@bedrock/validation 6.0.0

package/.eslintrc.cjs

@@ -0,0 +1,12 @@
+module.exports = {
+  root: true,
+  parserOptions: {
+    // this is required for dynamic import()
+    ecmaVersion: 2020
+  },
+  env: {
+    node: true
+  },
+  extends: ['digitalbazaar', 'digitalbazaar/jsdoc'],
+  ignorePatterns: ['node_modules/']
+};

package/.github/workflows/main.yml

@@ -0,0 +1,67 @@
+name: Bedrock Node.js CI
+
+on: [push]
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    strategy:
+      matrix:
+        node-version: [14.x]
+    steps:
+    - uses: actions/checkout@v2
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v1
+      with:
+        node-version: ${{ matrix.node-version }}
+    - run: npm install
+    - name: Run eslint
+      run: npm run lint
+  test-node:
+    needs: [lint]
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    strategy:
+      matrix:
+        node-version: [14.x]
+    steps:
+    - uses: actions/checkout@v2
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v1
+      with:
+        node-version: ${{ matrix.node-version }}
+    - run: |
+        npm install
+        cd test
+        npm install
+    - name: Run test with Node.js ${{ matrix.node-version }}
+      run: |
+        cd test
+        npm test
+  coverage:
+    needs: [test-node]
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    strategy:
+      matrix:
+        node-version: [14.x]
+    steps:
+    - uses: actions/checkout@v2
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v1
+      with:
+        node-version: ${{ matrix.node-version }}
+    - run: |
+        npm install
+        cd test
+        npm install
+    - name: Generate coverage report
+      run: |
+        cd test
+        npm run coverage-ci
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v2
+      with:
+        file: ./test/coverage/lcov.info
+        fail_ci_if_error: true

