Gathering detailed insights and metrics for joi-to-swagger
Gathering detailed insights and metrics for joi-to-swagger
A library to convert Joi schema objects into Swagger schema definitions
Installations
npm install joi-to-swaggerDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=10.0.0
Node Version
16.18.1
NPM Version
8.19.3
Score
98.3
Supply Chain
99.5
Quality
78.2
Maintenance
100
Vulnerability
99.6
License
Releases
9
Languages
1
JavaScript
JavaScript (100%)
Developer
Twipped
Download Statistics
Total Downloads
8,859,125
Last Day
1,164
Last Week
45,795
Last Month
202,765
Last Year
2,183,118
GitHub Statistics
NOASSERTION License
166 Stars
141 Commits
65 Forks
9 Watchers
5 Branches
15 Contributors
Updated on Mar 24, 2025
Bundle Size
75.28 kB
Minified
26.43 kB
Minified + Gzipped
Maintainers
2
Package Meta Information
Latest Version
6.2.0
Package Id
joi-to-swagger@6.2.0
Unpacked Size
21.89 kB
Size
6.96 kB
File Count
5
NPM Version
8.19.3
Node Version
16.18.1
Total Downloads
Cumulative downloads
Total Downloads
8,859,125
Last Day
-37.4%
1,164
Compared to previous day
Last Week
-15.9%
45,795
Compared to previous week
Last Month
4.1%
202,765
Compared to previous month
Last Year
14.5%
2,183,118
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Peer Dependencies
1
joi-to-swagger
Conversion library for transforming Joi schema objects into Swagger OAS 3.0 schema definitions.
1// input 2joi.object().keys({ 3 id: joi.number().integer().positive().required(), 4 name: joi.string(), 5 email: joi.string().email().required(), 6 created: joi.date().allow(null), 7 active: joi.boolean().default(true), 8})
1// output 2{ 3 "type": "object", 4 "required": ["id", "email"], 5 "properties": { 6 "id": { 7 "type": "integer", 8 "minimum": 1 9 }, 10 "name": { 11 "type": "string" 12 }, 13 "email": { 14 "type": "string", 15 "format": "email" 16 }, 17 "created": { 18 "type": "string", 19 "nullable": true, 20 "format": "date-time" 21 }, 22 "active": { 23 "type": "boolean" 24 } 25 }, 26 "additionalProperties": false 27}
Usage
1const j2s = require('joi-to-swagger'); 2 3const { swagger, components } = j2s(mySchema, existingComponents);
- in case of ES6 module syntax:
1import j2s from 'joi-to-swagger'; 2 3const { swagger, components } = j2s(mySchema, existingComponents);
J2S takes two arguments, the first being the Joi object you wish to convert. The second optional argument is a collection of existing components to reference against for the meta className identifiers (see below).
J2S returns a result object containing swagger and components properties. swagger contains your new schema, components contains any components that were generated while parsing your schema.
Supported Conventions:
-
joi.object().unknown(false)->additionalProperties: false.required()on object members produces a"required": []array.pattern(pattern, JoiSchema)->additionalProperties: [Schema]
-
joi.array().items()- in case of multiple provided schemas usingitems()method, the "oneOf" (OAS3) keyword is used.min(4)->"minItems": 4.max(10)->"maxItems": 10.unique(truthy)->"uniqueItems": true
-
joi.number()produces"type": "number"with a format of"float".precision()->"format": "double".integer()->"type": "integer".strict().only(1, 2, '3')->"enum": [1, 2](note that non-numbers are omitted due to swagger type constraints).allow(null)->"nullable": true.min(5)->"minimum": 5(joi.ref is supported and will fallback to 0 if not provided via refValues metadata).max(10)->"maximum": 10(joi.ref is supported and will fallback to 0 if not provided via refValues metadata).positive()->"minimum": 1.negative()->"maximum": -1.valid(1, 2)->"enum": [1, 2].invalid(1, 2)->"not": { "enum": [1, 2] }
-
joi.string()produces"type": "string"with no formatting.strict().only('A', 'B', 1)->"enum": ["A", "B"](note that non-strings are omitted due to swagger type constraints).alphanum()->"pattern": "/^[a-zA-Z0-9]*$/".alphanum().lowercase().alphanum().uppercase().token()->"pattern": "/^[a-zA-Z0-9_]*$/".token().lowercase().token().uppercase().email()->"format": "email".isoDate()->"format": "date-time".regex(/foo/)->"pattern": "/foo/".allow(null)->"nullable": true.min(5)->"minLength": 5.max(10)->"maxLength": 10.uuid()->"format": "uuid".valid('A', 'B')->"enum": ['A', 'B'].invalid('A', 'B')->"not": { "enum": ['A', 'B'] }
