Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Small and lightweight data validation library with TypeScript integration.
Keep your type definitions in one place, and have but one source of truth for both the runtime validation types and the TypeScript type definitions.
// person-type.ts
import { DataType, OptionalField } from "dilswer";
// Record property types can be defined in a few different ways:
const PersonDataType = DataType.RecordOf({
id: DataType.String,
name: DataType.String,
age: { type: DataType.Number },
email: OptionalField(DataType.String),
friends: { type: DataType.ArrayOf(DataType.String), required: false },
});
// A TypeScript equivalent type of the above would be:
// type Person = {
// id: string;
// name: string;
// age: number;
// email?: string;
// friends?: string[];
// };
NOTE: the required
attribute in a RecordOf fields is set to true
by
default.
It is possible to infer a TypeScript type from a Dilswer definition:
import { GetDataType } from "dilswer";
import { PersonDataType } from "./person-type.ts";
type Person = GetDataType<typeof PersonDataType>;
// Result:
// type Person: {
// id: string;
// name: string;
// age: number;
// email?: string;
// friends?: string[];
// }
import { createValidator } from "dilswer";
import { PersonDataType } from "./person-type.ts";
const isPerson = createValidator(PersonDataType);
// Result:
// const isPerson: (data: unknown) => data is {
// friends?: string[];
// id: string;
// name: string;
// age: number;
// }
const person = await axios
.get("https://my-api.io/get-person/1")
.then((r) => r.data);
if (isPerson(person)) {
console.log("Name: ", person.name);
// do something with person
} else {
console.error("`person` variable is not of expected type.");
// handle the validation failure
}
import { createValidator } from "dilswer";
import { PersonDataType } from "./person-type.ts";
const processPerson = createValidatedFunction(
PersonDataType,
(person) => {
console.log("Processing person: ", person.name);
// do something with person
return "Success!";
},
(error) => {
console.error("Function input is not of expected type.");
console.error("Type expected:", error.expectedValueType);
console.error("Received:", error.receivedValue);
console.error("Invalid property location: ", error.fieldPath);
// handle the validation failure
return "Failure";
}
);
// Result:
// const processPerson: (data: unknown) => "Success!" | "Failure"
const person = await axios
.get("https://my-api.io/get-person/1")
.then((r) => r.data);
const result = processPerson(person); // => "Success!" or "Failure"
const createValidator: <DT extends AllDataTypes>(
dataType: DT
) => (data: unknown) => data is ParseDataType<DT>;
Higher order function that generates a validator which will check the provided
data
against the dataType
type structure definition and returns a boolean
indicating if the check was successful.
const createTypeGuardedFunction: <DT extends AllDataTypes, R, ER = void>(
dataType: DT,
onValidationSuccess: (data: ReWrap<ParseDataType<DT>>) => R,
onValidationError?: (error: ValidationError, data: unknown) => ER
) => (data: unknown) => R | ER;
Higher order function that generates a new function which will check the
provided data
against the dataType
type structure, and if the check is
successful then the first callback onValidationSuccess
is invoked with data
as it's argument, otherwise the second callback onValidationError
is invoked
with the type validation error as it's argument (unless the callback is not
specified).
Alias for the createTypeGuardedFunction()
.
Also available under an alias dilswer.ensureDataType()
const assertDataType: <DT extends AllDataTypes>(
dataType: DT,
data: unknown
) => asserts data is ParseDataType<DT>;
Checks the provided data
against the dataType
type definition and throws an
ValidationError if the data
does not conform to the dataType
.
Translates given DataType into a JSON Schema.
const toJsonSchema: (
type: AnyDataType,
options: ParseToJsonSchemaOptions = {},
include$schemaProperty = true
) => JSONSchema6 | undefined;
type ParseToJsonSchemaOptions = {
/**
* Defines how to handle DataTypes that do not have an
* equivalent type in JSON Schema. (Set's, undefined, Symbols,
* etc.)
*
* - `throw` (default): Throw an error if an incompatible type is
* encountered.
* - `omit`: Omits incompatible properties from the JSON Schema.
* - `set-as-any`: Adds the type to the schema without a "type"
* property but with a name equivalent to the given
* DataType.
