@zintrust/core 0.1.19 → 0.1.21

package/src/validation/Validator.d.ts

@@ -3,29 +3,47 @@
  * Schema-based input validation with fluent API matching QueryBuilder style
  * Sealed namespace pattern - all exports through Validator namespace
  */
-export type Rule = 'required' | 'email' | 'string' | 'number' | 'boolean' | 'array' | 'integer' | 'min' | 'max' | 'minLength' | 'maxLength' | 'regex' | 'in' | 'custom';
+export type Rule = 'required' | 'email' | 'string' | 'number' | 'boolean' | 'array' | 'integer' | 'min' | 'max' | 'minLength' | 'maxLength' | 'regex' | 'in' | 'custom' | 'alphanumeric' | 'uuid' | 'token' | 'ipAddress' | 'positiveNumber' | 'digits' | 'decimal' | 'url' | 'phone' | 'date';
 export interface ValidationRule {
     rule: Rule;
     value?: unknown;
     message?: string;
 }
-export interface ISchema {
-    required(field: string, message?: string): ISchema;
-    string(field: string, message?: string): ISchema;
-    number(field: string, message?: string): ISchema;
-    integer(field: string, message?: string): ISchema;
-    boolean(field: string, message?: string): ISchema;
-    array(field: string, message?: string): ISchema;
-    email(field: string, message?: string): ISchema;
-    min(field: string, value: number, message?: string): ISchema;
-    max(field: string, value: number, message?: string): ISchema;
-    minLength(field: string, value: number, message?: string): ISchema;
-    maxLength(field: string, value: number, message?: string): ISchema;
-    regex(field: string, pattern: RegExp, message?: string): ISchema;
-    in(field: string, values: unknown[], message?: string): ISchema;
-    custom(field: string, validator: (value: unknown) => boolean, message?: string): ISchema;
+export type CustomValidatorFn = ((value: unknown) => boolean) | ((value: unknown, data: Record<string, unknown>) => boolean);
+export interface ISchemaBase<TReturn> {
+    required(field: string, message?: string): TReturn;
+    string(field: string, message?: string): TReturn;
+    number(field: string, message?: string): TReturn;
+    integer(field: string, message?: string): TReturn;
+    boolean(field: string, message?: string): TReturn;
+    array(field: string, message?: string): TReturn;
+    email(field: string, message?: string): TReturn;
+    min(field: string, value: number, message?: string): TReturn;
+    max(field: string, value: number, message?: string): TReturn;
+    minLength(field: string, value: number, message?: string): TReturn;
+    maxLength(field: string, value: number, message?: string): TReturn;
+    regex(field: string, pattern: RegExp, message?: string): TReturn;
+    in(field: string, values: unknown[], message?: string): TReturn;
+    custom(field: string, validator: CustomValidatorFn, message?: string): TReturn;
+    alphanumeric(field: string, message?: string): TReturn;
+    uuid(field: string, message?: string): TReturn;
+    token(field: string, message?: string): TReturn;
+    ipAddress(field: string, message?: string): TReturn;
+    positiveNumber(field: string, message?: string): TReturn;
+    digits(field: string, message?: string): TReturn;
+    decimal(field: string, message?: string): TReturn;
+    url(field: string, message?: string): TReturn;
+    phone(field: string, message?: string): TReturn;
+    date(field: string, message?: string): TReturn;
     getRules(): Map<string, ValidationRule[]>;
 }
+export type ISchema = ISchemaBase<ISchema>;
+export type TypedSchema<T> = ISchemaBase<TypedSchema<T>> & {
+    readonly __type?: T;
+};
+export type InferSchema<TSchema> = TSchema extends {
+    readonly __type?: infer T;
+} ? unknown extends T ? never : T : never;
 export interface SchemaType {
     create(): ISchema;
 }
@@ -38,7 +56,14 @@ export declare const Schema: Readonly<{
      * Create a new schema instance
      */
     create(): ISchema;
+    /**
+     * Create a schema instance carrying a declared TypeScript shape.
+     * This enables schema-inferred request typing when paired with validation middleware.
