@cruk/fundraising-data-validations 4.2.0

package/README.md

@@ -0,0 +1,131 @@
+# Fundraising data validations
+
+This internal CRUKorg package provides regular expressions to validate commonly collected supporter data in fundraising products, ensuring the data meets the minimum requirements for downstream systems.
+
+The motivation for creating this package is to standardise these validation rules to avoid duplicated interpretation of them in multiple products and minimise risks of passing invalid data downstream. This package is designed to be used in frontend forms and on backend services accepting any payloads of data to be sent downstream.
+
+### Usage
+
+#### To install the package locally
+
+1. Run `npm install @crukorg/fundraising-data-validations` in your terminal.
+1. Import the relevant schema into your validation files, e.g.
+
+```ts
+import { supporterSchema } from "@crukorg/fundraising-data-validations";
+
+const isValidFirstName =
+  supporterSchema.firstName.allowedCharacters.regex.test(inputFirstName);
+
+if (!isValidFirstName) {
+  return supporterSchema.firstName.allowedCharacters.errorMessage;
+}
+```
+
+Zod example:
+
+```ts
+import { z } from "zod";
+import { supporterSchema } from "@cruk/fundraising-data-validations";
+
+const isValidSupporter = z
+  .object({
+    firstName: z
+      .string()
+      .trim()
+      .regex(
+        supporterSchema.firstName.minMaxLength?.regex,
+        supporterSchema.firstName.minMaxLength?.errorMessage,
+      )
+      .regex(
+        supporterSchema.firstName.allowedCharacters.regex,
+        supporterSchema.firstName.allowedCharacters.errorMessage,
+      ),
+  })
+  .required({
+    firstName: supporterSchema.firstName.isRequired?.required,
+  });
+
+try {
+  isValidSupporter.parse(inputSupporter);
+} catch (error) {
+  if (error instanceof ZodError) {
+    const errorMessages = prettifyError(error);
+    console.error(errorMessages);
+  }
+}
+```
+
+1. You may add additional, stricter rules on top of these validations, but these rules should form the foundation of any validations for form data.
+
+#### Required and optional validation
+
+Each field has several rules available for use. In each case, **required** and **allowedCharacters** regexes are the minimum required rules.
+Most of the fields also have a **minMaxLength** rule, the only current exception being the **createdAt** field.
+
+- **firstName** and **lastName**: **forbiddenSubstrings** should be enforced.
+- **phoneNumber**: **forbiddenSubstrings** are optional depending on if your validation requires phoneNumber to be a landline.
+
+### Limitations
+
+- The regular expressions are written to be language agnostic, but they have only been tested in TypeScript applications.
+- The regular expressions are compatible with AWS tools that allow regular expressions for string comparison, such as Step Functions, since allowed regex in AWS have some limitations.
+
+### ReDoS regression tests
+
+This package includes a dedicated ReDoS regression suite in `src/__tests__/redos.unit.test.ts`.
+
+The test iterates over all runtime regexes in the exported schemas and runs long adversarial-style near-miss inputs against each pattern. This helps detect catastrophic backtracking risks early if a future regex introduces an OWASP-style "evil regex" shape.
+
+Run the targeted suite with:
+
+```bash
+npm test -- --run src/__tests__/redos.unit.test.ts
+```
+
+Notes:
+
+- If this test starts timing out, treat it as a potential ReDoS regression and review any recently changed regex.
+- Keep this file as a fast guardrail. If you add new schema regexes, ensure they are still collected by this suite.
+
+### Transformations
+
+> [!IMPORTANT]
+> The following data transformation must be handled by the products, as they is not included in the validations package to minimise friction to the user journey.
+
+#### firstName
+
+- remove whitespace before or after a hyphen or an apostrophe, e.g. " - " is converted to "-"
+- must be in Proper Case
+
+#### lastName
+
+- remove whitespace before or after a hyphen or an apostrophe, e.g. " - " is converted to "-"
+
+#### email
+
+- must be in lowercase
+
+#### phoneNumber / mobileNumber
+
+- remove whitespace
+
+#### address lines
+
+- replace comma with space
+- must be no duplicates across lines
+
+#### postcode
+
+- must be UPPERCASE
+
+### Contributing
+
+1. Run `npm install` to install packages.
+1. Make any changes in `src` and add test coverage.
+1. Run `npm run build` to compile the changes to `dist`.
+1. Run `npm run lint:fix` to format code.
+1. Commit, push, create PR etc. **NOTE: this project uses conventional commits and you will be prompted on the command line to follow this convention.**
+1. PRs require at least one review by a code owner to be merged
+1. When your PR is merged, it triggers a PR close workflow which updates the package version according to the conventional commits in the PR. Ensure this workflow is complete before progressin to the next step.
+1. The package is published publicly to npm. Trigger the action manually from GitHub to deploy the latest version.