*/
incompatibleTypes?: "throw" | "omit" | "set-as-any";
/**
* Determines if the schemas generated for Record's should have
* additional properties set to `true` or `false`.
*/
additionalProperties?: boolean;
/**
* Custom Parser's are methods used to parse incompatible
* DataTypes to JSON Schema's.
*
* By default a strategy defined in `incompatibleTypes` is
* used, if a method is defined, that method will be used
* instead.
*/
customParser?: {
Set?: (
setItemsSchemas: JSONSchema6[],
original: Set<AnyDataType[]>,
options: ParseToJsonSchemaOptions
) => JSONSchema6 | undefined;
Custom?: (
validateFunction: Custom["custom"],
original: Custom,
options: ParseToJsonSchemaOptions
) => JSONSchema6 | undefined;
Undefined?: (
dataType: BasicDataType,
options: ParseToJsonSchemaOptions
) => JSONSchema6 | undefined;
Symbol?: (
dataType: BasicDataType,
options: ParseToJsonSchemaOptions
) => JSONSchema6 | undefined;
Function?: (
dataType: BasicDataType,
options: ParseToJsonSchemaOptions
) => JSONSchema6 | undefined;
};
};
Translates given DataType into a TypeScript type definition. This is not very useful at runtime, and is mostly intended for generating type definitions with JSDoc comments that can be bundled with libraries.
const toTsType: (
dataType: AnyDataType,
options?: Partial<TsParsingOptions>
) => string;
type TsParsingOptions = {
/**
* Defines how to parse the type.
*
* - `compact` - the type will be parsed into a single type
* definition
* - `fully-expanded` - the type will be split into multiple type
* definitions, and the main DataType type definition will
* reference them.
* - `named-expanded` - similar to `fully-expanded`, but only the
* types that have titles assigned will be split into
* separate type definitions.
*
* @default `compact`
*/
mode: TsParsingMode;
/**
* Defines how to export the generated types.
*
* - `main` - only the main DataType type will be exported
* - `all` - all types generated will be exported
* - `named` - only the types with titles will be exported
* - `none` - nothing will be exported
*
* @default `main`
*/
exports: "main" | "named" | "all" | "none";
/**
* Defines whether to generate the type as a declaration or
* not.
*
* The difference is that declaration will generate each type
* definition with a `declare` keyword preceding it.
*
* @default `false`
*/
declaration: boolean;
/**
* Defines how to handle duplicate names.
*
* - `error` - will throw an error if a duplicate name is
* encountered
* - `rename` - will rename the duplicate type
*
* @default `error`
*/
onDuplicateName: "error" | "rename";
/**
* Some DataType can reference enums or classes, in which case
* it's sometimes impossible to generate a valid TypeScript
* type for them. By default just the name of that class/enum
* will be used, and if that name is not available in the
* global scope, TS will resolve it to `any`. This option
* allows to define a custom import path for such types.
*
* @example
* // foo.ts
* export class Foo {}
*
* // data-type.ts
* import { Foo } from "./foo";
*
* export const dt = DataType.RecordOf({
* foo: DataType.InstanceOf(Foo),
* });
*
* // ts-type-generator.ts
* import { dt } from "./data-type";
* import { Foo } from "./foo";
*
* const tsType = toTsType(dt, {
* getExternalTypeImport: (t) => {
* if (t.instanceOf === Foo) {
* return {
* typeName: "Foo",
* path: "./foo",
* };
* }
* },
* });
* // tsType:
* //"
* // import { Foo } from "./foo";
* //
* // export type Record1 = {
* // foo: InstanceType<typeof Foo>;
* // }
* //"
*/
getExternalTypeImport?: (
type: Enum | EnumMember | InstanceOf | Custom | SimpleDataType<"function">
) => ExternalTypeImport | undefined;
};
type TsParsingMode = "compact" | "fully-expanded" | "named-expanded";
type ExternalTypeImport = {
/**
* Path to the file containing the external type. If the path
* is not specified, the import statement will be omitted, so
* for the generated declarations to be valid, you will have to
* include that yourself or make the specified type available
* in the global scope.
*/
path?: string;
/**
* Name of the type as it is to be used within the generated
* declarations.
