would be converted to:
1{ 2 'application/javascript': { 3 type: 'string', 4 '$schema': 'http://json-schema.org/draft-04/schema#' 5 }, 6 'text/css': { 7 type: 'string', 8 '$schema': 'http://json-schema.org/draft-04/schema#' 9 } 10}
Treeware
This package is Treeware. If you use it in production, then we ask that you buy the world a tree to thank us for our work. By contributing to the Treeware forest you’ll be creating employment for local families and restoring wildlife habitats.
Thanks
- Stoplight for donating time and effort to this project, and many more.
- mikunn for originally creating this package.
- All Contributors
Copyright
Copyright 2023 the OpenAPI Contrib organization. Code released under the MIT License.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 2/24 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/openapi-contrib/openapi-schema-to-json-schema/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/openapi-contrib/openapi-schema-to-json-schema/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/openapi-contrib/openapi-schema-to-json-schema/test.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/openapi-contrib/openapi-schema-to-json-schema/test.yml/main?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 19 are checked with a SAST tool
Reason
18 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-wqq4-5wpv-mx2g
- Warn: Project is vulnerable to: GHSA-3787-6prv-h9w3
- Warn: Project is vulnerable to: GHSA-9qxr-qj54-h672
- Warn: Project is vulnerable to: GHSA-m4v8-wqvr-p9f7
- Warn: Project is vulnerable to: GHSA-92r3-m2mg-pj97
- Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
- Warn: Project is vulnerable to: GHSA-8jhw-289h-jh2g
- Warn: Project is vulnerable to: GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
Score
2.8
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More