+     */
+    typed<T>(): TypedSchema<T>;
 }>;
+type RuleStringInput = string | string[];
+export type RuleStringMap = Record<string, RuleStringInput>;
 /**
  * Validator validates data against a schema
  */
@@ -48,9 +73,17 @@ export declare const Validator: Readonly<{
          * Create a new schema instance
          */
         create(): ISchema;
+        /**
+         * Create a schema instance carrying a declared TypeScript shape.
+         * This enables schema-inferred request typing when paired with validation middleware.
+         */
+        typed<T>(): TypedSchema<T>;
     }>;
     validate: (data: Record<string, unknown>, schema: ISchema) => Record<string, unknown>;
     isValid: (data: Record<string, unknown>, schema: ISchema) => boolean;
+    rulesToSchema: (rules: RuleStringMap) => ISchema;
+    validateRules: (data: Record<string, unknown>, rules: RuleStringMap) => Record<string, unknown>;
+    isValidRules: (data: Record<string, unknown>, rules: RuleStringMap) => boolean;
 }>;
 /**
  * Export ValidationError for use in tests and applications

package/src/validation/Validator.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Validator.d.ts","sourceRoot":"","sources":["../../../src/validation/Validator.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,MAAM,MAAM,IAAI,GACZ,UAAU,GACV,OAAO,GACP,QAAQ,GACR,QAAQ,GACR,SAAS,GACT,OAAO,GACP,SAAS,GACT,KAAK,GACL,KAAK,GACL,WAAW,GACX,WAAW,GACX,OAAO,GACP,IAAI,GACJ,QAAQ,CAAC;AAEb,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,IAAI,CAAC;IACX,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,OAAO;IACtB,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACnD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACjD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACjD,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAClD,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAClD,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAChD,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAChD,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAC7D,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAC7D,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACnE,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACnE,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACjE,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAChE,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,OAAO,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACzF,QAAQ,IAAI,GAAG,CAAC,MAAM,EAAE,cAAc,EAAE,CAAC,CAAC;CAC3C;AA2BD,MAAM,WAAW,UAAU;IACzB,MAAM,IAAI,OAAO,CAAC;CACnB;AAED;;;GAGG;AACH,eAAO,MAAM,MAAM;IACjB;;OAEG;cACO,OAAO;EAuBjB,CAAC;AA4LH;;GAEG;AAEH,eAAO,MAAM,SAAS;;QA1NpB;;WAEG;kBACO,OAAO;;qBA4BK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,OAAO,KAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;oBAyBnE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,OAAO,KAAG,OAAO;EAsKvE,CAAC;AAEH;;GAEG;AACH,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,YAAY,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC"}
+{"version":3,"file":"Validator.d.ts","sourceRoot":"","sources":["../../../src/validation/Validator.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH,MAAM,MAAM,IAAI,GACZ,UAAU,GACV,OAAO,GACP,QAAQ,GACR,QAAQ,GACR,SAAS,GACT,OAAO,GACP,SAAS,GACT,KAAK,GACL,KAAK,GACL,WAAW,GACX,WAAW,GACX,OAAO,GACP,IAAI,GACJ,QAAQ,GACR,cAAc,GACd,MAAM,GACN,OAAO,GACP,WAAW,GACX,gBAAgB,GAChB,QAAQ,GACR,SAAS,GACT,KAAK,GACL,OAAO,GACP,MAAM,CAAC;AAEX,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,IAAI,CAAC;IACX,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,MAAM,iBAAiB,GACzB,CAAC,CAAC,KAAK,EAAE,OAAO,KAAK,OAAO,CAAC,GAC7B,CAAC,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,CAAC;AAEjE,MAAM,WAAW,WAAW,CAAC,OAAO;IAClC,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACnD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACjD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACjD,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAClD,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAClD,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAChD,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAChD,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAC7D,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAC7D,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACnE,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACnE,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACjE,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAChE,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAC/E,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACvD,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAC/C,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAChD,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACpD,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACzD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IACjD,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAClD,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAC9C,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAChD,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAC/C,QAAQ,IAAI,GAAG,CAAC,MAAM,EAAE,cAAc,EAAE,CAAC,CAAC;CAC3C;AAED,MAAM,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;AAE3C,MAAM,MAAM,WAAW,CAAC,CAAC,IAAI,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,GAAG;IAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;CAAE,CAAC;AAEnF,MAAM,MAAM,WAAW,CAAC,OAAO,IAAI,OAAO,SAAS;IAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,CAAA;CAAE,GAC5E,OAAO,SAAS,CAAC,GACf,KAAK,GACL,CAAC,GACH,KAAK,CAAC;AA2BV,MAAM,WAAW,UAAU;IACzB,MAAM,IAAI,OAAO,CAAC;CACnB;AAED;;;GAGG;AACH,eAAO,MAAM,MAAM;IACjB;;OAEG;cACO,OAAO;IAkCjB;;;OAGG;UACG,CAAC,KAAK,WAAW,CAAC,CAAC,CAAC;EAG1B,CAAC;AA8EH,KAAK,eAAe,GAAG,MAAM,GAAG,MAAM,EAAE,CAAC;AACzC,MAAM,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;AAsa5D;;GAEG;AAEH,eAAO,MAAM,SAAS;;QAriBpB;;WAEG;kBACO,OAAO;QAkCjB;;;WAGG;cACG,CAAC,KAAK,WAAW,CAAC,CAAC,CAAC;;qBAQJ,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,OAAO,KAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;oBAyBnE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,OAAO,KAAG,OAAO;2BAmN3C,aAAa,KAAG,OAAO;0BA6B7C,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,SACtB,aAAa,KACnB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;yBAIE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,SAAS,aAAa,KAAG,OAAO;EA4OjF,CAAC;AAEH;;GAEG;AACH,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,YAAY,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC"}

package/src/validation/Validator.js

@@ -42,10 +42,27 @@ export const Schema = Object.freeze({
             regex: (f, p, m) => addComplexRule(schema, rules, f, 'regex', p, m),
             in: (f, v, m) => addComplexRule(schema, rules, f, 'in', v, m),
             custom: (f, v, m) => addComplexRule(schema, rules, f, 'custom', v, m),
+            alphanumeric: (f, m) => addSimpleRule(schema, rules, f, 'alphanumeric', m),
+            uuid: (f, m) => addSimpleRule(schema, rules, f, 'uuid', m),
+            token: (f, m) => addSimpleRule(schema, rules, f, 'token', m),
+            ipAddress: (f, m) => addSimpleRule(schema, rules, f, 'ipAddress', m),
+            positiveNumber: (f, m) => addSimpleRule(schema, rules, f, 'positiveNumber', m),
+            digits: (f, m) => addSimpleRule(schema, rules, f, 'digits', m),
+            decimal: (f, m) => addSimpleRule(schema, rules, f, 'decimal', m),
+            url: (f, m) => addSimpleRule(schema, rules, f, 'url', m),
+            phone: (f, m) => addSimpleRule(schema, rules, f, 'phone', m),
+            date: (f, m) => addSimpleRule(schema, rules, f, 'date', m),
             getRules: () => rules,
         };
         return schema;
     },
+    /**
+     * Create a schema instance carrying a declared TypeScript shape.
+     * This enables schema-inferred request typing when paired with validation middleware.
