UNPKG

fortify-schema

Version:

A modern TypeScript validation library designed around familiar interface syntax and powerful conditional validation. Experience schema validation that feels natural to TypeScript developers while unlocking advanced runtime validation capabilities.

github.com/Nehonix-Team/fortify-schema

Nehonix-Team/fortify-schema

177 lines (157 loc) 4.84 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
/** * VALIDATION CONSTANTS * * CENTRALIZED VALIDATION SYSTEM - SUCCESSFULLY IMPLEMENTED * * This module provides centralized configuration for all validation limits * across the Fortify Schema system. All validation components now use these * constants, making the system easy to maintain and configure. * * ACHIEVEMENT: Replaced scattered hardcoded limits with centralized control * MAINTENANCE: Change values here to update limits throughout the entire system * CURRENT STATUS: System supports up to 100-level deep validation */ export const VALIDATION_CONSTANTS = { /** * Maximum object nesting depth for validation * * SUCCESSFULLY APPLIED TO: * - Schema compilation depth (SchemaPrecompiler.ts) * - Security validation depth (securityValidator.ts) * - JSON validation depth (securityHelpers.ts) * - Object validation depth (validateObjectDeep) * - AST traversal depth (ConditionalAST.ts) * * USAGE: Change this value to adjust depth limits across the entire system * 100 for most use cases, increase for extreme nesting needs * PERFORMANCE: Very high values may impact performance and memory usage */ MAX_OBJECT_DEPTH: 500, /** * Maximum compilation depth for schema precompiler * * AUTOMATICALLY MATCHES: MAX_OBJECT_DEPTH for consistency * PURPOSE: Prevents infinite recursion during schema compilation * IMPLEMENTATION: Used by SchemaPrecompiler.ts for depth checking */ MAX_COMPILATION_DEPTH: 500, /** * Maximum AST traversal depth for conditional parsing * Higher limit for complex conditional expressions */ MAX_AST_TRAVERSAL_DEPTH: 1000, /** * Performance and safety limits */ PERFORMANCE: { MAX_CACHE_SIZE: 5000, CACHE_TTL: 300000, // 5 minutes HOT_PATH_THRESHOLD: 10, MAX_VALIDATION_TIME: 5000, // 5 seconds }, /** * Object structure limits */ OBJECT_LIMITS: { MAX_KEYS: 1000, MAX_PROPERTY_NAME_LENGTH: 100, MAX_STRING_LENGTH: 10000, MAX_ARRAY_LENGTH: 1000, }, /** * Security validation limits */ SECURITY: { MAX_JSON_SIZE: 10 * 1024 * 1024, // 10MB MAX_TEXT_LENGTH: 1024 * 1024, // 1MB PREVENT_CIRCULAR: true, PREVENT_PROTOTYPE_POLLUTION: true, }, /** * Conditional validation limits */ CONDITIONAL: { MAX_EXPRESSION_DEPTH: 50, MAX_PROPERTY_PATH_LENGTH: 200, MAX_CONDITION_COMPLEXITY: 100, }, /** * Development and debugging */ DEBUG: { ENABLE_DEPTH_WARNINGS: true, LOG_PERFORMANCE_METRICS: false, TRACK_VALIDATION_PATHS: false, }, } as const; /** * Type-safe access to validation constants */ export type ValidationConstants = typeof VALIDATION_CONSTANTS; /** * Helper functions for validation constants */ export const ValidationHelpers = { /** * Check if depth exceeds the maximum allowed */ isDepthExceeded(depth: number): boolean { return depth > VALIDATION_CONSTANTS.MAX_OBJECT_DEPTH; }, /** * Get safe depth limit with buffer */ getSafeDepthLimit(bufferPercent: number = 0.9): number { return Math.floor(VALIDATION_CONSTANTS.MAX_OBJECT_DEPTH * bufferPercent); }, /** * Check if compilation depth is exceeded */ isCompilationDepthExceeded(depth: number): boolean { return depth > VALIDATION_CONSTANTS.MAX_COMPILATION_DEPTH; }, /** * Get performance warning threshold */ getPerformanceWarningThreshold(): number { return VALIDATION_CONSTANTS.PERFORMANCE.MAX_VALIDATION_TIME * 0.8; }, /** * Check if object structure limits are exceeded */ checkObjectLimits(obj: any): { exceeded: boolean; violations: string[] } { const violations: string[] = []; if (typeof obj === "object" && obj !== null) { const keys = Object.keys(obj); if (keys.length > VALIDATION_CONSTANTS.OBJECT_LIMITS.MAX_KEYS) { violations.push( `Too many keys: ${keys.length} > ${VALIDATION_CONSTANTS.OBJECT_LIMITS.MAX_KEYS}` ); } for (const key of keys) { if ( key.length > VALIDATION_CONSTANTS.OBJECT_LIMITS.MAX_PROPERTY_NAME_LENGTH ) { violations.push( `Property name too long: ${key.length} > ${VALIDATION_CONSTANTS.OBJECT_LIMITS.MAX_PROPERTY_NAME_LENGTH}` ); } } } return { exceeded: violations.length > 0, violations, }; }, }; /** * Export individual constants for convenience * * CENTRALIZED ACCESS: Import these constants throughout the system * CONSISTENCY: All components use the same validation limits */ export const MAX_OBJECT_DEPTH = VALIDATION_CONSTANTS.MAX_OBJECT_DEPTH; export const MAX_COMPILATION_DEPTH = VALIDATION_CONSTANTS.MAX_COMPILATION_DEPTH; export const MAX_AST_TRAVERSAL_DEPTH = VALIDATION_CONSTANTS.MAX_AST_TRAVERSAL_DEPTH;