Gathering detailed insights and metrics for ajv
Gathering detailed insights and metrics for ajv
The fastest JSON schema Validator. Supports JSON Schema draft-04/06/07/2019-09/2020-12 and JSON Type Definition (RFC8927)
Installations
npm install ajvDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
18.20.3
NPM Version
10.7.0
Score
98.5
Supply Chain
100
Quality
78.9
Maintenance
100
Vulnerability
100
License
Releases
163
Languages
3
TypeScript
JavaScript
Shell
TypeScript (97.87%)
JavaScript (1.68%)
Shell (0.45%)
Developer
Download Statistics
Total Downloads
22,585,518,060
Last Day
7,788,601
Last Week
136,543,471
Last Month
584,206,573
Last Year
6,040,012,288
GitHub Statistics
MIT License
14,267 Stars
2,713 Commits
897 Forks
112 Watchers
24 Branches
203 Contributors
Updated on Jul 01, 2025
Bundle Size
111.05 kB
Minified
32.02 kB
Minified + Gzipped
Sponsor this package
Maintainers
2
Package Meta Information
Latest Version
8.17.1
Package Id
ajv@8.17.1
Unpacked Size
0.98 MB
Size
212.05 kB
File Count
466
NPM Version
10.7.0
Node Version
18.20.3
Published on
Jul 12, 2024
Total Downloads
Cumulative downloads
Total Downloads
22,585,518,060
Last Day
-7.5%
7,788,601
Compared to previous day
Last Week
-7.5%
136,543,471
Compared to previous week
Last Month
2.7%
584,206,573
Compared to previous month
Last Year
23.9%
6,040,012,288
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
41
@ajv-validator/config@rollup/plugin-commonjs@rollup/plugin-json@rollup/plugin-node-resolve@rollup/plugin-typescript@types/chai@types/mocha@types/node@types/require-from-string@typescript-eslint/eslint-plugin@typescript-eslint/parserajv-formatsbrowserifychaicross-envdayjsdayjs-plugin-utceslinteslint-config-prettierglobhuskyif-node-versionjimpjs-beautifyjson-schema-testkarmakarma-chrome-launcherkarma-mochalint-stagedmochamodule-from-stringnode-fetchnycprettierre2rolluprollup-plugin-terserts-nodetsifytypescripturi-js
Ajv JSON schema validator
The fastest JSON validator for Node.js and browser.
Supports JSON Schema draft-04/06/07/2019-09/2020-12 (draft-04 support requires ajv-draft-04 package) and JSON Type Definition RFC8927.
Ajv sponsors
Contributing
More than 100 people contributed to Ajv, and we would love to have you join the development. We welcome implementing new features that will benefit many users and ideas to improve our documentation.
Please review Contributing guidelines and Code components.
Documentation
All documentation is available on the Ajv website.
Some useful site links:
- Getting started
- JSON Schema vs JSON Type Definition
- API reference
- Strict mode
- Standalone validation code
- Security considerations
- Command line interface
- Frequently Asked Questions
Please sponsor Ajv development
Since I asked to support Ajv development 40 people and 6 organizations contributed via GitHub and OpenCollective - this support helped receiving the MOSS grant!
Your continuing support is very important - the funds will be used to develop and maintain Ajv once the next major version is released.
Please sponsor Ajv via:
- GitHub sponsors page (GitHub will match it)
- Ajv Open Collective
Thank you.
Open Collective sponsors
Performance
Ajv generates code to turn JSON Schemas into super-fast validation functions that are efficient for v8 optimization.
Currently Ajv is the fastest and the most standard compliant validator according to these benchmarks:
- json-schema-benchmark - 50% faster than the second place
- jsck benchmark - 20-190% faster
- z-schema benchmark
- themis benchmark
Performance of different validators by json-schema-benchmark:
Features
- Ajv implements JSON Schema draft-06/07/2019-09/2020-12 standards (draft-04 is supported in v6):
- all validation keywords (see JSON Schema validation keywords)
- OpenAPI extensions:
- NEW: keyword discriminator.
- keyword nullable.
- full support of remote references (remote schemas have to be added with
addSchemaor compiled to be available) - support of recursive references between schemas
- correct string lengths for strings with unicode pairs
- JSON Schema formats (with ajv-formats plugin).
- validates schemas against meta-schema
- NEW: supports JSON Type Definition:
- all keywords (see JSON Type Definition schema forms)
- meta-schema for JTD schemas
- "union" keyword and user-defined keywords (can be used inside "metadata" member of the schema)
- supports browsers and Node.js 10.x - current
- asynchronous loading of referenced schemas during compilation
- "All errors" validation mode with option allErrors
- error messages with parameters describing error reasons to allow error message generation
- i18n error messages support with ajv-i18n package
- removing-additional-properties
- assigning defaults to missing properties and items
- coercing data to the types specified in
typekeywords - user-defined keywords
- additional extension keywords with ajv-keywords package
- $data reference to use values from the validated data as values for the schema keywords
- asynchronous validation of user-defined formats and keywords
Install
To install version 8:
npm install ajv
Getting started
Try it in the Node.js REPL: https://runkit.com/npm/ajv
In JavaScript:
1// or ESM/TypeScript import 2import Ajv from "ajv" 3// Node.js require: 4const Ajv = require("ajv") 5 6const ajv = new Ajv() // options can be passed, e.g. {allErrors: true} 7 8const schema = { 9 type: "object", 10 properties: { 11 foo: {type: "integer"}, 12 bar: {type: "string"}, 13 }, 14 required: ["foo"], 15 additionalProperties: false, 16} 17 18const data = { 19 foo: 1, 20 bar: "abc", 21} 22 23const validate = ajv.compile(schema) 24const valid = validate(data) 25if (!valid) console.log(validate.errors)
Learn how to use Ajv and see more examples in the Guide: getting started
Changes history
See https://github.com/ajv-validator/ajv/releases
Please note: Changes in version 8.0.0
Code of conduct
Please review and follow the Code of conduct.
Please report any unacceptable behaviour to ajv.validator@gmail.com - it will be reviewed by the project team.
Security contact
To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure. Please do NOT report security vulnerabilities via GitHub issues.
Open-source software support
Ajv is a part of Tidelift subscription - it provides a centralised support to open-source software users, in addition to the support provided by software maintainers.
License
Moderate
5.6/10
Summary
Prototype Pollution in Ajv
Affected Versions
< 6.12.3
Patched Versions
6.12.3
Reason
security policy file detected
Details
- Info: security policy file detected: docs/security.md:1
- Info: Found linked content: docs/security.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: docs/security.md:1
- Info: Found text in security policy: docs/security.md:1
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 29/30 approved changesets -- score normalized to 9
Reason
badge detected: InProgress
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/build.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Info: no jobLevel write permissions found
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ajv-validator/ajv/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/ajv-validator/ajv/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/ajv-validator/ajv/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/ajv-validator/ajv/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/ajv-validator/ajv/publish.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: scripts/publish-site:8
- Warn: npmCommand not pinned by hash: scripts/publish-site:9
- Warn: npmCommand not pinned by hash: .github/workflows/build.yml:24
- Warn: npmCommand not pinned by hash: .github/workflows/publish.yml:17
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 4 npmCommand dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Score
5.5
/10
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More