+     */
+    typed() {
+        return Schema.create();
+    },
 });
 /**
  * Validate data against schema
@@ -56,7 +73,7 @@ const validate = (data, schema) => {
     for (const [field, fieldRules] of rules.entries()) {
         const value = data[field];
         for (const rule of fieldRules) {
-            const error = validateRule(field, value, rule);
+            const error = validateRule(field, value, rule, data);
             if (error !== null) {
                 errors.push(error);
             }
@@ -80,7 +97,7 @@ const isValid = (data, schema) => {
         return false;
     }
 };
-function validateRule(field, value, rule) {
+function validateRule(field, value, rule, data) {
     const message = (rule?.message ?? '') || getDefaultMessage(field, rule.rule);
     const validators = {
         required: () => validateRequired(field, value, message),
@@ -96,10 +113,204 @@ function validateRule(field, value, rule) {
         maxLength: () => validateMaxLength(field, value, rule.value, message),
         regex: () => validateRegex(field, value, rule.value, message),
         in: () => validateIn(field, value, rule.value, message),
-        custom: () => validateCustom(field, value, rule.value, message),
+        custom: () => validateCustom(field, value, rule.value, message, data),
+        alphanumeric: () => validateAlphanumeric(field, value, message),
+        uuid: () => validateUuid(field, value, message),
+        token: () => validateToken(field, value, message),
+        ipAddress: () => validateIpAddress(field, value, message),
+        positiveNumber: () => validatePositiveNumber(field, value, message),
+        digits: () => validateDigits(field, value, message),
+        decimal: () => validateDecimal(field, value, message),
+        url: () => validateUrl(field, value, message),
+        phone: () => validatePhone(field, value, message),
+        date: () => validateDate(field, value, message),
     };
     return validators[rule.rule]?.() ?? null;
 }
+const splitRuleTokens = (input) => {
+    if (Array.isArray(input))
+        return input.flatMap((v) => splitRuleTokens(v));
+    const trimmed = input.trim();
+    if (trimmed === '')
+        return [];
+    return trimmed
+        .split('|')
+        .map((t) => t.trim())
+        .filter((t) => t !== '');
+};
+const parseRegexLiteral = (raw) => {
+    const trimmed = raw.trim();
+    if (!trimmed.startsWith('/') || trimmed.length < 2)
+        return null;
+    const lastSlash = trimmed.lastIndexOf('/');
+    if (lastSlash <= 0)
+        return null;
+    const pattern = trimmed.slice(1, lastSlash);
+    const flags = trimmed.slice(lastSlash + 1);
+    if (pattern.length === 0)
+        return null;
+    if (pattern.length > 500)
+        return null;
+    if (flags.length > 10)
+        return null;
+    try {
+        return new RegExp(pattern, flags);
+    }
+    catch {
+        return null;
+    }
+};
+const parseNumberArg = (arg) => {
+    if (arg === undefined)
+        return null;
+    const n = Number.parseFloat(arg);
+    if (Number.isNaN(n))
+        return null;
+    return n;
+};
+const parseInArgs = (arg) => {
+    return (arg ?? '')
+        .split(',')
+        .map((p) => p.trim())
+        .filter((p) => p !== '');
+};
+const ruleStringTokenHandlers = {
+    required: ({ schema, field }) => {
+        schema.required(field);
+    },
+    string: ({ schema, field }) => {
+        schema.string(field);
+    },
+    number: ({ schema, field }) => {
+        schema.number(field);
+    },
+    integer: ({ schema, field }) => {
+        schema.integer(field);
+    },
+    boolean: ({ schema, field }) => {
+        schema.boolean(field);
+    },
+    array: ({ schema, field }) => {
+        schema.array(field);
+    },
+    email: ({ schema, field }) => {
+        schema.email(field);
+    },
+    alphanumeric: ({ schema, field }) => {
+        schema.alphanumeric(field);
+    },
+    uuid: ({ schema, field }) => {
+        schema.uuid(field);
