npm - @jmruthers/pace-core - Versions diffs - 0.5.135 → 0.5.136 - Mend

@jmruthers/pace-core 0.5.135 → 0.5.136

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (522) hide show

package/src/validation/__tests__/user.unit.test.ts DELETED Viewed

@@ -1,440 +0,0 @@
-/**
- * @file User Validation Schema Tests
- * @package @jmruthers/pace-core
- * @module Validation/__tests__
- * @since 0.4.0
- *
- * Comprehensive tests for user validation schemas following TEST_STANDARD.md
- */
-import { describe, it, expect } from 'vitest';
-import { userProfileSchema, userSettingsSchema, userPreferencesSchema } from '../user';
-describe('[unit] User Validation Schemas', () => {
-  describe('userProfileSchema', () => {
-    it('validates complete user profile', () => {
-      const result = userProfileSchema.safeParse({
-        name: 'John Doe',
-        email: 'john@example.com',
-        phone: '1234567890',
-        website: 'https://example.com',
-        bio: 'Software developer',
-      });
-      expect(result.success).toBe(true);
-      if (result.success) {
-        expect(result.data.name).toBe('John Doe');
-        expect(result.data.email).toBe('john@example.com');
-        expect(result.data.phone).toBe('1234567890');
-        expect(result.data.website).toBe('https://example.com');
-        expect(result.data.bio).toBe('Software developer');
-      }
-    });
-    it('validates minimal required fields', () => {
-      const result = userProfileSchema.safeParse({
-        name: 'Jane Smith',
-        email: 'jane@example.com',
-      });
-      expect(result.success).toBe(true);
-      if (result.success) {
-        expect(result.data.name).toBe('Jane Smith');
-        expect(result.data.email).toBe('jane@example.com');
-        expect(result.data.phone).toBeUndefined();
-        expect(result.data.website).toBeUndefined();
-        expect(result.data.bio).toBeUndefined();
-      }
-    });
-    it('requires name field', () => {
-      const result = userProfileSchema.safeParse({
-        email: 'test@example.com',
-      });
-      expect(result.success).toBe(false);
-      if (!result.success) {
-        expect(result.error.issues[0].path).toContain('name');
-      }
-    });
-    it('requires email field', () => {
-      const result = userProfileSchema.safeParse({
-        name: 'Test User',
-      });
-      expect(result.success).toBe(false);
-      if (!result.success) {
-        expect(result.error.issues[0].path).toContain('email');
-      }
-    });
-    it('validates name format', () => {
-      const validResult = userProfileSchema.safeParse({
-        name: 'Mary Jane',
-        email: 'mary@example.com',
-      });
-      expect(validResult.success).toBe(true);
-      const invalidResult = userProfileSchema.safeParse({
-        name: 'John123',
-        email: 'john@example.com',
-      });
-      expect(invalidResult.success).toBe(false);
-    });
-    it('validates email format', () => {
-      const validResult = userProfileSchema.safeParse({
-        name: 'John Doe',
-        email: 'john@example.com',
-      });
-      expect(validResult.success).toBe(true);
-      const invalidResult = userProfileSchema.safeParse({
-        name: 'John Doe',
-        email: 'invalid-email',
-      });
-      expect(invalidResult.success).toBe(false);
-    });
-    it('validates phone format when provided', () => {
-      const result = userProfileSchema.safeParse({
-        name: 'John Doe',
-        email: 'john@example.com',
-        phone: '+1234567890',
-      });
-      // Phone validation depends on common.ts implementation
-      expect(result.success).toBeDefined();
-    });
-    it('validates website URL format when provided', () => {
-      const validResult = userProfileSchema.safeParse({
-        name: 'John Doe',
-        email: 'john@example.com',
-        website: 'https://example.com',
-      });
-      expect(validResult.success).toBe(true);
-      const invalidResult = userProfileSchema.safeParse({
-        name: 'John Doe',
-        email: 'john@example.com',
-        website: 'not-a-url',
-      });
-      expect(invalidResult.success).toBe(false);
-    });
-    it('validates bio length when provided', () => {
-      const validResult = userProfileSchema.safeParse({
-        name: 'John Doe',
-        email: 'john@example.com',
-        bio: 'This is a reasonable bio',
-      });
-      expect(validResult.success).toBe(true);
-      const tooLongBio = 'a'.repeat(501);
-      const invalidResult = userProfileSchema.safeParse({
-        name: 'John Doe',
-        email: 'john@example.com',
-        bio: tooLongBio,
-      });
-      expect(invalidResult.success).toBe(false);
-    });
-    it('handles bio with maximum allowed length', () => {
-      const maxBio = 'a'.repeat(500);
-      const result = userProfileSchema.safeParse({
-        name: 'John Doe',
-        email: 'john@example.com',
-        bio: maxBio,
-      });
-      expect(result.success).toBe(true);
-    });
-    it('rejects empty string for optional fields', () => {
-      const result = userProfileSchema.safeParse({
-        name: 'John Doe',
-        email: 'john@example.com',
-        bio: '',
-      });
-      // Empty string might be treated differently
-      expect(result.success).toBeDefined();
-    });
-  });
-  describe('userSettingsSchema', () => {
-    it('validates complete settings', () => {
-      const result = userSettingsSchema.safeParse({
-        notifications: {
-          email: true,
-          push: false,
-        },
-        language: 'en',
-      });
-      expect(result.success).toBe(true);
-      if (result.success) {
-        expect(result.data.notifications.email).toBe(true);
-        expect(result.data.notifications.push).toBe(false);
-        expect(result.data.language).toBe('en');
-      }
-    });
-    it('requires notifications object', () => {
-      const result = userSettingsSchema.safeParse({
-        language: 'en',
-      });
-      expect(result.success).toBe(false);
-      if (!result.success) {
-        expect(result.error.issues[0].path).toContain('notifications');
-      }
-    });
-    it('requires both email and push in notifications', () => {
-      const incompleteResult = userSettingsSchema.safeParse({
-        notifications: {
-          email: true,
-          // push missing
-        },
-        language: 'en',
-      });
-      expect(incompleteResult.success).toBe(false);
-      const completeResult = userSettingsSchema.safeParse({
-        notifications: {
