{"id":13676314,"url":"https://github.com/bids-standard/bids-validator","last_synced_at":"2026-01-16T17:54:05.584Z","repository":{"id":261112315,"uuid":"878132326","full_name":"bids-standard/bids-validator","owner":"bids-standard","description":"Validator for the Brain Imaging Data Structure","archived":false,"fork":false,"pushed_at":"2025-09-29T16:29:52.000Z","size":25953,"stargazers_count":20,"open_issues_count":90,"forks_count":15,"subscribers_count":11,"default_branch":"main","last_synced_at":"2025-09-29T16:41:51.958Z","etag":null,"topics":["bids","data-standards","neuroimaging-data","validation"],"latest_commit_sha":null,"homepage":"https://bids-validator.readthedocs.io/en/stable/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bids-standard.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-10-24T20:48:31.000Z","updated_at":"2025-09-29T15:37:40.000Z","dependencies_parsed_at":"2025-01-12T21:35:17.422Z","dependency_job_id":"b6ac92f0-3ec2-4e5a-b2ed-f67f66ea8763","html_url":"https://github.com/bids-standard/bids-validator","commit_stats":{"total_commits":4086,"total_committers":75,"mean_commits":54.48,"dds":0.7961331375428291,"last_synced_commit":"da2c6e6ace106708c71124a76f6943679cdab80a"},"previous_names":["bids-standard/bids-validator-temp","bids-standard/bids-validator"],"tags_count":129,"template":false,"template_full_name":null,"purl":"pkg:github/bids-standard/bids-validator","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bids-standard%2Fbids-validator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bids-standard%2Fbids-validator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bids-standard%2Fbids-validator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bids-standard%2Fbids-validator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bids-standard","download_url":"https://codeload.github.com/bids-standard/bids-validator/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bids-standard%2Fbids-validator/sbom","scorecard":{"id":237018,"data":{"date":"2025-08-11","repo":{"name":"github.com/bids-standard/bids-validator","commit":"8bae3508568fd78c3fe1dec1e8c5903bbaba2015"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":3,"reason":"Found 4/11 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/deno_tests.yml:109","Info: jobLevel 'contents' permission set to 'read': .github/workflows/web_build.yml:79","Warn: no topLevel permission defined: .github/workflows/codespell.yml:1","Warn: no topLevel permission defined: .github/workflows/deno_tests.yml:1","Warn: no topLevel permission defined: .github/workflows/validation.yml:1","Warn: no topLevel permission defined: .github/workflows/web_build.yml:1","Warn: no topLevel permission defined: .github/workflows/wheels.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codespell.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/codespell.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/codespell.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/codespell.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deno_tests.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/deno_tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/validation.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/validation.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/validation.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/web_build.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/web_build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/web_build.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/web_build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/web_build.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/web_build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/web_build.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/web_build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/web_build.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/web_build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/web_build.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/web_build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/web_build.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/web_build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/web_build.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/web_build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wheels.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wheels.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wheels.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wheels.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wheels.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wheels.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wheels.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wheels.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wheels.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wheels.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wheels.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/bids-standard/bids-validator/wheels.