Installations
npm install joi-to-swagger
Developer Guide
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=10.0.0
Node Version
16.18.1
NPM Version
8.19.3
Score
90.8
Supply Chain
99.5
Quality
78.2
Maintenance
100
Vulnerability
99.6
License
Releases
Contributors
Unable to fetch Contributors
Languages
JavaScript (100%)
Developer
Twipped
Download Statistics
Total Downloads
7,834,100
Last Day
1,389
Last Week
31,023
Last Month
194,739
Last Year
1,893,671
GitHub Statistics
166 Stars
141 Commits
63 Forks
10 Watching
5 Branches
15 Contributors
Bundle Size
75.28 kB
Minified
26.43 kB
Minified + Gzipped
Package Meta Information
Latest Version
6.2.0
Package Id
joi-to-swagger@6.2.0
Unpacked Size
21.89 kB
Size
6.96 kB
File Count
5
NPM Version
8.19.3
Node Version
16.18.1
Total Downloads
Cumulative downloads
Total Downloads
7,834,100
Last day
-86.2%
1,389
Compared to previous day
Last week
-36.7%
31,023
Compared to previous week
Last month
10.8%
194,739
Compared to previous month
Last year
-9.2%
1,893,671
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Peer Dependencies
1
joi-to-swagger
Conversion library for transforming Joi schema objects into Swagger OAS 3.0 schema definitions.
1// input 2joi.object().keys({ 3 id: joi.number().integer().positive().required(), 4 name: joi.string(), 5 email: joi.string().email().required(), 6 created: joi.date().allow(null), 7 active: joi.boolean().default(true), 8})
1// output 2{ 3 "type": "object", 4 "required": ["id", "email"], 5 "properties": { 6 "id": { 7 "type": "integer", 8 "minimum": 1 9 }, 10 "name": { 11 "type": "string" 12 }, 13 "email": { 14 "type": "string", 15 "format": "email" 16 }, 17 "created": { 18 "type": "string", 19 "nullable": true, 20 "format": "date-time" 21 }, 22 "active": { 23 "type": "boolean" 24 } 25 }, 26 "additionalProperties": false 27}
Usage
1const j2s = require('joi-to-swagger'); 2 3const { swagger, components } = j2s(mySchema, existingComponents);
- in case of ES6 module syntax:
1import j2s from 'joi-to-swagger'; 2 3const { swagger, components } = j2s(mySchema, existingComponents);
J2S takes two arguments, the first being the Joi object you wish to convert. The second optional argument is a collection of existing components to reference against for the meta className
identifiers (see below).
J2S returns a result object containing swagger
and components
properties. swagger
contains your new schema, components
contains any components that were generated while parsing your schema.
Supported Conventions:
-
joi.object()
.unknown(false)
->additionalProperties: false
.required()
on object members produces a"required": []
array.pattern(pattern, JoiSchema)
->additionalProperties: [Schema]
-
joi.array().items()
- in case of multiple provided schemas usingitems()
method, the "oneOf" (OAS3) keyword is used.min(4)
->"minItems": 4
.max(10)
->"maxItems": 10
.unique(truthy)
->"uniqueItems": true
-
joi.number()
produces"type": "number"
with a format of"float"
.precision()
->"format": "double"
.integer()
->"type": "integer"
.strict().only(1, 2, '3')
->"enum": [1, 2]
(note that non-numbers are omitted due to swagger type constraints).allow(null)
->"nullable": true
.min(5)
->"minimum": 5
(joi.ref is supported and will fallback to 0 if not provided via refValues metadata).max(10)
->"maximum": 10
(joi.ref is supported and will fallback to 0 if not provided via refValues metadata).positive()
->"minimum": 1
.negative()
->"maximum": -1
.valid(1, 2)
->"enum": [1, 2]
.invalid(1, 2)
->"not": { "enum": [1, 2] }
-
joi.string()
produces"type": "string"
with no formatting.strict().only('A', 'B', 1)
->"enum": ["A", "B"]
(note that non-strings are omitted due to swagger type constraints).alphanum()
->"pattern": "/^[a-zA-Z0-9]*$/"
.alphanum().lowercase()
.alphanum().uppercase()
.token()
->"pattern": "/^[a-zA-Z0-9_]*$/"
.token().lowercase()
.token().uppercase()
.email()
->"format": "email"
.isoDate()
->"format": "date-time"
.regex(/foo/)
->"pattern": "/foo/"
.allow(null)
->"nullable": true
.min(5)
->"minLength": 5
.max(10)
->"maxLength": 10
.uuid()
->"format": "uuid"
.valid('A', 'B')
->"enum": ['A', 'B']
.invalid('A', 'B')
->"not": { "enum": ['A', 'B'] }
-
joi.binary()
produces"type": "string"
with a format of"binary"
..encoding('base64')
->"format": "byte"
