sast-json-schema

A meta-schema for performing static application security testing (SAST) on JSON Schemas. Current version 0.4.1 (released June 2025) requires Node.js >=24. It enforces security best practices including strict integer/number ranges, defined string maxLength and allowed values, safe array and object property limits, secure RegExp patterns, and safe $id/$ref resolution. Released under MIT license with SLSA 3 provenance and OpenSSF Scorecard. Differentiated by providing a comprehensive, security-focused meta-schema that checks JSON Schemas for common vulnerabilities, aligning with OWASP ASVS and NIST guidelines.