package/CHANGELOG.md

@@ -0,0 +1,244 @@
+# bedrock-validation ChangeLog
+
+## 6.0.0 - 2022-04-01
+
+### Changed
+- **BREAKING**: Rename package to `@bedrock/server`.
+- **BREAKING**: Convert to module (ESM).
+- **BREAKING**: Remove default export.
+- **BREAKING**: Require node 14.x.
+- **BREAKING**: All APIs now use options-style/named parameters.
+- **BREAKING**: When no schema can be found to match a given schema name,
+  the error returned from `validateInstance` is now of type `NotFoundError`
+  instead of `UnknownSchema`.
+
+### Removed
+- **BREAKING**: Remove deprecated `validate` function. Use `validateInstance`
+  or `createValidateMiddleware`.
+- **BREAKING**: All callback-style APIs/parameters have been removed. Functions
+  that validate instances are synchronous.
+- **BREAKING**: Removed obsolete `graphSignature` schema.
+
+## 5.6.3 - 2022-03-24
+
+### Fixed
+- Fix slow loading of schemas in same dir (load in parallel).
+
+## 5.6.2 - 2022-03-24
+
+### Fixed
+- Handle case that import schema has no default export.
+
+## 5.6.1 - 2022-03-24
+
+### Fixed
+- Update schemas to use esm style and `esm.js` to transpile
+  to CommonJS.
+
+## 5.6.0 - 2022-03-23
+
+### Changed
+- Update peer deps:
+  - `bedrock@4.5`.
+- Update internals to use esm style and use `esm.js` to
+  transpile to CommonJS.
+
+## 5.5.0 - 2022-02-17
+
+### Added
+- Add `createValidateMiddleware` to create a more modern validate express-style
+  middleware. This function has more clear name, simpler parameters, and
+  ensures that the schemas used are compiled once. It requires schemas to
+  be passed directly, a string identifying a schema may not be used.
+
+## 5.4.1 - 2022-02-10
+
+### Fixed
+- Ensure `title` is set on compiled function.
+
+## 5.4.0 - 2022-02-10
+
+### Added
+- Add `compile()` function to pre-compile a schema and return a
+  function that outputs the same validation results as calling
+  `validateInstance`.
+
+## 5.3.0 - 2022-02-10
+
+### Changed
+- Pre-compile schemas that are used in middlewares to prevent
+  compiling on every request.
+
+## 5.2.2 - 2021-12-15
+
+### Fixed
+- Fix bug in `graphSignature` schema causing it to be invalid.
+
+## 5.2.1 - 2021-12-14
+
+### Fixed
+- Fix `api.validate` to throw error if schema does not exist instead of
+  returning middleware that raises the error.
+
+## 5.2.0 - 2021-07-23
+
+### Changed
+- Update peer dependencies; use bedrock@4.
+
+## 5.1.0 - 2021-06-30
+
+### Added
+- Support `linkedDataSignature2020` schema generator.
+
+## 5.0.0 - 2021-03-19
+
+### Changed
+- **BREAKING**: Email pattern no longer supports uppercase chars.
+
+## 4.5.0 - 2020-11-19
+
+### Added
+- Implement a new ES6 Map based cache for AJV schemas. This provides a
+  significant peformance improvement over the default AJV caching mechanism.
+
+## 4.4.0 - 2020-04-27
+
+### Added
+- Allow context in `DID Login` validator to be array with single context string.
+
+## 4.3.0 - 2020-03-30
+
+### Changed
+- Increase character length of email domain labels per RFC 1034.
+
+## 4.2.0 - 2019-11-08
+
+### Changed
+- Update dependencies.
+
+## 4.1.0 - 2019-01-23
+
+### Added
+- Support verificationMethod in linkedDataSignature2018.
+
+## 4.0.1 - 2018-12-17
+
+### Fixed
+- Add missing RsaSignature2018 type in LD signature schema.
+
+## 4.0.0 - 2018-11-28
+
+### Changed
+- Remove `async` module dependency.
+- Return value is {valid: <bool>, error: <error>}
+
+## 3.1.2 - 2018-09-17
+
+### Fixed
+- Invalid `jsonldType` schema.
+
+## 3.1.1 - 2018-09-13
+
+### Fixed
+- Improper use of arrow function in `validate` API.
+
+## 3.1.0 - 2018-09-13
+
+### Added
+- Schema `linkedDataSignature2018`.
+
+### Changed
+- Errors are now 2.x compatible.
+
+### Fixed
+- Fixed test suite.
+
+## 3.0.0 - 2018-02-24
+- Switch core validator to `ajv`.
+
+## 2.4.1 - 2018-06-28
+
+### Changed
+- Use child logger.
+
+## 2.4.0 - 2018-05-10
+
+### Added
+- Add `jsonPatch` and `sequencedPatch` validators.
+
+## 2.3.0 - 2017-09-06
+
+### Added
+- Support multiple signatures in `linkedDataSignature` schema.
+
+## 2.2.1 - 2016-09-22
+
+### Changed
+- Restructure test framework for CI.
+
+## 2.2.0 - 2016-07-22
+
+### Added
+- Add `lowerCaseOnly` option to email validator.
+
+## 2.1.1 - 2016-07-20
+
+### Changed
+- Replace deprecated `GLOBAL` with `global`.
+
+## 2.1.0 - 2016-07-06
+
+### Added
+- Add `linkedDataSignature` schema.
+
+## 2.0.3 - 2016-06-13
+
+### Fixed
+- Accept dates before the year 2000 (1000+). A future fix should
+  also accept dates 0-1000.
+
+## 2.0.2 - 2016-03-15
+
+### Changed
+- Update bedrock dependencies.
+
+### Changed
+- Use jsonldContext schema to validate Credential @context.
+
+## 2.0.1 - 2016-03-09
+
+### Changed
+- Update publicKeyPem schema to accept RSA PUBLIC KEY.
+
+## 2.0.0 - 2016-03-02
+
+### Changed
+- Update package dependencies for npm v3 compatibility.
+
+## 1.0.3 - 2016-01-06
+
+### Fixed
+- Fix synchronous error emission when invalid schema is specified.
+
+## 1.0.2 - 2015-10-13
+
+### Fixed
+- Fix credential schema bugs/style.
+
+## 1.0.1 - 2015-05-07
+
+### Added
+- Support validating JSON-LD context arrays.
+
+### Changed
+- Accept and ignore null as jsonldContext context param.
+
+## 1.0.0 - 2015-04-08
+
+### Changed
+- Labels/titles: Allow double quotes.
+- Lables: Allow length of 200 (up from 32).
+
+## 0.1.0 (up to early 2015)
+
+- See git history for changes.