-          email: true,
-          push: true,
-        },
-        language: 'en',
-      });
-      expect(completeResult.success).toBe(true);
-    });
-    it('validates notification boolean values', () => {
-      const emailTrueResult = userSettingsSchema.safeParse({
-        notifications: {
-          email: true,
-          push: false,
-        },
-        language: 'en',
-      });
-      expect(emailTrueResult.success).toBe(true);
-      const pushTrueResult = userSettingsSchema.safeParse({
-        notifications: {
-          email: false,
-          push: true,
-        },
-        language: 'en',
-      });
-      expect(pushTrueResult.success).toBe(true);
-    });
-    it('rejects non-boolean notification values', () => {
-      const result = userSettingsSchema.safeParse({
-        notifications: {
-          email: 'true',
-          push: false,
-        },
-        language: 'en',
-      });
-      expect(result.success).toBe(false);
-    });
-    it('requires language field', () => {
-      const result = userSettingsSchema.safeParse({
-        notifications: {
-          email: true,
-          push: true,
-        },
-      });
-      expect(result.success).toBe(false);
-    });
-    it('accepts various language codes', () => {
-      const languages = ['en', 'es', 'fr', 'de', 'zh'];
-      languages.forEach(lang => {
-        const result = userSettingsSchema.safeParse({
-          notifications: {
-            email: true,
-            push: true,
-          },
-          language: lang,
-        });
-        expect(result.success).toBe(true);
-      });
-    });
-  });
-  describe('userPreferencesSchema', () => {
-    it('validates complete preferences', () => {
-      const result = userPreferencesSchema.safeParse({
-        displayName: 'John Doe',
-        timezone: 'America/New_York',
-        dateFormat: 'MM/DD/YYYY',
-        currency: 'USD',
-      });
-      expect(result.success).toBe(true);
-      if (result.success) {
-        expect(result.data.displayName).toBe('John Doe');
-        expect(result.data.timezone).toBe('America/New_York');
-        expect(result.data.dateFormat).toBe('MM/DD/YYYY');
-        expect(result.data.currency).toBe('USD');
-      }
-    });
-    it('validates displayName format', () => {
-      const validResult = userPreferencesSchema.safeParse({
-        displayName: 'Mary Jane',
-        timezone: 'UTC',
-        dateFormat: 'YYYY-MM-DD',
-        currency: 'USD',
-      });
-      expect(validResult.success).toBe(true);
-      const invalidResult = userPreferencesSchema.safeParse({
-        displayName: 'User123',
-        timezone: 'UTC',
-        dateFormat: 'YYYY-MM-DD',
-        currency: 'USD',
-      });
-      expect(invalidResult.success).toBe(false);
-    });
-    it('accepts various timezone formats', () => {
-      const timezones = ['UTC', 'America/New_York', 'Europe/London', 'Asia/Tokyo'];
-      timezones.forEach(tz => {
-        const result = userPreferencesSchema.safeParse({
-          displayName: 'Test User',
-          timezone: tz,
-          dateFormat: 'YYYY-MM-DD',
-          currency: 'USD',
-        });
-        expect(result.success).toBe(true);
-      });
-    });
-    it('accepts various date formats', () => {
-      const dateFormats = ['MM/DD/YYYY', 'DD/MM/YYYY', 'YYYY-MM-DD', 'DD.MM.YYYY'];
-      dateFormats.forEach(format => {
-        const result = userPreferencesSchema.safeParse({
-          displayName: 'Test User',
-          timezone: 'UTC',
-          dateFormat: format,
-          currency: 'USD',
-        });
-        expect(result.success).toBe(true);
-      });
-    });
-    it('accepts various currency codes', () => {
-      const currencies = ['USD', 'EUR', 'GBP', 'JPY', 'CAD'];
-      currencies.forEach(currency => {
-        const result = userPreferencesSchema.safeParse({
-          displayName: 'Test User',
-          timezone: 'UTC',
-          dateFormat: 'YYYY-MM-DD',
-          currency: currency,
-        });
-        expect(result.success).toBe(true);
-      });
-    });
-  });
-  describe('Edge Cases', () => {
-    it('userProfileSchema rejects invalid data types', () => {
-      const invalidResults = [
-        userProfileSchema.safeParse({
-          name: 123,
-          email: 'test@example.com',
-        }),
-        userProfileSchema.safeParse({
-          name: 'Test',
-          email: true,
-        }),
-      ];
-      invalidResults.forEach(result => {
-        expect(result.success).toBe(false);
-      });
-    });
-    it('userSettingsSchema rejects invalid notification structure', () => {
-      const result = userSettingsSchema.safeParse({
-        notifications: {
-          email: true,
-          push: false,
-          invalid: true,
-        },
-        language: 'en',
-      });
-      // May accept extra fields or reject them
-      expect(result.success).toBeDefined();
-    });
-    it('handles very long valid input', () => {
-      const longName = 'A'.repeat(100);
-      const result = userProfileSchema.safeParse({
-        name: longName,
-        email: 'test@example.com',
-      });
-      expect(result.success).toBe(true);
-    });
-  });
-  describe('Integration', () => {
-    it('validates all user schemas together', () => {
-      const profile = {
-        name: 'John Doe',
-        email: 'john@example.com',
-      };
-      const settings = {
-        notifications: {
-          email: true,
-          push: false,
-        },
-        language: 'en',
-      };
-      const preferences = {
-        displayName: 'John Doe',
-        timezone: 'America/New_York',
-        dateFormat: 'MM/DD/YYYY',
-        currency: 'USD',
-      };
-      const profileResult = userProfileSchema.safeParse(profile);
-      const settingsResult = userSettingsSchema.safeParse(settings);
-      const preferencesResult = userPreferencesSchema.safeParse(preferences);
-      expect(profileResult.success).toBe(true);
-      expect(settingsResult.success).toBe(true);
-      expect(preferencesResult.success).toBe(true);
-    });
-    it('handles realistic user data', () => {
-      const realisticProfile = {
-        name: 'Jane Smith',
-        email: 'jane.smith@example.com',
-        phone: '+1-555-123-4567',
-        website: 'https://janesmith.dev',
-        bio: 'Full-stack developer with a passion for clean code.',
-      };
-      const result = userProfileSchema.safeParse(realisticProfile);
-      expect(result.success).toBe(true);
-    });
-  });
-});