*
* If original name is not provided this is also the name of
* the imported type.
*/
typeName: string;
/**
* Name of the type that will be used in the generated import
* statement.
*/
originalName?: string;
/**
* Whether the imported name is a "value" or a "type". If it is
* a "value" it will be referenced with a `typeof` keyword.
*/
valueImport?: boolean;
};
Object containing all the dilswer runtime type definitions (like Number
,
String
, ArrayOf(...)
, etc.)
will match any number values and translate to the standard number
type in
TypeScript.
will match any integer values and translate to the standard number
type in
TypeScript. TypeScript does not have any way of distinguishing float and
integers therefore both are assigned the same TypeScript type.
will match any string values and translate to the standard string
type in
TypeScript.
will match any string containing only numeric values and translate to a
`${number}`
type in TypeScript. A value successfully validated with
StringNumeral
is safe to convert into a number and will never produce a NaN
value.
will match any string containing only numbers and translate to a
`${number}`
type in TypeScript. Strings with floating point numbers are
not matched by this type. A value successfully validated with StringInt
is
safe to convert into a number and will never produce a NaN
value.
will match any string matching the provided regular expression and translate to
a the standard string
type in TypeScript.
will match any true
and false
values and translate to the standard boolean
type in TypeScript.
will match any symbolic values and translate to the symbol
type in TypeScript.
will match only null
value and translate to the standard null
type in
TypeScript.
will match only undefined
value and translate to the standard undefined
type
in TypeScript.
will match any function and translate to the Function
type in TypeScript.
will match any value and translate to the unknown
type in TypeScript.
will match any value matching one of the DataType's provided in the arguments and translate to an TypeScript union type.
Example
const foo = DataType.OneOf(DataType.String, DataType.Number);
type T = GetDataType<typeof foo>; // type T = (string | number)
will match values matching every DataType provided and translate to a TypeScript intersection of all those DataType's.
Mostly useful to intersect multiple RecordOf's.
Example
const foo = DataType.RecordOf({ foo: string });
const bar = DataType.RecordOf({ bar: string });
const combined = DataType.AllOf(foo, bar);
type T = GetDataType<typeof combined>; // type T = { foo: string; bar: string; }
will match any array which contains only values matching any of the DataType's
provided in the arguments and translate to the Array<...>
type in TypeScript.
Example
const foo = DataType.ArrayOf(DataType.String, DataType.Number);
type T = GetDataType<typeof foo>; // type T = (string | number)[]
will match any object which structure matches the key-value pairs of object properties and FieldDescriptor's passed to the argument.
Example
const foo = DataType.RecordOf({
foo: DataType.Boolean,
bar: { type: DataType.String },
baz: { type: DataType.Number, required: false },
});
type T = GetDataType<typeof foo>; // type T = {foo: boolean, bar: string, baz?: number | undefined}
will match any object which properties match against the provided DataTypes's, and translates to a Record type in TypeScript.
Example
const dictOfFunctions = DataType.Dict(DataType.Function);
type T = GetDataType<typeof dictOfFunctions>; // type T = Record<string | number, Function>
will match any Set object which contains only values matching any of the
DataType's provided in the arguments and translate to the Set<...>
type in
TypeScript.
Example
const foo = DataType.SetOf(DataType.String, DataType.Number);
type T = GetDataType<typeof foo>; // type T = Set<string | number>
will match any value that exactly matches the passed argument and translate to the literal type of that value in TypeScript.
Example's
const foo = DataType.Literal("some-string-literal");
type T0 = GetDataType<typeof foo>; // type T0 = "some-string-literal"
const bar = DataType.Literal(123);
type T1 = GetDataType<typeof bar>; // type T1 = 123
const baz = DataType.Literal(true);
type T2 = GetDataType<typeof baz>; // type T2 = true
will match any value that is an instance of the passed class and translate to
the InstanceType
type of that class in TypeScript.
class FooBar {}
const foo = DataType.InstanceOf(FooBar);
type T = GetDataType<typeof foo>; // type T = InstanceType<typeof FooBar>
will match any value that belongs to an TypeScript enum and translate to that enum type.
