{"id":19327959,"url":"https://github.com/inab/python-extended-json-schema-validator","last_synced_at":"2026-04-29T01:02:52.521Z","repository":{"id":57427749,"uuid":"411201785","full_name":"inab/python-extended-json-schema-validator","owner":"inab","description":null,"archived":false,"fork":false,"pushed_at":"2023-11-21T23:40:30.000Z","size":399,"stargazers_count":1,"open_issues_count":1,"forks_count":0,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-08-23T18:09:11.780Z","etag":null,"topics":["json-schema"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-2.1","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/inab.png","metadata":{"files":{"readme":"README-extensions.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-09-28T08:40:13.000Z","updated_at":"2023-05-10T15:07:41.000Z","dependencies_parsed_at":"2024-11-17T17:35:17.837Z","dependency_job_id":"c09a432c-af5a-494d-98b4-579b10563cd9","html_url":"https://github.com/inab/python-extended-json-schema-validator","commit_stats":{"total_commits":179,"total_committers":5,"mean_commits":35.8,"dds":0.05586592178770955,"last_synced_commit":"91dde5d2c9db77547c9d413b07e9428a8121086b"},"previous_names":[],"tags_count":58,"template":false,"template_full_name":null,"purl":"pkg:github/inab/python-extended-json-schema-validator","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inab%2Fpython-extended-json-schema-validator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inab%2Fpython-extended-json-schema-validator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inab%2Fpython-extended-json-schema-validator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inab%2Fpython-extended-json-schema-validator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/inab","download_url":"https://codeload.github.com/inab/python-extended-json-schema-validator/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inab%2Fpython-extended-json-schema-validator/sbom","scorecard":{"id":486731,"data":{"date":"2025-08-11","repo":{"name":"github.com/inab/python-extended-json-schema-validator","commit":"9d6aad2b4c2d150b81282ed09c297a85e2b645ce"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/28 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build_n_deploy.yml:1","Warn: no topLevel permission defined: .github/workflows/pre-commit.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_n_deploy.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/build_n_deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_n_deploy.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/build_n_deploy.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_n_deploy.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/build_n_deploy.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_n_deploy.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/build_n_deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pre-commit.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/inab/python-extended-json-schema-validator/pre-commit.yml/main?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/pre-commit.yml:23","Warn: pipCommand not pinned by hash: .github/workflows/pre-commit.yml:24","Warn: pipCommand not pinned by hash: .github/workflows/pre-commit.yml:37","Warn: pipCommand not pinned by hash: .github/workflows/pre-commit.yml:65","Warn: pipCommand not pinned by hash: .github/workflows/pre-commit.yml:66","Warn: pipCommand not pinned by hash: .github/workflows/pre-commit.yml:79","Info:   0 out of  12 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   7 third-party GitHubAction dependencies pinned","Info:   0 out of   6 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU Lesser General Public License v2.1: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":5,"reason":"5 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2022-43017 / GHSA-qwmp-2cf2-g9g6","Warn: Project is vulnerable to: GHSA-7372-q459-jxhr","Warn: Project is vulnerable to: PYSEC-2019-199 / GHSA-r6v3-hpxj-r8rv","Warn: Project is vulnerable to: PYSEC-2021-142 / GHSA-8q59-q68h-6hv4","Warn: Project is vulnerable to: PYSEC-2018-49 / GHSA-rprw-h62v-c2w7"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 2 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-19T18:00:10.082Z","repository_id":57427749,"created_at":"2025-08-19T18:00:10.082Z","updated_at":"2025-08-19T18:00:10.082Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32405904,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-28T19:38:08.556Z","status":"ssl_error","status_checked_at":"2026-04-28T19:37:55.688Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["json-schema"],"created_at":"2024-11-10T02:19:32.081Z","updated_at":"2026-04-29T01:02:52.504Z","avatar_url":"https://github.com/inab.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Implemented JSON Schema validation extensions\n\nThe extensions implemented are focused on features which involve more than one JSON document, like unique or primary key checks, as well as foreign key ones. Examples of these extensions are available at [test-data](test-data) folder.\n\n* __Unique values check__: When the `unique` attribute is declared, the values assigned in that part of the schema on a set of JSON contents must be unique. The check includes all the loaded JSON contents. There are several examples inside [test-data](test-data). Its behaviour is the next:\n\n  + If `unique` is a _`true`_ JSON value, the whole value in that position is used for the uniqueness check.\n  \n  + If `unique` is an array of strings, and the whole value is an object, those strings are the names of the keys whose values form the tuple to be validated.\n  \n  + If `unique` is an object:\n  \n    + It must have `members` key, which plays the role to describe keys to be included, as it is explained above with _`true`_ and array of strings.\n    \n    + It could have `name` key, which gives a labelling name.\n    \n    + It could have a `limit_scope` key, which is a boolean and can impose a limitation of the scope of this unique key.