@zipbul/baker 3.0.1 → 3.2.0

package/CHANGELOG.md

@@ -1,5 +1,34 @@
 # @zipbul/baker
 
+## 3.2.0
+
+### Minor Changes
+
+- 6b07d8d: Add the `oneOf` rule combinator and `arrayEvery`, `isRegExp`, `isFunction` rules.
+
+  - `oneOf(...rules)` — OR combinator: a value is valid if it matches at least one of the
+    given rules (first match wins, short-circuit). Fills baker's union-validation gap for
+    native-type unions (e.g. `boolean | string | RegExp | ...`) that the object discriminator
+    can't express. Sync branches compile to an inlined `||`; an async branch makes the rule
+    async. Note: semantics is "matches at least one" — not JSON-Schema `oneOf` (exactly-one).
+  - `arrayEvery(...rules)` — value is an array and every element satisfies all given rules.
+    Composable as a rule (e.g. `oneOf(isString, arrayEvery(isString))` for `string | string[]`).
+  - `isRegExp` / `isFunction` — the two missing type-checker primitives (`instanceof RegExp`,
+    `typeof === 'function'`).
+
+  All exported from `@zipbul/baker/rules`.
+
+## 3.1.0
+
+### Minor Changes
+
+- c40834b: Add `isOrigin` and `isCorsOrigin` string rules for RFC 6454 §6.2 serialized-origin
+  validation. `isOrigin` accepts only the canonical WHATWG URL `.origin` form (rejecting
+  trailing slash, path/query/fragment, uppercase scheme/host, explicit default ports,
+  userinfo, and raw IDN — punycode required) plus the opaque `'null'` literal. `isCorsOrigin`
+  is the CORS superset that additionally accepts the `'*'` wildcard. Both work standalone
+  (`isOrigin('https://a.com')`) and as `@Field` rules.
+
 ## 3.0.1
 
 ### Patch Changes

package/dist/src/rules/combinators.d.ts

@@ -0,0 +1,4 @@
+import type { EmittableRule } from '../types';
+declare function oneOf(...branches: EmittableRule[]): EmittableRule;
+declare function arrayEvery(...rules: EmittableRule[]): EmittableRule;
+export { oneOf, arrayEvery };

package/dist/src/rules/combinators.js

@@ -0,0 +1,111 @@
+import { BakerError } from '../errors.js';
+import { makeRule } from '../rule-plan.js';
+// ─────────────────────────────────────────────────────────────────────────────
+// Helpers
+// ─────────────────────────────────────────────────────────────────────────────
+/** Assert that a value is a baker rule (callable with `.emit` fn + `.ruleName` string). */
+function assertRuleArg(value, combinator) {
+    if (typeof value === 'function' &&
+        typeof value.emit === 'function' &&
+        typeof value.ruleName === 'string') {
+        return;
+    }
+    throw new BakerError(`${combinator}: every argument must be a baker rule (function with .emit and .ruleName). Use createRule() or import a rule from @zipbul/baker/rules.`);
+}
+// ─────────────────────────────────────────────────────────────────────────────
+// oneOf — OR combinator: value matches at least one of the given rules.
+// (Not JSON-Schema `oneOf`/exactly-one — semantics is "matches at least one",
+//  first matching branch wins, short-circuit.)
+// ─────────────────────────────────────────────────────────────────────────────
+function oneOf(...branches) {
+    if (branches.length === 0) {
+        throw new BakerError('oneOf requires at least one rule.');
+    }
+    for (const b of branches) {
+        assertRuleArg(b, 'oneOf');
+    }
+    const constraints = { oneOf: branches.map(b => b.ruleName) };
+    const isAsync = branches.some(b => b.isAsync === true);
+    if (isAsync) {
+        const validate = async (value) => {
+            for (const b of branches) {
+                if (await b(value)) {
+                    return true;
+                }
+            }
+            return false;
+        };
+        return makeRule({
+            name: 'oneOf',
+            constraints,
+            isAsync: true,
+            validate,
+            emit: (varName, ctx) => {
+                const i = ctx.addRef(validate);
+                return `if (!(await refs[${i}](${varName}))) ${ctx.fail('oneOf')};`;
+            },
+        });
+    }
+    const validate = (value) => branches.some(b => b(value));
+    return makeRule({
+        name: 'oneOf',
+        constraints,
+        validate,
+        emit: (varName, ctx) => {
+            const calls = branches.map(b => `refs[${ctx.addRef(b)}](${varName})`).join(' || ');
+            return `if (!(${calls})) ${ctx.fail('oneOf')};`;
+        },
+    });
+}
+// ─────────────────────────────────────────────────────────────────────────────
+// arrayEvery — value is an array and every element satisfies all given rules
+// (AND over the rules, applied per element). Arrays only — Set/Map element
+// validation stays at the @Field level via arrayOf.
+// ─────────────────────────────────────────────────────────────────────────────
+function arrayEvery(...rules) {
+    if (rules.length === 0) {
+        throw new BakerError('arrayEvery requires at least one rule.');
+    }
+    for (const r of rules) {
+        assertRuleArg(r, 'arrayEvery');
+    }
+    const constraints = { arrayEvery: rules.map(r => r.ruleName) };
+    const isAsync = rules.some(r => r.isAsync === true);
+    if (isAsync) {
+        const validate = async (value) => {
+            if (!Array.isArray(value)) {
+                return false;
+            }
+            for (const el of value) {
+                for (const r of rules) {
+                    if (!(await r(el))) {
+                        return false;
+                    }
+                }
+            }
+            return true;
+        };
+        return makeRule({
+            name: 'arrayEvery',
+            constraints,
+            isAsync: true,
+            validate,
+            emit: (varName, ctx) => {
+                const i = ctx.addRef(validate);
+                return `if (!(await refs[${i}](${varName}))) ${ctx.fail('arrayEvery')};`;
+            },
+        });
+    }
+    const elementPredicate = (el) => rules.every(r => r(el));
+    const validate = (value) => Array.isArray(value) && value.every(elementPredicate);
+    return makeRule({
+        name: 'arrayEvery',
+        constraints,
+        validate,
+        emit: (varName, ctx) => {
+            const i = ctx.addRef(elementPredicate);
+            return `if (!(Array.isArray(${varName}) && ${varName}.every(refs[${i}]))) ${ctx.fail('arrayEvery')};`;
+        },
+    });
+}
+export { oneOf, arrayEvery };

