{"id":42267844,"url":"https://github.com/cvent/json-schema-deref-sync","last_synced_at":"2026-01-27T06:51:33.055Z","repository":{"id":28836979,"uuid":"32360672","full_name":"cvent/json-schema-deref-sync","owner":"cvent","description":"Synchronous json schema dereference utility","archived":false,"fork":false,"pushed_at":"2025-11-15T01:09:34.000Z","size":430,"stargazers_count":36,"open_issues_count":32,"forks_count":24,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-11-15T03:20:14.275Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://bojand.github.io/json-schema-deref-sync","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cvent.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2015-03-17T00:08:15.000Z","updated_at":"2025-04-15T14:03:33.000Z","dependencies_parsed_at":"2023-01-14T09:41:59.159Z","dependency_job_id":"7b5221e9-0e51-4357-b292-1c232d59a941","html_url":"https://github.com/cvent/json-schema-deref-sync","commit_stats":{"total_commits":76,"total_committers":14,"mean_commits":5.428571428571429,"dds":0.3026315789473685,"last_synced_commit":"fa780673019443c04e2af786e6514d209e52d125"},"previous_names":["bojand/json-schema-deref-sync"],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/cvent/json-schema-deref-sync","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cvent%2Fjson-schema-deref-sync","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cvent%2Fjson-schema-deref-sync/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cvent%2Fjson-schema-deref-sync/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cvent%2Fjson-schema-deref-sync/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cvent","download_url":"https://codeload.github.com/cvent/json-schema-deref-sync/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cvent%2Fjson-schema-deref-sync/sbom","scorecard":{"id":313378,"data":{"date":"2025-08-11","repo":{"name":"github.com/cvent/json-schema-deref-sync","commit":"fa780673019443c04e2af786e6514d209e52d125"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.9,"checks":[{"name":"Code-Review","score":4,"reason":"Found 11/26 approved changesets -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":5,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'master'","Info: 'force pushes' disabled on branch 'master'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'master'","Warn: 'stale review dismissal' is disabled on branch 'master'","Warn: required approving review count is 1 on branch 'master'","Warn: codeowners review is required - but no codeowners file found in repo","Warn: 'last push approval' is disabled on branch 'master'","Warn: no status checks found to merge onto branch 'master'","Info: PRs are required in order to make changes on branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 15 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"37 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-6chw-6frg-f759","Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-3gx7-xhv7-5mx3","Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm","Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5","Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9","Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f","Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p","Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv","Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8","Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65","Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh","Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44","Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988","Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj","Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-p9wx-2529-fp83","Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj","Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-g6ww-v8xp-vmwg","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-mxhp-79qh-mcx6","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-cf4h-3jhx-xvhq","Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh","Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T23:37:21.959Z","repository_id":28836979,"created_at":"2025-08-17T23:37:21.959Z","updated_at":"2025-08-17T23:37:21.959Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28806722,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T06:25:51.065Z","status":"ssl_error","status_checked_at":"2026-01-27T06:25:50.640Z","response_time":168,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-27T06:51:32.232Z","updated_at":"2026-01-27T06:51:33.037Z","avatar_url":"https://github.com/cvent.