package/LICENSE.md

@@ -0,0 +1,115 @@
+Bedrock Non-Commercial License v1.0
+===================================
+
+Copyright (c) 2011-2020 Digital Bazaar, Inc.
+All rights reserved.
+
+Summary
+=======
+
+This license allows the licensee to use Bedrock and its software modules
+for non-commercial purposes such as self-study, research, personal
+projects, or for evaluation purposes. If the licensee uses Bedrock
+directly or indirectly to generate revenue, or to provide products or
+services to more than 500 people (users), the licensee must immediately
+obtain a non-profit or commercial license.
+
+Examples
+========
+
+These are examples of cases that are allowed by this license:
+
+* The licensee is an individual that creates Bedrock-dependent software for
+  personal use only.
+* The licensee is an individual or group of students/researchers that uses
+  Bedrock to experiment with an idea for a non-commercial project.
+* The licensee is a startup company that prototypes a Bedrock-dependent
+  product before they have cash flow and will be testing the prototype
+  software with less than 500 users. The service will not generate revenue
+  of any kind.
+* The licensee is a for-profit organization that creates a product or
+  service that is used by less than 500 users and is built with or
+  integrates with Bedrock. The service must be exclusively provided for free
+  and no parent, subsidiary, agent, or affiliate organization may profit
+  from its use.
+
+These cases require a non-profit or commercial license:
+
+* The licensee is a non-profit that receives funding to create and/or run a
+  Bedrock-dependent service.
+* The licensee is a startup company with Bedrock-dependent software that is
+  funded by another organization.
+* The licensee is a startup company that is going into production with
+  Bedrock-dependent software.
+* The licensee has more than 500 users using a Bedrock-dependent service
+  either directly or indirectly.
+* The licensee is a medium to large organization that builds or integrates a
+  commercial product or service with Bedrock.
+
+THE LICENSE
+===========
+
+This section and all subsequent sections of this document constitute the
+agreement between the licensee and Digital Bazaar, Inc.
+
+DEFINITIONS
+===========
+
+* Product - The Bedrock software and any modules associated with Bedrock
+where Digital Bazaar, Inc. owns the copyright.
+
+CONDITIONS
+==========
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted for NON-COMMERCIAL PURPOSES as long as the
+following conditions are met:
+
+1. Any use of the Product must not generate revenue for the licensee or
+   any parent, subsidiary, agent, or affiliate of the licensee. Use of
+   Product includes, but is not limited to, interacting with any of the
+   licensee's Product-dependent products or services over a network.
+
+2. The aggregate number of individual people (users) of the licensee's
+   products or services that use Product must be less than 500.
+
+3. Redistributions of source code must retain the above copyright notice
+   intact, this list of conditions and the following disclaimer.
+
+4. Redistributions in binary form must reproduce the above copyright
+   notice, this license and the following disclaimer in the documentation and
+   on a web page available via interactive use and/or other materials
+   provided with the distribution.
+
+5. Neither the name of the copyright holder, the names of its
+   contributors, nor any trademarks held by the copyright holder may be used
+   to endorse or promote products or services built using the Product without
+   specific prior written permission.
+
+6. Any modifications are clearly outlined in release documentation and are
+   specifically mentioned as not being a part of an official Product release.
+   No additional restrictions to this license may be made when distributing
+   modifications.
+
+7. For the avoidance of doubt, this license prohibits sublicensing of the
+   Product.
+
+8. Any breach of this license by licensee must be resolved within 30 days.
+   Failure to do so results in the termination of this license.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+To obtain a non-profit or commercial license for Product, please contact
+Digital Bazaar, Inc. at the following email address:
+
+Digital Bazaar <support@digitalbazaar.com>