package/dist/@types/field-schema.d.ts

@@ -0,0 +1,18 @@
+export interface FieldSchema {
+  isRequired: {
+    required: boolean;
+    errorMessage?: string;
+  };
+  allowedCharacters: {
+    regex: RegExp;
+    errorMessage: string;
+  };
+  minMaxLength?: {
+    regex: RegExp;
+    errorMessage: string;
+  };
+  forbiddenSubstrings?: {
+    regex: RegExp;
+    errorMessage: string;
+  };
+}

package/dist/@types/field-schema.js

@@ -0,0 +1 @@
+export {};

package/dist/common.d.ts

@@ -0,0 +1,10 @@
+import { FieldSchema } from "./@types/field-schema";
+export declare const CommonField: {
+  readonly AMOUNT: "amount";
+  readonly CREATED_AT: "createdAt";
+  readonly IN_MEMORY_NAME: "inMemoryName";
+};
+export type CommonField = (typeof CommonField)[keyof typeof CommonField];
+export declare const commonSchema: {
+  [key in CommonField]: FieldSchema;
+};

package/dist/common.js

@@ -0,0 +1,46 @@
+export const CommonField = {
+  AMOUNT: "amount",
+  CREATED_AT: "createdAt",
+  IN_MEMORY_NAME: "inMemoryName",
+};
+export const commonSchema = {
+  [CommonField.AMOUNT]: {
+    isRequired: {
+      required: true,
+      errorMessage: "Please enter an amount.",
+    },
+    minMaxLength: {
+      regex: /^.{1,20}$/,
+      errorMessage: "Please enter the amount between 1 - 20 digits.",
+    },
+    allowedCharacters: {
+      regex: /^\d+(\.\d{1,2})?$/,
+      errorMessage:
+        "Please enter an amount, only two decimal places are allowed.",
+    },
+  },
+  [CommonField.CREATED_AT]: {
+    isRequired: {
+      required: false,
+    },
+    allowedCharacters: {
+      regex:
+        /^\d{4}-(0[1-9]|1[0-2])-([0-2]\d|3[01])T([01]\d|2[0-3]):[0-5]\d:[0-5]\dZ$/,
+      errorMessage: "Please enter a date time string in UTC timezone.",
+    },
+  },
+  [CommonField.IN_MEMORY_NAME]: {
+    isRequired: {
+      required: false,
+    },
+    minMaxLength: {
+      regex: /^.{1,100}$/,
+      errorMessage: "Please complete with a maximum of 100 characters.",
+    },
+    allowedCharacters: {
+      regex:
+        /^[0-9A-Za-zÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿĀāĂ㥹ĆćĈĉĊċČčĎďĐđĒēĔĕĖėĘęĚěĜĝĞğĠġĢģĤĥĦħĨĩĪīĬĭĮįİıIJijĴĵĶķĸĹĺĻļĽľĿŀŁłŃńŅņŇňʼnŊŋŌōŎŏŐőŒœŔŕŖŗŘřŚśŜŝŞşŠšŢţŤťŦŧŨũŪūŬŭŮůŰűŲųŴŵŶŷŸŹźŻżŽžſƀƁƂƃƄƅƆƇƈƉƊƋƌƍƎƏƐƑƒƓƔƕƖƗƘƙƚƛƜƝƞƟƠơƢƣƤƥƦƧƨƩƪƫƬƭƮƯưƱƲƳƴƵƶƷƸƹƺƼƽƾƿDŽDždžLJLjljNJNjnjǍǎǏǐǑǒǓǔǕǖǗǘǙǚǛǜǝǞǟǠǡǢǣǤǥǦǧǨǩǪǫǬǭǮǯǰDZDzdzǴǵǶǷǸǹǺǻǼǽǾǿȀȁȂȃȄȅȆȇȈȉȊȋȌȍȎȏȐȑȒȓȔȕȖȗȘșȚțȜȝȞȟȠȡȢȣȤȥȦȧȨȩȪȫȬȭȮȯȰȱȲȳȴȵȶȷȸȹȺȻȼȽȾȿɀɁɂɃɄɅɆɇɈɉɊɋɌɍɎɏɐɑɒɓɔɕɖɗɘəɚɛɜɝɞɟ][ '‘’0-9A-Za-zÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿĀāĂ㥹ĆćĈĉĊċČčĎďĐđĒēĔĕĖėĘęĚěĜĝĞğĠġĢģĤĥĦħĨĩĪīĬĭĮįİıIJijĴĵĶķĸĹĺĻļĽľĿŀŁłŃńŅņŇňʼnŊŋŌōŎŏŐőŒœŔŕŖŗŘřŚśŜŝŞşŠšŢţŤťŦŧŨũŪūŬŭŮůŰűŲųŴŵŶŷŸŹźŻżŽžſƀƁƂƃƄƅƆƇƈƉƊƋƌƍƎƏƐƑƒƓƔƕƖƗƘƙƚƛƜƝƞƟƠơƢƣƤƥƦƧƨƩƪƫƬƭƮƯưƱƲƳƴƵƶƷƸƹƺƼƽƾƿDŽDždžLJLjljNJNjnjǍǎǏǐǑǒǓǔǕǖǗǘǙǚǛǜǝǞǟǠǡǢǣǤǥǦǧǨǩǪǫǬǭǮǯǰDZDzdzǴǵǶǷǸǹǺǻǼǽǾǿȀȁȂȃȄȅȆȇȈȉȊȋȌȍȎȏȐȑȒȓȔȕȖȗȘșȚțȜȝȞȟȠȡȢȣȤȥȦȧȨȩȪȫȬȭȮȯȰȱȲȳȴȵȶȷȸȹȺȻȼȽȾȿɀɁɂɃɄɅɆɇɈɉɊɋɌɍɎɏɐɑɒɓɔɕɖɗɘəɚɛɜɝɞɟ-]*$/i,
+      errorMessage: "Please enter a valid name.",
+    },
+  },
+};