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# json-schema-deref-sync\n\n[![npm version](https://img.shields.io/npm/v/json-schema-deref-sync.svg?style=flat-square)](https://www.npmjs.com/package/json-schema-deref-sync)\n[![build status](https://img.shields.io/travis/bojand/json-schema-deref-sync/master.svg?style=flat-square)](https://travis-ci.org/bojand/json-schema-deref-sync)\n[![JavaScript Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg?style=flat-square)](https://standardjs.com)\n[![License](https://img.shields.io/github/license/bojand/json-schema-deref-sync.svg?style=flat-square)](https://raw.githubusercontent.com/bojand/json-schema-deref-sync/master/LICENSE)\n\nDereference JSON pointers in a JSON schemas with their true resolved values.\nBasically a lighter, synchronous version of [json-schema-deref](https://github.com/bojand/json-schema-deref) but omits web references.\n\n## Installation\n\n`npm install json-schema-deref-sync`\n\n## Overview\n\nLet's say you have the following JSON Schema:\n\n```json\n{\n  \"description\": \"Just some JSON schema.\",\n  \"title\": \"Basic Widget\",\n  \"type\": \"object\",\n  \"definitions\": {\n    \"id\": {\n      \"description\": \"unique identifier\",\n      \"type\": \"string\",\n      \"minLength\": 1,\n      \"readOnly\": true\n    }\n  },\n  \"properties\": {\n    \"id\": {\n      \"$ref\": \"#/definitions/id\"\n    },\n    \"bar\": {\n      \"$ref\": \"bar.json\"\n    }\n  }\n}\n```\n\nSometimes you just want that schema to be fully expanded, with `$ref`'s being their (true) resolved values:\n\n```json\n{\n  \"description\": \"Just some JSON schema.\",\n  \"title\": \"Basic Widget\",\n  \"type\": \"object\",\n  \"definitions\": {\n    \"id\": {\n      \"description\": \"unique identifier\",\n      \"type\": \"string\",\n      \"minLength\": 1,\n      \"readOnly\": true\n    }\n  },\n  \"properties\": {\n    \"id\": {\n      \"description\": \"unique identifier\",\n      \"type\": \"string\",\n      \"minLength\": 1,\n      \"readOnly\": true\n    },\n    \"bar\": {\n      \"description\": \"bar property\",\n      \"type\": \"boolean\"\n    }\n  }\n}\n```\n\nThis utility lets you do that:\n\n\n```js\nvar deref = require('json-schema-deref-sync');\nvar myschema = require('schema.json');\n\nvar fullSchema = deref(myschema);\n```\n\n## API Reference\n\n\u003ca name=\"deref\"\u003e\u003c/a\u003e\n\n## deref(schema, options) ⇒ \u003ccode\u003eObject\u003c/code\u003e \\| \u003ccode\u003eError\u003c/code\u003e\nDerefs \u003ccode\u003e$ref\u003c/code\u003e's in JSON Schema to actual resolved values. Supports local, and file refs.\n\n**Kind**: global function  \n**Returns**: \u003ccode\u003eObject\u003c/code\u003e \\| \u003ccode\u003eError\u003c/code\u003e - the deref schema oran instance of \u003ccode\u003eError\u003c/code\u003e if error.  \n\n| Param | Type | Description |\n| --- | --- | --- |\n| schema | \u003ccode\u003eObject\u003c/code\u003e | The JSON schema |\n| options | \u003ccode\u003eObject\u003c/code\u003e | options |\n| options.baseFolder | \u003ccode\u003eString\u003c/code\u003e | the base folder to get relative path files from. Default is \u003ccode\u003eprocess.cwd()\u003c/code\u003e |\n| options.failOnMissing | \u003ccode\u003eBoolean\u003c/code\u003e | By default missing / unresolved refs will be left as is with their ref value intact.                                        If set to \u003ccode\u003etrue\u003c/code\u003e we will error out on first missing ref that we cannot                                        resolve. Default: \u003ccode\u003efalse\u003c/code\u003e. |\n| options.mergeAdditionalProperties | \u003ccode\u003eBoolean\u003c/code\u003e | By default properties in a object with $ref will be removed in the output.                                                    If set to \u003ccode\u003etrue\u003c/code\u003e they will be added/overwrite the output. This will use lodash's merge function.                                                    Default: \u003ccode\u003efalse\u003c/code\u003e. |\n| options.removeIds | \u003ccode\u003eBoolean\u003c/code\u003e | By default \u003ccode\u003e$id\u003c/code\u003e fields will get copied when dereferencing.                                    If set to \u003ccode\u003etrue\u003c/code\u003e they will be removed.  Merged properties will not get removed.                                    Default: \u003ccode\u003efalse\u003c/code\u003e. |\n| options.loaders | \u003ccode\u003eObject\u003c/code\u003e | A hash mapping reference types (e.g., 'file') to loader functions. |\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcvent%2Fjson-schema-deref-sync","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcvent%2Fjson-schema-deref-sync","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcvent%2Fjson-schema-deref-sync/lists"}