Launch Week Day 2: Introducing Reports: An Extensible Reporting Framework for Socket Data.Learn More
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@condenast/cross-check-dsl

Package Overview
Dependencies
Maintainers
250
Versions
7
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@condenast/cross-check-dsl

A DSL for building validations.

latest
Source
npmnpm
Version
0.13.1
Version published
Weekly downloads
89
-71.57%
Maintainers
250
Weekly downloads
 
Created
Source

@condenast/cross-check-dsl

A low-level validation library. Built on top of @condenast/cross-check. Detailed philosophy about cross-check can be found in @condenast/cross-check.

It was originally extracted from Condé Nast's CMS and sponsored by Condé Nast.

It's largely focused on building a small, flexible, but useful core primitive for composing validations. This library focuses on ensuring that validators can be composed easily in various useful ways. The composition goals were informed by Condé Nast's working system, since the first iteration of this library successfully replaced existing validators in its production system.

The short version of the philosophy of cross-check:

  • Validation is more than schema. A good validation library cannot avoid considering UI concerns in its core design.
  • Framework agnostic, but framework friendly. Generic validators should work regardless of quirks of frameworks or libraries like immutable.js, but you should feel perfectly at home using it in vanilla js.
  • Values, not models. cross-check validates values, not models, which means it's just as capable of validating that a string is in a valid format as it is capable of validating a "model" in an ORM.
  • Functional, not effectful. The design of the core data structures is functional: validators are pure functions that return validation errors.
  • Localization agnostic, but formatting friendly. Error messages are data structures that can be formatted, which makes it very easy to integrate them with localization libraries, but does not mandate a particular localization strategy.
  • Different rules for different contexts. This means, for example, that specific field validations in an object validator can be designated as "publish" validations, and ignored when an article is a "draft".
  • Async-friendly. The validation function itself is asynchronous, which makes it easy to add async behavior to a validator when you need it. For example: validating username uniqueness by hitting a web service.

The @condenast/cross-check repository unpacks these points in much greater detail.

Install and test

npm install npm test

Sponsors

cross-check was originally extracted from Condé Nast's CMS, and the work to extract it and release it as open source was funded by Condé Nast.

FAQs

Package last updated on 21 Oct 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware

Research

Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware

Malicious Namastex.ai npm packages appear to replicate TeamPCP-style Canister Worm tradecraft, including exfiltration and self-propagation.

By Socket Research Team  -  Apr 22, 2026
Socket for Jira Is Now Available

Product

Socket for Jira Is Now Available

Socket for Jira lets teams turn alerts into Jira tickets with manual creation, automated ticketing rules, and two-way sync.

By Jeppe Hasseriis  -  Apr 20, 2026