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:2","Warn: containerImage not pinned by hash: Dockerfile:18","Warn: containerImage not pinned by hash: Dockerfile:26","Info:   1 out of  26 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  12 third-party GitHubAction dependencies pinned","Info:   0 out of   3 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/wheels.yml:81"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 24 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T05:57:03.339Z","repository_id":261112315,"created_at":"2025-08-17T05:57:03.339Z","updated_at":"2025-08-17T05:57:03.339Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":277851890,"owners_count":25888542,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-01T02:00:09.286Z","response_time":88,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bids","data-standards","neuroimaging-data","validation"],"created_at":"2024-08-02T13:00:22.570Z","updated_at":"2025-10-04T07:48:05.729Z","avatar_url":"https://github.com/bids-standard.png","language":"TypeScript","readme":"[![Deno build](https://github.com/bids-standard/bids-validator/actions/workflows/deno_tests.yml/badge.svg)](https://github.com/bids-standard/bids-validator/actions/workflows/deno_tests.yml)\n[![Web validator](https://github.com/bids-standard/bids-validator/actions/workflows/web_build.yml/badge.svg)](https://github.com/bids-standard/bids-validator/actions/workflows/web_build.yml)\n[![Documentation Status](https://readthedocs.org/projects/bids-validator/badge/?version=latest)](https://bids-validator.readthedocs.io/en/latest/?badge=latest)\n[![DOI](https://zenodo.org/badge/DOI/10.5281/zenodo.3688707.svg)](https://doi.org/10.5281/zenodo.3688707)\n\n# The BIDS Validator\n\nThe BIDS Validator is a web application, command-line utility,\nand Javascript/Typescript library for assessing compliance with the\n[Brain Imaging Data Structure (BIDS)][BIDS] standard.\n\n## Getting Started\n\nIn most cases,\nthe simplest way to use the validator is to browse to the [BIDS Validator][] web page:\n\n![The web interface to the BIDS Validator with the \"Select Dataset Files\" button highlighted.\n(Dark theme)](docs/_static/web_entrypoint_dark.png#gh-dark-mode-only)\n![The web interface to the BIDS Validator with the \"Select Dataset Files\" button highlighted.\n(Light theme)](docs/_static/web_entrypoint_light.png#gh-light-mode-only)\n\nThe web validator runs in-browser, and does not transfer data to any remote server.\n\nIn some contexts, such as when working on a remote server,\nit may be easier to use the command-line.\nThe BIDS Validator can be run with the [Deno][] runtime\n(see [Deno - Installation][] for detailed installation instructions):\n\n```shell\ndeno run -ERWN jsr:@bids/validator\n```\n\nDeno by default sandboxes applications like a web browser.\n`-E`, `-R`, `-W`, and `-N` allow the validator to read environment variables,\nread/write local files, and read network locations.\n\nA pre-compiled binary is published to [PyPI][] and may be installed with:\n\n```\npip install bids-validator-deno\nbids-validator-deno --help\n```\n\n### Configuration file\n\nThe schema validator accepts a JSON configuration file that reclassifies issues as\nwarnings, errors or ignored.\n\n```json\n{\n  \"ignore\": [\n    { \"code\": \"JSON_KEY_RECOMMENDED\", \"location\": \"/T1w.json\" }\n  ],\n  \"warning\": [],\n  \"error\": [\n    { \"code\": \"NO_AUTHORS\" }\n  ]\n}\n```\n\nThe issues are partial matches of the `issues` that the validator accumulates.\nPass the `--json` flag to see the issues in detail.\n\n### Development tools\n\nFrom the repository root, use `./local-run` to run with all permissions enabled by default:\n\n```shell\n# Run from within the /bids-validator directory\ncd bids-validator\n# Run validator:\n./local-run path/to/dataset\n```\n\n## Schema validator test suite\n\n```shell\n# Run tests:\ndeno test --allow-env --allow-read --allow-write src/\n```\n\nThis test suite includes running expected output from bids-examples and may throw some expected failures for bids-examples datasets where either the schema or validator are misaligned with the example dataset while under development.\n\n## Modifying and building a new schema\n\nTo modify the schema a clone of bids-standard/bids-specification will need to be made. README and schema itself live here https://github.com/bids-standard/bids-specification/tree/master/src/schema.\n\nAfter changes to the schema have been made to a local copy the dereferenced single json file used by the validator will need to be built. The `bidsschematools` python package does this. It can be installed from pypi via pip or a local installation can be made. It lives in the specification repository here https://github.com/bids-standard/bids-specification/tree/master/tools/schemacode\n\nThe command to compile a dereferenced schema is `bst -v export --schema src/schema --output src/schema.json` (this assumes you are in the root of the bids-specification repo). Once compiled it can be passed to the validator via the `-s` flag, `./bids-validator-deno -s \u003cpath to schema\u003e \u003cpath to dataset\u003e`\n\n\n## Documentation\n\nThe BIDS validator documentation is available on [Read the Docs](https://bids-validator.readthedocs.io/en/latest/).\n\n[BIDS]: https://bids.neuroimaging.io\n[BIDS Validator]: https://bids-standard.github.io/bids-validator/\n[Deno]: https://deno.com/\n[Deno - Installation]: https://docs.deno.com/runtime/getting_started/installation/\n[PyPI]: https://pypi.org/project/bids-validator-deno/\n","funding_links":[],"categories":["Validation","Data Conversion and Standards"],"sub_categories":["others"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbids-standard%2Fbids-validator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbids-standard%2Fbids-validator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbids-standard%2Fbids-validator/lists"}