+    },
+    token: ({ schema, field }) => {
+        schema.token(field);
+    },
+    ipAddress: ({ schema, field }) => {
+        schema.ipAddress(field);
+    },
+    ip: ({ schema, field }) => {
+        schema.ipAddress(field);
+    },
+    positiveNumber: ({ schema, field }) => {
+        schema.positiveNumber(field);
+    },
+    positive: ({ schema, field }) => {
+        schema.positiveNumber(field);
+    },
+    digits: ({ schema, field }) => {
+        schema.digits(field);
+    },
+    decimal: ({ schema, field }) => {
+        schema.decimal(field);
+    },
+    url: ({ schema, field }) => {
+        schema.url(field);
+    },
+    phone: ({ schema, field }) => {
+        schema.phone(field);
+    },
+    date: ({ schema, field }) => {
+        schema.date(field);
+    },
+    min: ({ schema, field, tokenSet, arg }) => {
+        const n = parseNumberArg(arg);
+        if (n === null)
+            return;
+        if (tokenSet.has('string') || tokenSet.has('array'))
+            schema.minLength(field, n);
+        else
+            schema.min(field, n);
+    },
+    max: ({ schema, field, tokenSet, arg }) => {
+        const n = parseNumberArg(arg);
+        if (n === null)
+            return;
+        if (tokenSet.has('string') || tokenSet.has('array'))
+            schema.maxLength(field, n);
+        else
+            schema.max(field, n);
+    },
+    minLength: ({ schema, field, arg }) => {
+        const n = parseNumberArg(arg);
+        if (n === null)
+            return;
+        schema.minLength(field, n);
+    },
+    maxLength: ({ schema, field, arg }) => {
+        const n = parseNumberArg(arg);
+        if (n === null)
+            return;
+        schema.maxLength(field, n);
+    },
+    regex: ({ schema, field, arg }) => {
+        if (arg === undefined)
+            return;
+        const re = parseRegexLiteral(arg);
+        if (re === null)
+            return;
+        schema.regex(field, re);
+    },
+    in: ({ schema, field, arg }) => {
+        schema.in(field, parseInArgs(arg));
+    },
+    confirmed: ({ schema, field }) => {
+        schema.custom(field, (value, data) => value === data[`${field}_confirmation`], `${field} confirmation does not match`);
+    },
+    nullable: () => {
+        // Not needed here; missing/undefined is already allowed unless required.
+    },
+    unique: ({ schema, field }) => {
+        schema.custom(field, () => false, `${field} unique validation is not supported in the core rule-string API yet`);
+    },
+};
+const rulesToSchema = (rules) => {
+    const schema = Schema.create();
+    for (const [field, input] of Object.entries(rules)) {
+        const tokens = splitRuleTokens(input);
+        const tokenNames = tokens
+            .map((t) => t.split(':', 1)[0]?.trim())
+            .filter((t) => typeof t === 'string' && t !== '');
+        const tokenSet = new Set(tokenNames);
+        for (const token of tokens) {
+            const [nameRaw, argRaw] = token.split(':', 2);
+            const name = nameRaw.trim();
+            const arg = typeof argRaw === 'string' ? argRaw.trim() : undefined;
+            const handler = ruleStringTokenHandlers[name];
+            if (handler !== undefined) {
+                handler({ schema, field, tokenSet, name, arg });
+                continue;
+            }
+            schema.custom(field, () => false, `${field} has unknown rule: ${name}`);
+        }
+    }
+    return schema;
+};
+const validateRules = (data, rules) => {
+    return validate(data, rulesToSchema(rules));
+};
+const isValidRules = (data, rules) => {
+    return isValid(data, rulesToSchema(rules));
+};
 function validateRequired(field, value, message) {
     return value === null || value === undefined || value === ''
         ? { field, message, rule: 'required' }
@@ -129,6 +340,81 @@ function validateEmail(field, value, message) {
         ? { field, message, rule: 'email' }
         : null;
 }
+function validateAlphanumeric(field, value, message) {