.min(5)
->"minLength": 5
.max(10)
->"maxLength": 10
.allow(null)
->"nullable": true
-
joi.date()
produces"type": "string"
with a format of"date-time"
..allow(null)
->"nullable": true
-
joi.alternatives()
- structure of alternative schemas is defined by "anyOf", "oneOf" or "allOf (OAS3) keywords.mode('one')
-> produces"oneOf": [ { ... } ]
- in case of
joi.required()
alternative schema, the custom property option "x-required" is added to subschema ->"x-required": true
-
joi.when()
conditions are transformed to"oneOf": [ { ... }, { ... } ]
keyword- if multiple
joi.when().when()
conditions are provided, they are transformed to"anyOf": [ { ... }, { ... } ]
keyword - in case of
joi.required()
condition, the custom property option "x-required" is added to subschema ->"x-required": true
- if multiple
-
any.default()
sets the"default"
detail. -
any.example()
sets the"example"
or"examples"
..example('hi')
->"example": "hi"
.example('hi', 'hey')
->"examples": ["hi", "hey"]
-
joi.any()
-
.meta({ swaggerType: 'file' }).description('simpleFile')
add a file to the swagger structure -
.valid(1, 'A')
->"enum": [1, 'A']
-
.invalid(1, 'A')
->"not": { "enum": [1, 'A'] }
Meta Overrides
The following may be provided on a joi .meta()
object to explicitly override default joi-to-schema behavior.
className: By default J2S will be full verbose in its components. If an object has a className
string, J2S will look for an existing schema component with that name, and if a component does not exist then it will create one. Either way, it will produce a $ref
element for that schema component. If a new component is created it will be returned with the swagger schema.
classTarget: Named components are assumed to be schemas, and are referenced as components/schemas/ComponentName
. If a classTarget
meta value is provided (such as parameters
), this will replace schemas in the reference.
swagger: To explicitly define your own swagger component for a joi schema object, place that swagger object in the swagger
meta tag. It will be mixed in to the schema that J2S produces.
swaggerOverride: If this meta tag is truthy, the swagger
component will replace the result for that schema instead of mixing in to it.
swaggerType: Can be used with the .any() type to add files.
schemaOverride: A replacement Joi schema which is used to generate swagger. For example, AWS API Gateway supports a subset of the swagger spec. In order to utilize this library with AWS API Gateway's swagger, this option is useful when working with Joi.alternatives().
The example below uses joi.when
, which would normally use oneOf
, anyOf
, or allOf
keywords. In order to get around that, the meta tag overrides the schema to be similar, but less strict.
joi.object({
type: joi.string().valid('a', 'b'),
body: when('type', {
is: 'a',
then: joi.object({ a: joi.string() }),
otherwise: when('type', {
is: 'b',
then: joi.object({ b: joi.string() }),
otherwise: joi.forbidden()
})
})
}).meta({ schemaOverride: joi.object({ a: joi.string(), b: joi.string() })})
refValues: The possibility to give exact values when using joi.ref()
joi.object({
durationFrom: joi.number().integer().min(5).max(10),
durationTo: joi.number().integer().min(joi.ref('durationFrom')).max(20)
.meta({ refValues: { durationFrom: 5 } }),
})
Custom Types (joi.extend)
For supporting custom joi types you can add the needed type information using a the meta property baseType.
1const customJoi = joi.extend({ 2 type: 'customStringType', 3 base: joi.string().meta({ baseType: 'string' }), 4 // ... 5});
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/Twipped/joi-to-swagger/tests.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/Twipped/joi-to-swagger/tests.yaml/master?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
Found 4/24 approved changesets -- score normalized to 1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/tests.yaml:1
- Info: no jobLevel write permissions found
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 12 are checked with a SAST tool
Reason
11 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-rxrc-rgv4-jpvx
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
2.8
/10
Last Scanned on 2024-12-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More