Gathering detailed insights and metrics for @webpack-contrib/schema-utils
Gathering detailed insights and metrics for @webpack-contrib/schema-utils
Installations
npm install @webpack-contrib/schema-utilsDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>= 6.9.0 || >= 8.9.0
Node Version
8.11.1
NPM Version
5.6.0
Releases
40
Languages
2
JavaScript
Shell
JavaScript (99.9%)
Shell (0.1%)
Developer
webpack-contrib
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
250 Stars
200 Commits
39 Forks
10 Watchers
3 Branches
88 Contributors
Updated on Jun 26, 2025
Maintainers
1
Package Meta Information
Latest Version
1.0.0-beta.0
Package Id
@webpack-contrib/schema-utils@1.0.0-beta.0
Size
6.88 kB
NPM Version
5.6.0
Node Version
8.11.1
Published on
Apr 02, 2018
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
6
Peer Dependencies
1
Dev Dependencies
25
@commitlint/cli@commitlint/config-angular@webpack-contrib/eslint-config-webpackbabel-clibabel-jestbabel-plugin-transform-object-rest-spreadbabel-polyfillbabel-preset-envconventional-github-releasercross-envdeldel-clieslinteslint-plugin-importeslint-plugin-prettierhuskyjestlint-stagedmemory-fsnsppre-commitprettierstandard-versionwebpackwebpack-defaults
schema-utils
Webpack Schema Validation Utilities
Validates options objects against a JSON Schema and
displays the output beautifully.
Requirements
This module requires a minimum of Node v6.9.0 and Webpack v4.0.0.
Getting Started
To begin, you'll need to install schema-utils:
1$ npm install @webpack-contrib/schema-utils --save-dev
API
When using the API directly, the main entry point is the serve function, which
is the default export of the module.
1const validate = require('@webpack-contrib/schema-utils'); 2const schema = require('path/to/schema.json'); 3const target = { ... }; // the options object to validate 4const name = '...'; // the load or plugin name validate() is being used in 5 6validate({ name, schema, target });
serve(options)
Returns true if validation succeeded, false validation failed and options
allow the function to return a value. (see options below).
options
Type: Object
Options for initializing and controlling the server provided. The option names
listed below belong to the options object.
exit
Type: Boolean
Default: false
If true, will instruct the validator to end the process with an error code of
1.
log
Type: Boolean
Default: false
If true, will instruct the validator to log the results of the validation (in
the event of a failure) in a
webpack-style log output. This
is typically used with throw: false.
name
Type: String
Default: undefined
Required
A String specifying the name of the loader or plugin utilizing the validator.
schema
Type: String|Object
Default: undefined
Required
A String specifying the filesystem path to the schema used for validation.
Alternatively, you may specify an object containing the JSON-parsed schema.
target
Type: Object
Default: undefined
Required
An Object containing the options to validate against the specified schema.
throw
Type: Boolean
Default: true
By default the validator will throw an error and display validation results upon
failure. If this option is set to false, the validator will not throw an error.
This is typically used in situations where a return value of false for
validate() is sufficient, a stack trace is uneeded, or when
webpack-style log output is
preferred.
Examples
Below is a basic example of how this validator might be used:
1# schema.json 2{ 3 "type": "object", 4 "properties": { 5 "name": { 6 "type": "string" 7 }, 8 "test": { 9 "anyOf": [ 10 { "type": "array" }, 11 { "type": "string" }, 12 { "instanceof": "RegExp" } 13 ] 14 }, 15 "transform": { 16 "instanceof": "Function" 17 }, 18 "sourceMap": { 19 "type": "boolean" 20 } 21 }, 22 "additionalProperties": false 23}
Use in a Loader
1const { getOptions } = require('loader-utils'); 2const validate = require('@webpack-contrib/schema-utils'); 3 4import schema from 'path/to/schema.json' 5 6function loader (src, map) { 7 const options = getOptions(this) || {}; 8 9 validate({ name: 'Loader Name', schema, target: options }); 10 11 // Code... 12}
Use in a Plugin
1const validate = require('@webpack-contrib/schema-utils'); 2const schema = require('path/to/schema.json'); 3 4class Plugin { 5 constructor (options) { 6 validate({ name: 'Plugin Name', schema, target: options }); 7 8 this.options = options; 9 } 10 11 apply (compiler) { 12 // Code... 13 } 14}
License
MIT
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
1 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Reason
7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/webpack/schema-utils/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/webpack/schema-utils/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/webpack/schema-utils/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/webpack/schema-utils/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/webpack/schema-utils/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/webpack/schema-utils/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/webpack/schema-utils/nodejs.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/nodejs.yml:80
- Warn: npmCommand not pinned by hash: .github/workflows/nodejs.yml:81
- Info: 0 out of 5 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 2 out of 4 npmCommand dependencies pinned
Reason
Found 4/24 approved changesets -- score normalized to 1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/nodejs.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 24 are checked with a SAST tool
Score
4.5
/10
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More