package/dist/direct-debit.d.ts

@@ -0,0 +1,11 @@
+import { FieldSchema } from "./@types/field-schema";
+export declare const DirectDebitField: {
+  readonly ACCOUNT_HOLDER_NAME: "accountHolderName";
+  readonly BANK_ACCOUNT_NUMBER: "bankAccountNumber";
+  readonly BANK_SORT_CODE: "bankSortCode";
+};
+export type DirectDebitField =
+  (typeof DirectDebitField)[keyof typeof DirectDebitField];
+export declare const directDebitSchema: {
+  [key in DirectDebitField]: FieldSchema;
+};

package/dist/direct-debit.js

@@ -0,0 +1,51 @@
+export const DirectDebitField = {
+  ACCOUNT_HOLDER_NAME: "accountHolderName",
+  BANK_ACCOUNT_NUMBER: "bankAccountNumber",
+  BANK_SORT_CODE: "bankSortCode",
+};
+export const directDebitSchema = {
+  [DirectDebitField.ACCOUNT_HOLDER_NAME]: {
+    isRequired: {
+      required: true,
+      errorMessage: "Please enter the account holder's name.",
+    },
+    minMaxLength: {
+      regex: /^.{1,50}$/,
+      errorMessage:
+        "Please enter the account holder's name between 1 - 50 characters.",
+    },
+    allowedCharacters: {
+      regex:
+        /^[0-9A-Za-zÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿĀāĂ㥹ĆćĈĉĊċČčĎďĐđĒēĔĕĖėĘęĚěĜĝĞğĠġĢģĤĥĦħĨĩĪīĬĭĮįİıIJijĴĵĶķĸĹĺĻļĽľĿŀŁłŃńŅņŇňʼnŊŋŌōŎŏŐőŒœŔŕŖŗŘřŚśŜŝŞşŠšŢţŤťŦŧŨũŪūŬŭŮůŰűŲųŴŵŶŷŸŹźŻżŽžſƀƁƂƃƄƅƆƇƈƉƊƋƌƍƎƏƐƑƒƓƔƕƖƗƘƙƚƛƜƝƞƟƠơƢƣƤƥƦƧƨƩƪƫƬƭƮƯưƱƲƳƴƵƶƷƸƹƺƼƽƾƿDŽDždžLJLjljNJNjnjǍǎǏǐǑǒǓǔǕǖǗǘǙǚǛǜǝǞǟǠǡǢǣǤǥǦǧǨǩǪǫǬǭǮǯǰDZDzdzǴǵǶǷǸǹǺǻǼǽǾǿȀȁȂȃȄȅȆȇȈȉȊȋȌȍȎȏȐȑȒȓȔȕȖȗȘșȚțȜȝȞȟȠȡȢȣȤȥȦȧȨȩȪȫȬȭȮȯȰȱȲȳȴȵȶȷȸȹȺȻȼȽȾȿɀɁɂɃɄɅɆɇɈɉɊɋɌɍɎɏɐɑɒɓɔɕɖɗɘəɚɛɜɝɞɟ-][ '‘’0-9A-Za-zÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿĀāĂ㥹ĆćĈĉĊċČčĎďĐđĒēĔĕĖėĘęĚěĜĝĞğĠġĢģĤĥĦħĨĩĪīĬĭĮįİıIJijĴĵĶķĸĹĺĻļĽľĿŀŁłŃńŅņŇňʼnŊŋŌōŎŏŐőŒœŔŕŖŗŘřŚśŜŝŞşŠšŢţŤťŦŧŨũŪūŬŭŮůŰűŲųŴŵŶŷŸŹźŻżŽžſƀƁƂƃƄƅƆƇƈƉƊƋƌƍƎƏƐƑƒƓƔƕƖƗƘƙƚƛƜƝƞƟƠơƢƣƤƥƦƧƨƩƪƫƬƭƮƯưƱƲƳƴƵƶƷƸƹƺƼƽƾƿDŽDždžLJLjljNJNjnjǍǎǏǐǑǒǓǔǕǖǗǘǙǚǛǜǝǞǟǠǡǢǣǤǥǦǧǨǩǪǫǬǭǮǯǰDZDzdzǴǵǶǷǸǹǺǻǼǽǾǿȀȁȂȃȄȅȆȇȈȉȊȋȌȍȎȏȐȑȒȓȔȕȖȗȘșȚțȜȝȞȟȠȡȢȣȤȥȦȧȨȩȪȫȬȭȮȯȰȱȲȳȴȵȶȷȸȹȺȻȼȽȾȿɀɁɂɃɄɅɆɇɈɉɊɋɌɍɎɏɐɑɒɓɔɕɖɗɘəɚɛɜɝɞɟ-]*$/i,