enum MyEnum {
A = "A",
B = "B",
}
const foo = DataType.Enum(MyEnum);
type T = GetDataType<typeof foo>; // type T = MyEnum
const validate = createValidator(foo);
validate(MyEnum.A); // => true
validate(MyEnum.B); // => true
will match any value that equals to the specified TypeScript enum member and translate to that enum member type.
enum MyEnum {
A = "VALUE_A",
B = "VALUE_B",
}
const foo = DataType.EnumMember(MyEnum.A);
type T = GetDataType<typeof foo>; // type T = MyEnum.A
const validate = createValidator(foo);
validate("VALUE_A"); // => true
validate(MyEnum.A); // => true
validate(MyEnum.B); // => false
Allows to define types that reference themselves. The function it accepts should always return a valid DataType, which the reference provided to that function will point to.
Example
const Node = DataType.Circular((self) =>
DataType.Record({
tag: DataType.String,
children: DataType.ArrayOf(self),
})
);
// this is equivalent to the following type:
type Node = {
tag: string;
children: Node[];
};
Type definitions given for circular DataTypes via GetDataType
and validation
methods will not however include infinite recursion as they should. (this does
not affect the runtime validation) Due to the TypeScript limitations, it's
impossible for a inferred type to include a reference to itself, so to get a
usable type we use some TypeScript magic to create a similar type that is
4-levels deep. For the above example the actual type you will get will look like
this:
type Node = {
tag: string;
children: Array<{
tag: string;
children: Array<{
tag: string;
children: Array<{
tag: string;
children: Array<any>;
}>;
}>;
}>;
};
If you absolutely need to get a type that has infinite recursion, you can use toTsType utility to generate TypeScript code which will meet that need.
will test the data with the provided function, provided function should return a
boolean indicating if the tested value passed the validation, passed function
should also have a type definition that looks like this: (v: any) => v is T
,
where T is any valid TS type.
Example
const isNonEmptyString = (v: any): v is string =>
typeof v === "string" && v.length > 0;
const nonEmptyTypeDef = DataType.Custom(isNonEmptyString);
type T = GetDataType<typeof nonEmptyTypeDef>; // type T = string
And()
utility function can combine two Record Type Definitions into one. If
any of the properties between the two combined Type Defs have the same key-name,
the definition of the second one takes priority.
const typeDefOne = DataType.RecordOf({
foo: DataType.Number,
bar: DataType.Number,
});
const typeDefTwo = DataType.RecordOf({
bar: DataType.ArrayOf(DataType.String),
baz: DataType.Boolean,
});
const typeDefSum = And(typeDefOne, typeDefTwo);
// typeDefSum = {
// foo: number;
// bar: string[];
// baz: boolean;
// }
Omit()
utility function removes specified keys from a Record Type Definition.
const typeDefOne = DataType.RecordOf({
foo: DataType.Number,
bar: DataType.Number,
baz: DataType.Number,
qux: DataType.Number,
});
const typeDefOmitted = Omit(typeDefOne, "bar", "qux");
// typeDefOmitted = {
// foo: number;
// baz: number;
// }
Pick()
utility function removes all not specified keys from a Record Type
Definition.
const typeDefOne = DataType.RecordOf({
foo: DataType.Number,
bar: DataType.Number,
baz: DataType.Number,
qux: DataType.Number,
});
const typeDefPick = Pick(typeDefOne, "bar", "qux");
// typeDefPick = {
// bar: number;
// qux: number;
// }
Partial()
utility type makes all the Record's Type Definition keys optional.
const typeDefOne = DataType.RecordOf({
foo: DataType.Number,
bar: DataType.String,
baz: DataType.ArrayOf(DataType.Number),
});
const typeDefPartial = Partial(typeDefOne);
// typeDefPartial = {
// foo?: number | undefined;
// bar?: string | undefined;
// baz?: number[] | undefined;
// }
Required()
utility type makes all the Record's Type Definition keys to be
required (vs optional).
const typeDefOne = DataType.RecordOf({
foo: { type: DataType.Number, required: false },
bar: { type: DataType.String, required: false },
baz: { type: DataType.ArrayOf(DataType.Number), required: false },
});
const typeDefRequired = Required(typeDefOne);
// typeDefRequired = {
// foo: number;
// bar: string;
// baz: number[];
// }
Exclude()
utility function removes Type Definitions from an Type Def union.
const typeDefOne = DataType.OneOf(
DataType.String,
DataType.Number,
DataType.Boolean
);
const typeDefExcluded = Exclude(typeDefOne, DataType.Number);
// typeDefExcluded = string | boolean;
Each DataType can have metadata attached to it, this metadata can be used to provide additional information about the data type, for example, you can attach a description to a data type, or a title, or format.