+    return typeof value === 'string' && /^[A-Za-z0-9]+$/.test(value)
+        ? null
+        : { field, message, rule: 'alphanumeric' };
+}
+function validateUuid(field, value, message) {
+    const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
+    return typeof value === 'string' && uuidRegex.test(value)
+        ? null
+        : { field, message, rule: 'uuid' };
+}
+function validateToken(field, value, message) {
+    return typeof value === 'string' && /^[A-Za-z0-9\-=_]+$/.test(value)
+        ? null
+        : { field, message, rule: 'token' };
+}
+function validateIpAddress(field, value, message) {
+    if (typeof value !== 'string')
+        return { field, message, rule: 'ipAddress' };
+    // IPv4: simplified pattern - match four dot-separated numbers (0-255)
+    const parts = value.split('.');
+    if (parts.length === 4) {
+        const isValidIpv4 = parts.every((part) => {
+            const num = Number.parseInt(part, 10);
+            return /^\d+$/.test(part) && num >= 0 && num <= 255;
+        });
+        if (isValidIpv4)
+            return null;
+    }
+    // IPv6 (simplified)
+    const ipv6Regex = /^([\da-f]{1,4}:){7}[\da-f]{1,4}$/i;
+    return ipv6Regex.test(value) ? null : { field, message, rule: 'ipAddress' };
+}
+function validatePositiveNumber(field, value, message) {
+    return typeof value === 'number' && value > 0 ? null : { field, message, rule: 'positiveNumber' };
+}
+function validateDigits(field, value, message) {
+    return typeof value === 'string' && /^\d+$/.test(value)
+        ? null
+        : { field, message, rule: 'digits' };
+}
+function validateDecimal(field, value, message) {
+    return typeof value === 'string' && /^\d+(\.\d+)?$/.test(value)
+        ? null
+        : { field, message, rule: 'decimal' };
+}
+function validateUrl(field, value, message) {
+    if (typeof value !== 'string')
+        return { field, message, rule: 'url' };
+    try {
+        const url = new URL(value);
+        return url.protocol === 'http:' || url.protocol === 'https:'
+            ? null
+            : { field, message, rule: 'url' };
+    }
+    catch {
+        return { field, message, rule: 'url' };
+    }
+}
+function validatePhone(field, value, message) {
+    // International phone format with optional + and spaces/dashes
+    const phoneRegex = /^\+?[1-9]\d{1,14}$/;
+    const cleanedValue = typeof value === 'string' ? value.replaceAll(/[\s\-()]/g, '') : String(value);
+    return phoneRegex.test(cleanedValue) ? null : { field, message, rule: 'phone' };
+}
+function validateDate(field, value, message) {
+    if (value instanceof Date) {
+        return Number.isNaN(value.getTime()) ? { field, message, rule: 'date' } : null;
+    }
+    if (typeof value === 'string') {
+        const date = new Date(value);
+        return Number.isNaN(date.getTime()) ? { field, message, rule: 'date' } : null;
+    }
+    return { field, message, rule: 'date' };
+}
 function validateMin(field, value, minValue, message) {
     return typeof value === 'number' && value < minValue ? { field, message, rule: 'min' } : null;
 }
@@ -153,8 +439,11 @@ function validateRegex(field, value, pattern, message) {
 function validateIn(field, value, values, message) {
     return values.includes(value) ? null : { field, message, rule: 'in' };
 }
-function validateCustom(field, value, validator, message) {
-    return validator(value) ? null : { field, message, rule: 'custom' };
+function validateCustom(field, value, validator, message, data) {
+    const ok = typeof validator === 'function' && validator.length >= 2 && data !== undefined
+        ? validator(value, data)
+        : validator(value);
+    return ok ? null : { field, message, rule: 'custom' };
 }
 function getDefaultMessage(field, rule) {
     const messages = {
@@ -172,6 +461,16 @@ function getDefaultMessage(field, rule) {
         regex: `${field} format is invalid`,
         in: `${field} value is not allowed`,