+      errorMessage: "Please enter a valid name.",
+    },
+  },
+  [DirectDebitField.BANK_ACCOUNT_NUMBER]: {
+    isRequired: {
+      required: true,
+      errorMessage: "Please enter your account number.",
+    },
+    minMaxLength: {
+      regex: /^.{8}$/,
+      errorMessage: "Please enter account number with 8 digits.",
+    },
+    allowedCharacters: {
+      regex: /^[\d]+$/,
+      errorMessage: "Please enter a valid account number.",
+    },
+  },
+  [DirectDebitField.BANK_SORT_CODE]: {
+    isRequired: {
+      required: true,
+      errorMessage: "Please enter your sort code.",
+    },
+    minMaxLength: {
+      regex: /^.{6}$/,
+      errorMessage: "Your sort code should have 6 digits.",
+    },
+    allowedCharacters: {
+      regex: /^[\d]+$/,
+      errorMessage: "Please enter a valid sort code.",
+    },
+  },
+};

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./supporter.js";
+export * from "./common.js";
+export * from "./direct-debit.js";

package/dist/index.js

@@ -0,0 +1,3 @@
+export * from "./supporter.js";
+export * from "./common.js";
+export * from "./direct-debit.js";

package/dist/supporter.d.ts

@@ -0,0 +1,22 @@
+import { FieldSchema } from "./@types/field-schema";
+export declare const SupporterField: {
+  readonly ADDRESS_LINE_1: "addressLine1";
+  readonly ADDRESS_LINE_2: "addressLine2";
+  readonly ADDRESS_LINE_3: "addressLine3";
+  readonly ADDRESS_LINE_4: "addressLine4";
+  readonly COUNTRY: "country";
+  readonly EMAIL_ADDRESS: "emailAddress";
+  readonly FIRST_NAME: "firstName";
+  readonly LAST_NAME: "lastName";
+  readonly MOBILE_NUMBER_UK: "mobileNumberUK";
+  readonly PHONE_NUMBER: "phoneNumber";
+  readonly POSTCODE_UK: "postcodeUK";
+  readonly POSTCODE_INTL: "postcodeIntl";
+  readonly TITLE: "title";
+  readonly TOWN: "town";
+};
+export type SupporterField =
+  (typeof SupporterField)[keyof typeof SupporterField];
+export declare const supporterSchema: {
+  [key in SupporterField]: FieldSchema;
+};