-
joi.binary()produces"type": "string"with a format of"binary"..encoding('base64')->"format": "byte".min(5)->"minLength": 5.max(10)->"maxLength": 10.allow(null)->"nullable": true
-
joi.date()produces"type": "string"with a format of"date-time"..allow(null)->"nullable": true
-
joi.alternatives()- structure of alternative schemas is defined by "anyOf", "oneOf" or "allOf (OAS3) keywords.mode('one')-> produces"oneOf": [ { ... } ]- in case of
joi.required()alternative schema, the custom property option "x-required" is added to subschema ->"x-required": true
-
joi.when()conditions are transformed to"oneOf": [ { ... }, { ... } ]keyword- if multiple
joi.when().when()conditions are provided, they are transformed to"anyOf": [ { ... }, { ... } ]keyword - in case of
joi.required()condition, the custom property option "x-required" is added to subschema ->"x-required": true
- if multiple
-
any.default()sets the"default"detail. -
any.example()sets the"example"or"examples"..example('hi')->"example": "hi".example('hi', 'hey')->"examples": ["hi", "hey"]
-
joi.any() -
.meta({ swaggerType: 'file' }).description('simpleFile')add a file to the swagger structure -
.valid(1, 'A')->"enum": [1, 'A'] -
.invalid(1, 'A')->"not": { "enum": [1, 'A'] }
Meta Overrides
The following may be provided on a joi .meta() object to explicitly override default joi-to-schema behavior.
className: By default J2S will be full verbose in its components. If an object has a className string, J2S will look for an existing schema component with that name, and if a component does not exist then it will create one. Either way, it will produce a $ref element for that schema component. If a new component is created it will be returned with the swagger schema.
classTarget: Named components are assumed to be schemas, and are referenced as components/schemas/ComponentName. If a classTarget meta value is provided (such as parameters), this will replace schemas in the reference.
swagger: To explicitly define your own swagger component for a joi schema object, place that swagger object in the swagger meta tag. It will be mixed in to the schema that J2S produces.
swaggerOverride: If this meta tag is truthy, the swagger component will replace the result for that schema instead of mixing in to it.
swaggerType: Can be used with the .any() type to add files.
schemaOverride: A replacement Joi schema which is used to generate swagger. For example, AWS API Gateway supports a subset of the swagger spec. In order to utilize this library with AWS API Gateway's swagger, this option is useful when working with Joi.alternatives().
The example below uses joi.when, which would normally use oneOf, anyOf, or allOf keywords. In order to get around that, the meta tag overrides the schema to be similar, but less strict.
joi.object({
type: joi.string().valid('a', 'b'),
body: when('type', {
is: 'a',
then: joi.object({ a: joi.string() }),
otherwise: when('type', {
is: 'b',
then: joi.object({ b: joi.string() }),
otherwise: joi.forbidden()
})
})
}).meta({ schemaOverride: joi.object({ a: joi.string(), b: joi.string() })})
refValues: The possibility to give exact values when using joi.ref()
joi.object({
durationFrom: joi.number().integer().min(5).max(10),
durationTo: joi.number().integer().min(joi.ref('durationFrom')).max(20)
.meta({ refValues: { durationFrom: 5 } }),
})
Custom Types (joi.extend)
For supporting custom joi types you can add the needed type information using a the meta property baseType.
1const customJoi = joi.extend({ 2 type: 'customStringType', 3 base: joi.string().meta({ baseType: 'string' }), 4 // ... 5});
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/Twipped/joi-to-swagger/tests.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/Twipped/joi-to-swagger/tests.yaml/master?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
Found 4/24 approved changesets -- score normalized to 1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/tests.yaml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 12 are checked with a SAST tool
Reason
12 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-rxrc-rgv4-jpvx
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
2.8
/10
Last Scanned on 2025-06-09
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More