\n\n* __Primary key values check__: When the `primary_key` attribute is declared, the values assigned in that part of the schema on a set of JSON contents must be unique, and can be referenced by _foreign keys_. The check includes all the loaded JSON contents. Its behaviour is similar to `unique` extension (there are several examples inside [test-data](test-data)):\n\n  + If `primary_key` is a _`true`_ JSON value, the whole value in that position is used for the uniqueness check.\n  \n  + If `primary_key` is an array of strings, and the whole value is an object, those strings are the names of the keys whose values form the tuple to be validated.\n  \n  + If `primary_key` is an object:\n  \n    + It must have `members` key, which plays the role to describe keys to be included, as it is explained above with _`true`_ and array of strings.\n    \n    + It could have `name` key, which gives a referencing name. This is useful for complex documents where several parts define their own primary keys, so foreign keys scope can be narrowed to an specific primary key.\n    \n    + It could have a `limit_scope` key, which is a boolean and can impose a limitation of the scope of this unique key.\n  \n  + You can pre-populate the list of primary key values from an inline list embedded in the YAML configuration file. It should be something like:\n    \n```yaml\nprimary_key:\n  inline_provider:\n    'https://www.elixir-europe.org/excelerate/WP2/json-schemas/1.0/Dataset':\n    - OEBD9990000001\n    - OEBD9990000002\n    - 'Custom:Community'\n    'https://www.elixir-europe.org/excelerate/WP2/json-schemas/1.0/TestAction':\n    - OEBA9990000001\n    - OEBA9990000002\n    - 'Custom:Action'\n```\n\n  + You can even pre-populate the list of primary key values from an external source just telling it in the YAML configuration file. It should have something like:\n    \n```yaml\nprimary_key:\n  provider:\n    - 'https://openebench.bsc.es/api/scientific/public/'\n  allow_provider_duplicates: false\n  schema_prefix: 'https://www.elixir-europe.org/excelerate/WP2/json-schemas/1.0/'\n  accept: 'text/uri-list'\n```\n    \n    to fetch keys in CSV format from several sources, using as request prefix the different providers, using the suffix of the schema IRI on the composition.\n    \n    If you want the keys retrieved from the providers to be used only for foreign key checks, then you have to set up the key `allow_provider_duplicates` to **`true`**. This option is also useful when you want to validate data to be updated in the server, the data is using foreign keys, but you don't want to receive duplicate primary key errors due the entries being validated.\n    \n  + And of course, a mix of the previous two styles!\n\n* __Index values check__: When the `index` attribute is declared, the values assigned in that part of the schema on a set of JSON contents can be repeated, and can be referenced by _`join_keys`_. The check includes all the loaded JSON contents. Its behaviour is a very permissive version of `primary_key` extension (there are several examples inside [test-data](test-data)):\n\n  + If `index` is a _`true`_ JSON value, the whole value in that position is recorded.\n  \n  + If `index` is an array of strings, and the whole value is an object, those strings are the names of the keys whose values form the tuple to be validated.\n  \n  + If `index` is an object:\n  \n    + It must have `members` key, which plays the role to describe keys to be included, as it is explained above with _`true`_ and array of strings.\n    \n    + It could have `name` key, which gives a referencing name. This is useful for complex documents where several parts define their own indexes, so join keys scope can be narrowed to an specific index.\n    \n    + It could have a `limit_scope` key, which is a boolean and can impose a limitation of the scope of this unique key.\n\n* __Foreign key values check__: When the `foreign_keys` attribute is declared, parts of the values in that part of the schema must correlate to the values obtained from a primary key from JSON documents following other JSON Schema. As there can be more than one foreign key, `foreign_keys` expects an array of objects describing each foreign key relation. Those objects must have next keys:\n\n  + `schema_id`: This optional key is the relative or absolute IRI of the JSON Schema describing the primary key. If it is not declared, it is the same as the document where it is declared this foreign key.\n  \n  + `members`: This is an array of strings. Those strings are the names of the keys whose values form the tuple to be validated against the gathered primary key values.\n  \n  + `refers_to`: This optional key is used to tell which is the named primary key to be focused on. This is useful for complex JSON Schemas where a schema has more than one primary key declaration.\n\n* __Join key values check__: When the `join_keys` attribute is declared, parts of the values in that part of the schema must correlate to the values obtained from an index from JSON documents following other JSON Schema. As there can be more than one join key, `join_keys` expects an array of objects describing each join key relation. Those objects must have next keys:\n\n  + `schema_id`: This optional key is the relative or absolute IRI of the JSON Schema describing the index key. If it is not declared, it is the same as the document where it is declared this join key.\n  \n  + `members`: This is an array of strings. Those strings are the names of the keys whose values form the tuple to be validated against the gathered primary key values.\n  \n  + `refers_to`: This optional key is used to tell which is the named primary key to be focused on. This is useful for complex JSON Schemas where a schema has more than one primary key declaration.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finab%2Fpython-extended-json-schema-validator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finab%2Fpython-extended-json-schema-validator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finab%2Fpython-extended-json-schema-validator/lists"}