package/dist/supporter.js

@@ -0,0 +1,235 @@
+export const SupporterField = {
+  ADDRESS_LINE_1: "addressLine1",
+  ADDRESS_LINE_2: "addressLine2",
+  ADDRESS_LINE_3: "addressLine3",
+  ADDRESS_LINE_4: "addressLine4",
+  COUNTRY: "country",
+  EMAIL_ADDRESS: "emailAddress",
+  FIRST_NAME: "firstName",
+  LAST_NAME: "lastName",
+  MOBILE_NUMBER_UK: "mobileNumberUK",
+  PHONE_NUMBER: "phoneNumber",
+  POSTCODE_UK: "postcodeUK",
+  POSTCODE_INTL: "postcodeIntl",
+  TITLE: "title",
+  TOWN: "town",
+};
+export const supporterSchema = {
+  [SupporterField.TITLE]: {
+    isRequired: {
+      required: false,
+    },
+    allowedCharacters: {
+      regex: /^(dr|mr|mrs|miss|ms|mx)$/i,
+      errorMessage: "Enter one of 'Dr', 'Mr', 'Mrs', 'Miss', 'Ms', 'Mx'",
+    },
+  },
+  [SupporterField.FIRST_NAME]: {
+    isRequired: {
+      required: true,
+      errorMessage: "First name is required.",
+    },
+    allowedCharacters: {
+      regex:
+        /^[A-Za-zÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿĀāĂ㥹ĆćĈĉĊċČčĎďĐđĒēĔĕĖėĘęĚěĜĝĞğĠġĢģĤĥĦħĨĩĪīĬĭĮįİıIJijĴĵĶķĸĹĺĻļĽľĿŀŁłŃńŅņŇňʼnŊŋŌōŎŏŐőŒœŔŕŖŗŘřŚśŜŝŞşŠšŢţŤťŦŧŨũŪūŬŭŮůŰűŲųŴŵŶŷŸŹźŻżŽžſƀƁƂƃƄƅƆƇƈƉƊƋƌƍƎƏƐƑƒƓƔƕƖƗƘƙƚƛƜƝƞƟƠơƢƣƤƥƦƧƨƩƪƫƬƭƮƯưƱƲƳƴƵƶƷƸƹƺƼƽƾƿDŽDždžLJLjljNJNjnjǍǎǏǐǑǒǓǔǕǖǗǘǙǚǛǜǝǞǟǠǡǢǣǤǥǦǧǨǩǪǫǬǭǮǯǰDZDzdzǴǵǶǷǸǹǺǻǼǽǾǿȀȁȂȃȄȅȆȇȈȉȊȋȌȍȎȏȐȑȒȓȔȕȖȗȘșȚțȜȝȞȟȠȡȢȣȤȥȦȧȨȩȪȫȬȭȮȯȰȱȲȳȴȵȶȷȸȹȺȻȼȽȾȿɀɁɂɃɄɅɆɇɈɉɊɋɌɍɎɏɐɑɒɓɔɕɖɗɘəɚɛɜɝɞɟ][ '‘’A-Za-zÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿĀāĂ㥹ĆćĈĉĊċČčĎďĐđĒēĔĕĖėĘęĚěĜĝĞğĠġĢģĤĥĦħĨĩĪīĬĭĮįİıIJijĴĵĶķĸĹĺĻļĽľĿŀŁłŃńŅņŇňʼnŊŋŌōŎŏŐőŒœŔŕŖŗŘřŚśŜŝŞşŠšŢţŤťŦŧŨũŪūŬŭŮůŰűŲųŴŵŶŷŸŹźŻżŽžſƀƁƂƃƄƅƆƇƈƉƊƋƌƍƎƏƐƑƒƓƔƕƖƗƘƙƚƛƜƝƞƟƠơƢƣƤƥƦƧƨƩƪƫƬƭƮƯưƱƲƳƴƵƶƷƸƹƺƼƽƾƿDŽDždžLJLjljNJNjnjǍǎǏǐǑǒǓǔǕǖǗǘǙǚǛǜǝǞǟǠǡǢǣǤǥǦǧǨǩǪǫǬǭǮǯǰDZDzdzǴǵǶǷǸǹǺǻǼǽǾǿȀȁȂȃȄȅȆȇȈȉȊȋȌȍȎȏȐȑȒȓȔȕȖȗȘșȚțȜȝȞȟȠȡȢȣȤȥȦȧȨȩȪȫȬȭȮȯȰȱȲȳȴȵȶȷȸȹȺȻȼȽȾȿɀɁɂɃɄɅɆɇɈɉɊɋɌɍɎɏɐɑɒɓɔɕɖɗɘəɚɛɜɝɞɟ-]*$/i,
+      errorMessage:
+        "First names can only contain letters, hyphens and apostrophes.",
+    },
+    minMaxLength: {
+      regex: /^.{2,40}$/,
+      errorMessage: "First name must be between 2 and 40 characters.",
+    },
+    forbiddenSubstrings: {
+      regex: /\b(and|plus|test|undefined|unknown)\b/i,
+      errorMessage:
+        "First name must be a valid name and must be an individual.",
+    },
+  },
+  [SupporterField.LAST_NAME]: {
+    isRequired: {
+      required: true,
+      errorMessage: "Last name is required.",
+    },
+    allowedCharacters: {
+      regex:
+        /^[A-Za-zÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿĀāĂ㥹ĆćĈĉĊċČčĎďĐđĒēĔĕĖėĘęĚěĜĝĞğĠġĢģĤĥĦħĨĩĪīĬĭĮįİıIJijĴĵĶķĸĹĺĻļĽľĿŀŁłŃńŅņŇňʼnŊŋŌōŎŏŐőŒœŔŕŖŗŘřŚśŜŝŞşŠšŢţŤťŦŧŨũŪūŬŭŮůŰűŲųŴŵŶŷŸŹźŻżŽžſƀƁƂƃƄƅƆƇƈƉƊƋƌƍƎƏƐƑƒƓƔƕƖƗƘƙƚƛƜƝƞƟƠơƢƣƤƥƦƧƨƩƪƫƬƭƮƯưƱƲƳƴƵƶƷƸƹƺƼƽƾƿDŽDždžLJLjljNJNjnjǍǎǏǐǑǒǓǔǕǖǗǘǙǚǛǜǝǞǟǠǡǢǣǤǥǦǧǨǩǪǫǬǭǮǯǰDZDzdzǴǵǶǷǸǹǺǻǼǽǾǿȀȁȂȃȄȅȆȇȈȉȊȋȌȍȎȏȐȑȒȓȔȕȖȗȘșȚțȜȝȞȟȠȡȢȣȤȥȦȧȨȩȪȫȬȭȮȯȰȱȲȳȴȵȶȷȸȹȺȻȼȽȾȿɀɁɂɃɄɅɆɇɈɉɊɋɌɍɎɏɐɑɒɓɔɕɖɗɘəɚɛɜɝɞɟ][ '‘’A-Za-zÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿĀāĂ㥹ĆćĈĉĊċČčĎďĐđĒēĔĕĖėĘęĚěĜĝĞğĠġĢģĤĥĦħĨĩĪīĬĭĮįİıIJijĴĵĶķĸĹĺĻļĽľĿŀŁłŃńŅņŇňʼnŊŋŌōŎŏŐőŒœŔŕŖŗŘřŚśŜŝŞşŠšŢţŤťŦŧŨũŪūŬŭŮůŰűŲųŴŵŶŷŸŹźŻżŽžſƀƁƂƃƄƅƆƇƈƉƊƋƌƍƎƏƐƑƒƓƔƕƖƗƘƙƚƛƜƝƞƟƠơƢƣƤƥƦƧƨƩƪƫƬƭƮƯưƱƲƳƴƵƶƷƸƹƺƼƽƾƿDŽDždžLJLjljNJNjnjǍǎǏǐǑǒǓǔǕǖǗǘǙǚǛǜǝǞǟǠǡǢǣǤǥǦǧǨǩǪǫǬǭǮǯǰDZDzdzǴǵǶǷǸǹǺǻǼǽǾǿȀȁȂȃȄȅȆȇȈȉȊȋȌȍȎȏȐȑȒȓȔȕȖȗȘșȚțȜȝȞȟȠȡȢȣȤȥȦȧȨȩȪȫȬȭȮȯȰȱȲȳȴȵȶȷȸȹȺȻȼȽȾȿɀɁɂɃɄɅɆɇɈɉɊɋɌɍɎɏɐɑɒɓɔɕɖɗɘəɚɛɜɝɞɟ-]*$/i,