         custom: `${field} validation failed`,
+        alphanumeric: `${field} must contain only letters and numbers`,
+        uuid: `${field} must be a valid UUID`,
+        token: `${field} must be a valid token`,
+        ipAddress: `${field} must be a valid IP address`,
+        positiveNumber: `${field} must be a positive number`,
+        digits: `${field} must contain only digits`,
+        decimal: `${field} must be a valid decimal number`,
+        url: `${field} must be a valid URL`,
+        phone: `${field} must be a valid phone number`,
+        date: `${field} must be a valid date`,
     };
     return messages[rule];
 }
@@ -183,6 +482,9 @@ export const Validator = Object.freeze({
     Schema,
     validate,
     isValid,
+    rulesToSchema,
+    validateRules,
+    isValidRules,
 });
 /**
  * Export ValidationError for use in tests and applications

package/src/common/uuid.d.ts

@@ -1,3 +0,0 @@
-export declare const generateUuid: () => string;
-export declare function generateSecureJobId(errMsg?: string): string;
-//# sourceMappingURL=uuid.d.ts.map

package/src/common/uuid.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"uuid.d.ts","sourceRoot":"","sources":["../../../src/common/uuid.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,YAAY,QAAO,MAG/B,CAAC;AAEF,wBAAgB,mBAAmB,CACjC,MAAM,GAAE,MAAgE,GACvE,MAAM,CAoBR"}

package/src/common/uuid.js

@@ -1,30 +0,0 @@
-import { ErrorFactory } from '../exceptions/ZintrustError.js';
-import { randomBytes } from '../node-singletons/crypto.js';
-export const generateUuid = () => {
-    if (typeof globalThis?.crypto?.randomUUID === 'function')
-        return globalThis.crypto.randomUUID();
-    return `${Date.now()}-${Math.random().toString(36).slice(2, 9)}`; // NOSONAR
-};
-export function generateSecureJobId(errMsg = 'Secure crypto API not available to generate a job id.') {
-    if (typeof globalThis.crypto?.randomUUID === 'function') {
-        return globalThis.crypto.randomUUID();
-    }
-    if (typeof globalThis.crypto?.getRandomValues === 'function') {
-        const bytes = new Uint8Array(16);
-        globalThis.crypto.getRandomValues(bytes);
-        return bytesToHex(bytes);
-    }
-    // Node fallback for environments without Web Crypto
-    try {
-        return randomBytes(16).toString('hex');
-    }
-    catch (error) {
-        throw ErrorFactory.createTryCatchError(errMsg || 'Secure crypto API not available to generate a job id.', error);
-    }
-}
-function bytesToHex(bytes) {
-    let out = '';
-    for (const b of bytes)
-        out += b.toString(16).padStart(2, '0');
-    return out;
-}

package/src/templates/project/basic/.env.example.tpl

@@ -1,74 +0,0 @@
-NODE_ENV=development
-APP_NAME={{projectName}}
-PORT={{port}}
-APP_DEBUG=true
-APP_KEY=
-
-DB_CONNECTION=sqlite
-DB_DATABASE=./database.sqlite
-
-LOG_LEVEL=debug
-LOG_CHANNEL=file
-LOG_FORMAT=text
-
-# Cloud logging backends (optional)
-# KV logger (Cloudflare Workers KV)
-KV_LOG_ENABLED=false
-KV_NAMESPACE=CACHE
-KV_LOG_RETENTION_DAYS=30
-
-# Slack logger (Slack incoming webhook)
-SLACK_LOG_ENABLED=false
-SLACK_LOG_WEBHOOK_URL=
-SLACK_LOG_LEVELS=warn,error,fatal
-SLACK_LOG_BATCH_WINDOW_MS=5000
-
-# HTTP endpoint logger
-HTTP_LOG_ENABLED=false
-HTTP_LOG_ENDPOINT_URL=
-HTTP_LOG_BATCH_SIZE=50
-HTTP_LOG_AUTH_TOKEN=
-
-JWT_SECRET=
-JWT_EXPIRES_IN=1h
-
-CACHE_DRIVER=memory
-CACHE_TTL=300
-QUEUE_DRIVER=sync
-
-MAIL_DRIVER=smtp
-MAIL_HOST=
-MAIL_PORT=587
-MAIL_USERNAME=
-MAIL_PASSWORD=
-MAIL_FROM_ADDRESS=
-MAIL_FROM_NAME=
-
-# Storage
-STORAGE_DRIVER=local
-STORAGE_PATH=storage
-STORAGE_URL=/storage
-STORAGE_VISIBILITY=private
-
-# AWS S3
-AWS_ACCESS_KEY_ID=
-AWS_SECRET_ACCESS_KEY=
-AWS_REGION=us-east-1
-AWS_S3_BUCKET=
-AWS_S3_URL=
-AWS_S3_ENDPOINT=
-AWS_S3_USE_PATH_STYLE_URL=false
-
-# Cloudflare R2
-R2_ACCESS_KEY_ID=
-R2_SECRET_ACCESS_KEY=
-R2_REGION=
-R2_BUCKET=
-R2_ENDPOINT=
-R2_URL=
-
-# Google Cloud Storage (requires optional dependency @google-cloud/storage)
-GCS_PROJECT_ID=
-GCS_KEY_FILE=
-GCS_BUCKET=
-GCS_URL=