package/README.md

@@ -0,0 +1,92 @@
+# bedrock-validation
+
+[![Build Status](http://ci.digitalbazaar.com/buildStatus/icon?job=bedrock-validation)](http://ci.digitalbazaar.com/job/bedrock-validation)
+
+A [bedrock][] module that provides a express middleware and an API for
+validating data structures and their contents. **bedrock-validation** uses
+schemas based on [JSON schema][].
+
+## Requirements
+
+- npm v6+
+
+## Quick Examples
+
+```
+npm install @bedrock/validation
+```
+
+```js
+import * as bedrock from '@bedrock/core';
+import {validate} from '@bedrock/validation';
+
+// load schemas from '/foo'
+bedrock.config.validation.schema.paths.push('/foo');
+
+// add an express route with validation middleware
+bedrock.events.on('bedrock-express.configure.routes', function(app) {
+  app.post('/bar',
+    // validate the query using the 'postBarQueryValidator'
+    // validate the response body using the 'postBarValidator'
+    validate({query: 'postBarQueryValidator', body: 'postBarValidator'}),
+    function(req, res) {
+      // do something
+    });
+});
+
+bedrock.start();
+```
+
+## Configuration
+
+**bedrock-validation** will, on initialization (via the `bedrock.init` event),
+read any schemas found in the list of paths specified in
+`bedrock.config.validation.schema.paths`. Individual schemas can be skipped
+via the `bedrock.config.validation.schema.skip` configuration option. If any
+schema name matches a previously loaded schema, it will override that
+schema.
+
+For more documentation on configuration, see [config.js](./lib/config.js).
+
+## API
+
+### validate(name, [data])
+
+This method may be called with either one or two parameters.
+
+If only one parameter is given:
+
+* The method returns express middleware that will be used to validate a request
+  using the schema associated with the given name.
+* If a string is provided for the first parameter, then it will be used as the
+  schema name for validating the request body.
+* If an object is provided for the first parameter, then the object can contain
+  `body` and `query` schema names as properties of the object.
+
+If two parameters are given:
+
+* The first parameter must be a string and the second parameter must be the
+  data to validate. The return value will contain the result of the validation.
+
+### getSchema(name)
+
+Retrieves a validation schema given a `name` for the schema. If no such
+schema exists, `null` is returned.
+
+### validateInstance(instance, schema)
+
+Validates an `instance` (data) against a `schema`. This method may be used
+to validate data using a schema that wasn't necessarily registered via
+the configuration system. The `schema` must be a [JSON schema][] instance. The
+return value will contain the result of the validation. This function returns
+a promise that resolves to:
+```js
+{
+  valid: <boolean>,
+  error: <error> // only present when valid === false
+}
+```
+
+
+[bedrock]: https://github.com/digitalbazaar/bedrock
+[JSON schema]: http://json-schema.org/

package/lib/Cache.js

@@ -0,0 +1,24 @@
+/*!
+ * Copyright (c) 2012-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+export class Cache {
+  constructor() {
+    this._cache = new Map();
+  }
+
+  put(key, value) {
+    this._cache.set(key, value);
+  }
+
+  get(key) {
+    return this._cache.get(key);
+  }
+
+  del(key) {
+    this._cache.delete(key);
+  }
+
+  clear() {
+    this._cache.clear();
+  }
+}

package/lib/config.js

@@ -0,0 +1,18 @@
+/*!
+ * Copyright (c) 2012-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+import {config} from '@bedrock/core';
+import {fileURLToPath} from 'url';
+import path from 'path';
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+
+config.validation = {};
+config.validation.schema = {};
+config.validation.schema.paths = [];
+config.validation.schema.skip = [];
+
+// common validation schemas
+config.validation.schema.paths.push(
+  path.join(__dirname, '..', 'schemas')
+);