+      errorMessage:
+        "Last names can only contain letters, hyphens and apostrophes.",
+    },
+    minMaxLength: {
+      regex: /^.{2,50}$/,
+      errorMessage: "Last name must be between 2 and 50 characters.",
+    },
+    forbiddenSubstrings: {
+      regex: /\b(and|plus|test|undefined|unknown)\b/i,
+      errorMessage: "Last name must be a valid name and must be an individual.",
+    },
+  },
+  [SupporterField.ADDRESS_LINE_1]: {
+    isRequired: {
+      required: true,
+      errorMessage: "First line of address is required.",
+    },
+    allowedCharacters: {
+      regex: /^[\d &'‘’.,/A-Za-z-]+$/,
+      errorMessage:
+        "The first line of address can only contain letters, numbers and the following special characters '-/.&.",
+    },
+    minMaxLength: {
+      regex: /^.{1,200}$/,
+      errorMessage:
+        "The first line of address must be between 1 and 200 characters.",
+    },
+  },
+  [SupporterField.ADDRESS_LINE_2]: {
+    isRequired: {
+      required: false,
+    },
+    allowedCharacters: {
+      regex: /^[\d &'‘’.,/A-Za-z-]+$/,
+      errorMessage:
+        "The second line of address can only contain letters, numbers and the following special characters '-/.&.",
+    },
+    minMaxLength: {
+      regex: /^.{1,100}$/,
+      errorMessage: "The second line of address must be under 100 characters.",
+    },
+  },
+  [SupporterField.ADDRESS_LINE_3]: {
+    isRequired: {
+      required: false,
+    },
+    allowedCharacters: {
+      regex: /^[\d &'‘’.,/A-Za-z-]+$/,
+      errorMessage:
+        "The third line of address can only contain letters, numbers and the following special characters '-/.&.",
+    },
+    minMaxLength: {
+      regex: /^.{1,100}$/,
+      errorMessage: "The third line of address must be under 100 characters.",
+    },
+  },
+  [SupporterField.ADDRESS_LINE_4]: {
+    isRequired: {
+      required: false,
+    },
+    allowedCharacters: {
+      regex: /^[\d &'‘’.,/A-Za-z-]+$/,
+      errorMessage:
+        "The fourth line of address can only contain letters, numbers and the following special characters '-/.&.",
+    },
+    minMaxLength: {
+      regex: /^.{1,100}$/,
+      errorMessage: "The fourth line of address must be under 100 characters.",
+    },
+  },
+  [SupporterField.TOWN]: {
+    isRequired: {
+      required: true,
+      errorMessage: "Town is required.",
+    },
+    allowedCharacters: {
+      regex: /^[\d &'‘’./A-Za-z-]+$/,
+      errorMessage:
+        "Town can only contain letters, numbers and the following special characters ' - / . &.",
+    },
+    minMaxLength: {
+      regex: /^.{1,40}$/,
+      errorMessage: "Town must be between 1 and 40 characters.",