package/src/validation/sanitization.ts DELETED Viewed

@@ -1,96 +0,0 @@
-/**
- * @file Input sanitization and validation schemas
- * @description Enhanced validation schemas with security features
- */
-import { z } from 'zod';
-/**
- * Enhanced email schema with security checks
- */
-export const secureEmailSchema = z
-  .string()
-  .min(1, 'Email is required')
-  .email('Invalid email format')
-  .max(254, 'Email too long')
-  .refine(
-    (email) => {
-      if (!email || typeof email !== 'string') return false;
-      // Basic domain validation
-      const domain = email.split('@')[1];
-      return domain && domain.includes('.') && domain.length > 3;
-    },
-    'Invalid email domain'
-  )
-  .transform((email) => sanitizeEmail(email));
-/**
- * Basic email schema for common use
- */
-export const emailSchema = z
-  .string()
-  .min(1, 'Email is required')
-  .email('Invalid email format');
-/**
- * Name validation schema
- */
-export const nameSchema = z
-  .string()
-  .min(1, 'Name is required')
-  .max(100, 'Name too long')
-  .regex(/^[a-zA-Z\s'-]+$/, 'Name contains invalid characters');
-/**
- * Phone validation schema
- */
-export const phoneSchema = z
-  .string()
-  .regex(/^[\+]?[1-9][\d]{0,15}$/, 'Invalid phone number format');
-/**
- * URL validation schema
- */
-export const urlSchema = z
-  .string()
-  .url('Invalid URL format');
-/**
- * Date validation schema
- */
-export const dateSchema = z
-  .string()
-  .regex(/^\d{4}-\d{2}-\d{2}$/, 'Invalid date format (YYYY-MM-DD)');
-/**
- * Secure login schema
- */
-export const secureLoginSchema = z.object({
-  email: secureEmailSchema,
-  password: z.string().min(1, 'Password is required'),
-});
-/**
- * Sanitize email input
- */
-export function sanitizeEmail(email: string): string {
-  if (!email || typeof email !== 'string') {
-    return '';
-  }
-  return email.toLowerCase().trim();
-}
-/**
- * Sanitize string input
- */
-export function sanitizeString(input: string): string {
-  if (!input || typeof input !== 'string') {
-    return '';
-  }
-  return input
-    .replace(/[<>]/g, '') // Remove angle brackets
-    .replace(/javascript:/gi, '') // Remove javascript: protocol
-    .replace(/on\w+=/gi, '') // Remove event handlers
-    .trim();
-}