Metadata is completely ignored by the validation process
import { DataType } from "dilswer";
const UserNameDT =
DataType.String.setTitle("User Name").setDescription("The user's name.");
const User = DataType.RecordOf({
name: UserNameDT,
id: DataType.String.setTitle("User ID").setFormat("uuid"),
friends: DataType.ArrayOf(DataType.String).setDescription(
"A list of the user's friends names."
),
})
.setTitle("User")
.setDescription(
"A user object. Contains the user's name, id and friends list."
);
import { DataType, getMetadata } from "dilswer";
const userNameMetadata = getMetadata(UserNameDT);
// userNameMetadata = {
// title: "User Name",
// description: "The user's name.",
// }
const userMetadata = getMetadata(User);
// userMetadata = {
// title: "User",
// description: "A user object. Contains the user's name, id and friends list.",
// }
Metadata is also used when generating JSON Schema, if a DataType has a title, description or format, it will be included in the generated JSON Schema.
import { DataType, toJsonSchema } from "dilswer";
const UserDT = DataType.RecordOf({
name: DataType.String.setTitle("User Name").setDescription(
"The user's name."
),
id: DataType.String.setTitle("User ID").setFormat("uuid"),
friends: DataType.ArrayOf(DataType.String).setDescription(
"A list of the user's friends names."
),
})
.setTitle("User")
.setDescription(
"A user object. Contains the user's name, id and friends list."
);
const jsonSchema = toJsonSchema(UserDT);
// jsonSchema = {
// title: "User",
// description: "A user object. Contains the user's name, id and friends list.",
// properties: {
// name: {
// type: "string",
// title: "User Name",
// description: "The user's name.",
// },
// id: {
// type: "string",
// title: "User ID",
// format: "uuid",
// },
// friends: {
// type: "array",
// items: {
// type: "string",
// },
// },
// },
// required: ["name", "id", "friends"],
// }
Dilswer data types can be easily parsed into any arbitrary data structure via
parseWith
function.
This function takes a visitor
object, which should contain a visit
method,
this method should generate a node of the new, desired data structure.
This method is also used internally by toJsonSchema
and toTsType
functions.
You can see the implementation of these functions in the source code
here and
here.
import { DataType, parseWith, AnyDataType } from "dilswer";
// Define how the new structure should look like
type Node = {
typeName: string;
children?: Node[] | Record<string, Node>;
};
// Create a visitor which will be used to translate Dilswer's data types into `Node`s
const visitor = {
visit(
type: AnyDataType,
children?: Node[] | RecordOfVisitChild<Node>[]
): Node {
switch (type.kind) {
case "simple":
return { typeName: type.simpleType };
case "record":
return {
typeName: "record",
children: children
? Object.fromEntries(
(children as RecordOfVisitChild<Node>[]).map(
({ propertyName, child }) => [propertyName, child]
)
)
: undefined,
};
default:
return { typeName: type.kind, children: children as Node[] };
}
},
};
// use the visitor on a Dilser data type
const type = DataType.RecordOf({
foo: DataType.String,
bar: DataType.ArrayOf(DataType.Number),
baz: DataType.OneOf(DataType.String, DataType.Number),
});
const nodeTree = parseWith(visitor, type);
{
"typeName": "record",
"children": {
"foo": {
"typeName": "string"
},
"bar": {
"typeName": "array",
"children": [
{
"typeName": "number"
}
]
},
"baz": {
"typeName": "union",
"children": [
{
"typeName": "string"
},
{
"typeName": "number"
}
]
}
}
}
FAQs
Data validation library with TypeScript integration.
The npm package dilswer receives a total of 82 weekly downloads. As such, dilswer popularity was classified as not popular.
We found that dilswer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.