Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
// RUNTIME VALIDATORS
export function is<T>(input: unknown): input is T; // returns boolean
export function assert<T>(input: unknown): T; // throws TypeGuardError
export function validate<T>(input: unknown): IValidation<T>; // detailed
export const customValidators: CustomValidatorMap; // can add custom validators
// JSON
export function application<T>(): IJsonApplication; // JSON schema
export function assertParse<T>(input: string): T; // type safe parser
export function assertStringify<T>(input: T): string; // safe and faster
// +) isParse, validateParse
// +) stringify, isStringify, validateStringify
// MISC
export function random<T>(g?: Partial<IRandomGenerator>): Primitive<T>;
export function literals<T extends Atomic.Type>(): T[];
export function clone<T>(input: T): Primitive<T>; // deep clone
export function prune<T extends object>(input: T): void; // erase extra props
// +) isClone, assertClone, validateClone
// +) isPrune, assertPrune, validatePrune
typia
is a transformer library of TypeScript, supporting below features:
All functions in typia
require only one line. You don't need any extra dedication like JSON schema definitions or decorator function calls. Just call typia
function with only one line like typia.assert<T>(input)
.
Also, as typia
performs AOT (Ahead of Time) compilation skill, its performance is much faster than other competitive libaries. For an example, when comparing validate function is()
with other competitive libraries, typia
is maximum 20,000x faster than class-validator
.
Measured on Intel i5-1135g7, Surface Pro 8
Thanks for your support.
Your donation would encourage typia
development.
npm install --save typia
npx typia setup
AOT (Ahead of Time) compilation mode.
When you write a TypeScript code calling typia.createIs<string | null>()
function and compile it, typia
will write optimal validation code like below, for the string | null
type. This is the transform mode performing AOT (Ahead of Time) compilation.
// TYPESCRIPT CODE
import typia from "typia";
export const check = typia.createIs<string | null>();
// COMPILED JAVASCRIPT CODE
export const check = (input) => "string" === typeof input || null === input;
For reference, to use this transform mode, you've install one onf them; ttypescript or ts-patch.
If ttypescript, you should compile through ttsc
command, instead of using tsc
.
Otherwise, you've chosen ts-patch, you can use original tsc
command. However, ts-patch hacks node_modules/typescript
source code. Also, whenever update typescript
version, you have to run npm run prepare
command repeatedly.
By the way, when using @nest/cli, you must just choose ts-patch.
#--------
# TTYPESCRIPT
#--------
# COMPILE THROUGH TTYPESCRIPT
npx ttsc
# RUN TS-NODE WITH TTYPESCRIPT
npx ts-node -C ttypescript src/index.ts
#--------
# TS-PATCH
#--------
# USE ORIGINAL TSC COMMAND
tsc
npx ts-node src/index.ts
# WHENVER UPDATE
npm install --save-dev typescript@latest
npm run prepare
# INSTALL TYPIA
npm install --save typia
# GENERATE TRANSFORMED TYPESCRIPT CODES
npx typia generate \
--input src/templates \
--output src/generated \
--project tsconfig.json
For frontend projects.
If you're using non-standard TypeScript compiler, you can't use transform mode.
Instead, you should utilize the generation mode.
Install typia
through npm install
command and run typia generate
command. Then, generator of typia
reads your TypeScript code of --input
, and writes transformed TypeScript code into the --output
directory, like below.
//--------
// src/templates/check.ts
//--------
import typia from "typia";
export const check = typia.createIs<string | null>();
//--------
// src/generated/check.ts
//--------
import typia from "typia";
export const check =
(input: unknown): input is string | null
=> "string" === typeof input || null === input;
In here README documents, only summarized informations are provided.
For more details, refer to the Guide Documents (wiki).
// ALLOW SUPERFLUOUS PROPERTIES
export function is<T>(input: unknown): input is T; // returns boolean
export function assert<T>(input: unknown): T; // throws `TypeGuardError`
export function validate<T>(input: unknown): IValidation<T>; // detailed
// DO NOT ALLOW SUPERFLUOUS PROPERTIES
export function equals<T>(input: unknown): input is T;
export function assertEquals<T>(input: unknown): T;
export function validateEquals<T>(input: unknown): IValidation<T>;
// REUSABLE FACTORY FUNCTIONS
export function createIs<T>(): (input: unknown) => input is T;
export function createAssert<T>(): (input: unknown) => T;
export function createValidate<T>(): (input: unknown) => IValidation<T>;
export function createEquals<T>(): (input: unknown) => input is T;
export function createAssertEquals<T>(): (input: unknown) => T;
export function createValidateEquals<T>(): (input: unknown) => IValidation<T>;
// YOU CAN ADD CUSTOM VALIDATORS
export const customValidators: CustomValidatorMap;
typia
supports three type of validator functions:
is()
: returns false
if not matched with the type T
assert()
: throws a TypeGuardError
when not matchedvalidate()
IValidation.ISuccess<T>
with value
propertyIValidation.IFailure
with errors
propertyAlso, if you want more strict validator functions that even do not allowing superfluous properties not written in the type T
, you can use those functions instead; equals()
, assertEquals()
, validateEquals()
. Otherwise you want to create resuable validator functions, you can utilize factory functions like createIs()
instead.
When you want to add special validation logics, like limiting range of numeric values, you can do it through comment tags. Furthermore, you can add your custom validator logics. If you want to know about them, visit the Guide Documents:
// JSON SCHEMA GENERATOR
export function application<
Types extends unknown[],
Purpose extends "swagger" | "ajv" = "swagger",
Prefix extends string = Purpose extends "swagger"
? "#/components/schemas"
: "components#/schemas",
>(): IJsonApplication;
// SAFE PARSER FUNCTIONS
export function isParse<T>(input: string): T | null;
export function assertParse<T>(input: string): T;
export function validateParse<T>(input: string): IValidation<T>;
// FASTER STRINGIFY FUNCTIONS
export function stringify<T>(input: T): string; // unsafe
export function isStringify<T>(input: T): string | null; // safe
export function assertStringify<T>(input: T): string;
export function validateStringify<T>(input: T): IValidation<string>;
// FACTORY FUNCTIONS
export function createAssertParse<T>(): (input: string) => T;
export function createAssertStringify<T>(): (input: T) => string;
// +) createIsParse, createValidateParse
// +) createStringify, createIsStringify, createValidateStringify
typia
supports enhanced JSON functions.
application()
: generate JSON schema with only one line
assertParse()
: parse JSON string safely with type validationisStringify()
: maximum 160x faster JSON stringify fuction even type safeMeasured on AMD R7 6800HS
export function random<T>(g?: Partial<IRandomGenerator>): Primitive<T>;
export function literals<T extends Atomic.Type>(): T[];
export function clone<T>(input: T): Primitive<T>; // deep copy
export function prune<T>(input: T): void; // remove superfluous properties
// +) isClone, assertClone, validateClone
// +) isPrune, assertPrune, validatePrune
When you need random data, just call only typia.random<T>()
function.
If you need specific random data generation, utilize comment tags or do customize.
Nestia is a set of helper libraries for NestJS
, supporting below features:
@nestia/core
: superfast decorators using typia
@nestia/sdk
: evolved SDK and Swagger generators
nestia
: just CLI (command line interface) toolFAQs
Superfast runtime validators with only one line
The npm package typia receives a total of 97,606 weekly downloads. As such, typia popularity was classified as popular.
We found that typia demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.