+    },
+  },
+  [SupporterField.POSTCODE_UK]: {
+    isRequired: {
+      required: true,
+      errorMessage: "Postcode is required.",
+    },
+    allowedCharacters: {
+      regex: /^(?!.*[\n\r\t])[^,;"“”#_.'‘’()*+:<=>?\[\]{}~¿£$@!¡%€&]+$/,
+      errorMessage:
+        "The postcode can only contain letters, numbers and spaces.",
+    },
+    minMaxLength: {
+      regex: /^.{2,8}$/,
+      errorMessage: "The postcode must be between 2 and 8 characters.",
+    },
+  },
+  [SupporterField.POSTCODE_INTL]: {
+    isRequired: {
+      required: true,
+      errorMessage: "Postcode is required.",
+    },
+    allowedCharacters: {
+      regex: /^(?!.*[\n\r\t])[^,;"“”#_.'‘’()*+:<=>?\[\]{}~¿£$@!¡%€&]+$/,
+      errorMessage:
+        "The postcode can only contain letters, numbers and spaces.",
+    },
+    minMaxLength: {
+      regex: /^.{2,10}$/,
+      errorMessage: "The postcode must be between 2 and 10 characters.",
+    },
+  },
+  [SupporterField.COUNTRY]: {
+    isRequired: {
+      required: true,
+      errorMessage: "Country is required.",
+    },
+    allowedCharacters: {
+      regex: /^(?!.*[\n\r\t])[^;"“”_#()*+:<=>?\[\]{}~¿£$@!¡%€\d]+$/,
+      errorMessage: "The country can only contain letters and spaces.",
+    },
+    minMaxLength: {
+      regex: /^.{1,60}$/,
+      errorMessage: "The country must be between 1 and 60 characters.",
+    },
+  },
+  [SupporterField.EMAIL_ADDRESS]: {
+    isRequired: {
+      required: true,
+      errorMessage: "An email address is required.",
+    },
+    allowedCharacters: {
+      regex:
+        /^[^ "“”'‘’(),:;\\<>\[\]@]+@[^\s"“”'‘’(),.:;\\<>\[\]@_]+\.[^\s"“”'‘’(),:;\\<>\[\]@_]+$/,
+      errorMessage:
+        "This email address doesn't follow the correct format - for example name@domain.com",
+    },
+    minMaxLength: {
+      regex: /^.{1,64}@.{1,64}\..{2,}$/,
+      errorMessage: "The email address is too long.",
+    },
+  },
+  [SupporterField.PHONE_NUMBER]: {
+    isRequired: {
+      required: false,
+    },
+    allowedCharacters: {
+      regex: /^[\+\d ]+$/,
+      errorMessage:
+        "The phone number can only contain numbers, spaces and plus sign.",
+    },
+    minMaxLength: {
+      regex: /^.{0,16}$/,
+      errorMessage:
+        "The phone number must be between 1 and 16 numbers, optionally starting with +.",
+    },
+    forbiddenSubstrings: {
+      regex: /^(\+447|00447|07|\+4407|004407)/,
+      errorMessage: "Mobile numbers are not allowed.",
+    },
+  },
+  [SupporterField.MOBILE_NUMBER_UK]: {
+    isRequired: {
+      required: false,
+    },
+    allowedCharacters: {
+      regex: /^(\+447[ \d]+|00447[ \d]+|07[ \d]+|\+4407[ \d]+|004407[ \d]+)$/,
+      errorMessage:
+        "The phone number can only contain numbers, spaces and plus sign.",
+    },
+    minMaxLength: {
+      regex: /^.{1,16}$/,
+      errorMessage:
+        "The mobile number must be between 1 and 16 numbers, optionally starting with +.",
+    },
+  },
+};

