Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
check-data
Advanced tools
npm install check-data --save
let Validator = require('check-data')
let { error, data } = Validator(data, options, customize)
data
Objcte, Array, String, Number, Date, Boolean - 输入待验证数据
options
Objcte, Array, Function - 数据验证表达式,类型参考type选项
handler
Objcte - 自定义数据构建对象,根据输入数据生成新的数据结构(可选)
handler.$
Function - 数据构建方法,函数名称与输出data对象中的key相对应。通过this或第一个函数参数可快速获取验证结果。(函数返回对象中同样支持多层嵌套函数表达式,可适应更多的应用场景。)
error
String - 验证失败时返回的错误信息,包含错误的具体位置信息,仅供开发者调试使用
data
Objcte - 经过验证、处理后导出数据,内置空值过滤,自动剔除对象、数组中的空字符串、undefind值。(更多空值过滤特性请参考filter-null模块)
msg
String - 验证失败后返回的错误信息,相对于error而言,msg对用户更加友好,可直接在客户端显示
type
String, Number, Object, Array, Date, Boolean, "MongoId", "MobilePhone", 'Email' - 数据类型,扩展类型用字符串表示
name
String - 自定义参数名称,用于错误返回值中替换默认参数名
default
* - 默认赋值
value
* - 直接通过表达式赋值,类似于default选项,区别是不管值是否为空都将使用该值覆盖(优先级低于default,目前没有发现同时使用的应用场景)
allowNull
Boolean - 是否允许为空,默认为true
and
Array、Function - 声明依赖的参数名数组,支持数组和函数两种表达式,函数表达式用于声明指定值的依赖关系。要求依赖的所有参数都不能为空
or
Array、Function - 与and相似,区别是只要求依赖的其中一个参数不为空即可
method
Function - 参数自定义转换方法,非空值时执行
minLength
Number - 限制字符串最小长度
maxLength
Number - 限制字符串最大长度
reg
RegExp - 正则表达式验证
in
Array - 匹配多个可选值中的一个
min
Number - 限制最小值
max
Number - 限制最大值
in
Array - 匹配多个可选值中的一个
to
* - 类型转换,仅支持Boolean值
minLength
Number - 限制字符串最小长度
maxLength
Number - 限制字符串最大长度
仅支持类型验证
仅支持类型验证
验证mongodb中的ObjectId
验证手机号
验证Email
通过Validator.use()方法添加自定义的数据类型,使用方法和扩展类型一样,用字符串声明数据类型
Validator.use(name, options)
# 示例
Validator.use('Int', {
type({ data }) {
if (Number.isInteger(data)) {
return { data }
} else {
return { err: '必须为Int类型' }
}
},
})
通过预定义schema,实现options复用,性能更优
Validator.schema(name, options)
let schema = Validator.schema('demo', {
a: {
a1: {
type: Number,
allowNull: false
},
a2: {
type: Number,
allowNull: false
}
},
b: Number,
})
let json = {
a: {
a1: "jj",
a2: "12",
},
b: 2,
c: 888,
}
// let { error, data } = schema(json)
let { error, data } = Validator.demo(json)
let { error, data } = Validator(["a", "b", "c"], [String])
let { error, data } = Validator([{
"a":1,
"b":"bibi",
"c":"test"
},{
"a":1,
"b":"bibi",
"c":"test"
}], [{
a: Number,
b: String,
c: String
}])
let { error, data } = Validator({
"a": 1,
"b": "xx",
"c": [1,32,34],
"d": 666
}, {
"a": Number,
"b": String,
"c": [String],
"d": Number
})
let { error, data } = Validator({
"username": "莉莉",
"addressee": "嘟嘟",
}, {
"username": {
"type": String,
// 使用数组表达式
"and": ["addressee", "address"],
},
"addressee": {
"type": String,
"allowNull": true
},
"address": {
"type": String,
"allowNull": true,
// 使用函数表达式,表示特定值的依赖关系
and(value){
if (value === 1) {
return ["addressee", "address"]
} else if (value === 2) {
return ["username", "xx"]
}
},
}
})
let { error, data } = Validator({
"username": "莉莉",
"addressee": "嘟嘟",
}, {
"username": {
"type": String,
"or": ["addressee", "address"]
},
"addressee": {
"type": String,
"allowNull": true
},
"address": {
"type": String,
"allowNull": true
}
})
let { error, data } = Validator({
"id": "5968d3b4956fe04299ea5c18",
"mobilePhone": "18555555555",
}, {
"id": "MongoId",
"mobilePhone": "MobilePhone"
})
# 输入数据
let json = {
"username": "测试",
"num": "123456789987",
"time": "2017-07-07T09:53:30.000Z",
"files": ["abc.js", "334", "null", "666", , , "kkk.js"],
"user": {
"username": "莉莉",
"age": 18,
},
"list": [
{
"username": "吖吖",
"age": 16,
},
{
"username": "可可",
"age": 15,
}
],
"auth": {
"weixin": "abc",
},
"beneficiariesName": "莉莉",
"guaranteeMoney": 2,
"guaranteeFormat": 0,
"addressee": "嘟嘟",
"receiveAddress": "北京市",
"phone": "18666666666",
"coupon": "uuuu",
"integral": {
"lala": 168,
"kaka": "3"
},
"search": "深圳",
"email": "xxx@xx.xx"
}
# 验证表达式
let { error, data } = Validator(json,
{
"username": {
"type": String,
"name": "用户名",
"allowNull": false
},
"num": String,
"time": {
"type": Date,
"name": "时间",
"allowNull": false,
},
"user": {
"username": String,
"age": Number,
},
"list": [{
"username": String,
"age": Number,
}],
"auth": {
"weixin": String,
},
"beneficiariesName": String,
"guaranteeMoney": {
"type": Number,
"in": [1, 2]
},
"files": [{
"type": String,
"allowNull": false,
}],
"guaranteeFormat": {
"type": Number,
"conversion": Boolean
},
"addressee": {
"type": String,
"value": "直接通过表达式赋值"
},
"search": String,
"phone": {
"type": "MobilePhone"
},
"receiveAddress": String,
"coupon": {
"type": String,
method(value) {
return { "$gt": new Date() }
}
},
"integral": {
"lala": {
"type": Number,
},
"kaka": {
"type": Number,
"in": [1, 2, 3],
}
},
"email": {
"type": 'Email',
},
},
{
filter({ search, email, integral }) {
return {
"email": email,
"integral": integral,
"test": {
a: 1,
b: undefined,
c: "",
d: null,
e: NaN,
e: 0,
},
}
}
}
)
FAQs
JS数据验证、转换递归器
The npm package check-data receives a total of 2 weekly downloads. As such, check-data popularity was classified as not popular.
We found that check-data demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.