npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@ychinen/verified-json-reference-parser

v1.0.0

Published

Verified JSON Pointer / JSON Reference parser

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

ychinenychinen

Keywords

Readme

CI License Formal verification SMT Property testing Coverage

verified-json-reference-parser

A practically verified core for JSON Reference resolution in JSON Schema engines.

Overview

verified-json-reference-parser provides a formally specified and mechanically checked core for:

  • JSON Pointer (RFC 6901)
  • Local JSON Reference resolution ($ref)
  • The foundational components required by JSON Schema engines

This project focuses on practical assurance, not absolute formal completeness.

Its goal is to reduce subtle inconsistencies in reference handling while remaining usable in production environments.

Why This Exists

JSON Schema implementations rely heavily on:

  • JSON Pointer parsing and evaluation
  • $ref fragment resolution
  • URI-based reference resolution

These areas are small but error-prone. Even minor inconsistencies can lead to:

  • Incorrect $ref resolution
  • Divergent behavior between validators
  • Misleading error paths
  • Hard-to-debug schema issues

Most existing implementations are pragmatic but not formally specified.

This project aims to provide a verification-backed semantic core that can serve as a reliable foundation.

What “Verified” Means in This Project

This project does not claim complete formal verification of all related RFCs.

Instead, “verified” means:

  • Core semantics are formally specified.
  • Critical invariants are mechanically checked.
  • TypeScript implementation is continuously validated against a verification oracle and reference model.
  • A Z3-backed oracle is used for differential testing of concrete Phase 1 cases.
  • SMT-backed counterexample generation is used to search for semantic mismatches.
  • Discovered counterexamples can be promoted into the regression corpus.

The focus is on practical, enforceable guarantees.

Current Scope (Phase 1)

RFC 6901 — JSON Pointer

  • Pointer parsing
  • Pointer formatting
  • Token escaping and unescaping
  • Deterministic pointer evaluation (get)

Design principles:

  • Internal representation: readonly string[] (token array)
  • Invalid escape sequences are rejected
  • Evaluation semantics are deterministic
  • No implicit coercion beyond RFC requirements

Local JSON References

  • #
  • #/...
  • Fragment splitting
  • Pointer-based resolution within a document

External document loading is intentionally out of scope at this stage.

Verification Strategy

Rocq (Coq)

Used to formally specify and mechanically check:

  • unescape(escape(x)) = x
  • parse(format(ptr)) = ptr
  • Deterministic evaluation semantics

The formal layer defines and stabilizes the semantic core.

Z3 (SMT-based Testing)

Used for:

  • Full-result oracle evaluation for concrete get / resolveLocalRef cases
  • Counterexample generation
  • Differential testing against the TypeScript implementation
  • Regression corpus growth

The verification tooling keeps a pure Python reference model alongside the Z3-backed oracle. Z3 is used as a semantic oracle and stress-testing engine rather than a full proof system.

Roadmap

Phase 2

  • URI resolution (RFC 3986 subset)
  • Base URI handling
  • $id integration

Phase 3

  • Extended JSON Reference resolution
  • External reference resolution hooks
  • Advanced resolution strategies

Non-Goals (for Now)

  • Full formal verification of RFC 3986
  • Network fetching
  • Complete JSON Schema validation
  • Error message specification semantics

This library strictly focuses on reference resolution correctness.

Intended Usage

This project is designed as:

  • A foundational component for JSON Schema validators
  • A verification-backed reference implementation
  • A case study in verification-oriented library design

Design Philosophy

  • Practical assurance over theoretical completeness
  • Small, well-defined semantic core
  • Explicit invariants
  • Continuous differential validation
  • Stability once semantics are frozen

The core semantic layer is intended to remain stable once formally fixed.

Status

Experimental but actively developed.

The semantic core may evolve until formally stabilized. After stabilization, breaking changes will be minimized.