package/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "@cruk/fundraising-data-validations",
+  "version": "4.2.0",
+  "description": "Validation rules for fundraising data",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "type": "module",
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "rm -r ./dist && tsc",
+    "lint": "eslint . && prettier --check .",
+    "lint:fix": "eslint . --fix && prettier --write --log-level=warn .",
+    "prepare": "husky",
+    "release": "semantic-release",
+    "test": "vitest",
+    "version": "echo $npm_package_version"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/CRUKorg/fundraising-data-validations.git"
+  },
+  "author": "",
+  "license": "ISC",
+  "publishConfig": {
+    "registry": "https://registry.npmjs.org"
+  },
+  "config": {
+    "commitizen": {
+      "path": "./node_modules/cz-conventional-changelog"
+    }
+  },
+  "homepage": "https://github.com/CRUKorg/fundraising-data-validations#readme",
+  "devDependencies": {
+    "@commitlint/cli": "^20.1.0",
+    "@commitlint/config-conventional": "^20.0.0",
+    "@semantic-release/changelog": "^6.0.3",
+    "@semantic-release/git": "^10.0.1",
+    "commitizen": "^4.3.1",
+    "eslint": "^9.36.0",
+    "eslint-plugin-unicorn": "^61.0.2",
+    "husky": "^9.1.7",
+    "prettier": "^3.6.2",
+    "semantic-release": "^24.2.9",
+    "typescript": "^5.9.3",
+    "typescript-eslint": "^8.45.0",
+    "vitest": "^3.2.4"
+  }
+}