package/dist/src/rules/index.d.ts

@@ -1,9 +1,10 @@
-export { isString, isNumber, isBoolean, isDate, isEnum, isInt, isArray, isObject } from './typechecker';
+export { isString, isNumber, isBoolean, isDate, isEnum, isInt, isArray, isObject, isRegExp, isFunction } from './typechecker';
 export type { IsNumberOptions } from './typechecker';
+export { oneOf, arrayEvery } from './combinators';
 export { min, max, isPositive, isNegative, isDivisibleBy } from './number';
 export { minDate, maxDate } from './date';
 export { equals, notEquals, isEmpty, isNotEmpty, isIn, isNotIn } from './common';
-export { minLength, maxLength, length, contains, notContains, matches, isLowercase, isUppercase, isAscii, isAlpha, isAlphanumeric, isHttpToken, isBooleanString, isNumberString, isDecimal, isFullWidth, isHalfWidth, isVariableWidth, isMultibyte, isSurrogatePair, isHexadecimal, isOctal, isEmail, isURL, isUUID, isIP, isHexColor, isRgbColor, isHSL, isMACAddress, isISBN, isISIN, isISO8601, isISRC, isISSN, isJWT, isLatLong, isLocale, isDataURI, isFQDN, isPort, isEAN, isISO31661Alpha2, isISO31661Alpha3, isBIC, isFirebasePushId, isSemVer, isMongoId, isJSON, isBase32, isBase58, isBase64, isDateString, isMimeType, isCurrency, isMagnetURI, isCreditCard, isIBAN, isByteLength, isHash, isRFC3339, isMilitaryTime, isLatitude, isLongitude, isEthereumAddress, isBtcAddress, isISO4217CurrencyCode, isPhoneNumber, isStrongPassword, isTaxId, isULID, isCUID2, } from './string';
+export { minLength, maxLength, length, contains, notContains, matches, isLowercase, isUppercase, isAscii, isAlpha, isAlphanumeric, isHttpToken, isOrigin, isCorsOrigin, isBooleanString, isNumberString, isDecimal, isFullWidth, isHalfWidth, isVariableWidth, isMultibyte, isSurrogatePair, isHexadecimal, isOctal, isEmail, isURL, isUUID, isIP, isHexColor, isRgbColor, isHSL, isMACAddress, isISBN, isISIN, isISO8601, isISRC, isISSN, isJWT, isLatLong, isLocale, isDataURI, isFQDN, isPort, isEAN, isISO31661Alpha2, isISO31661Alpha3, isBIC, isFirebasePushId, isSemVer, isMongoId, isJSON, isBase32, isBase58, isBase64, isDateString, isMimeType, isCurrency, isMagnetURI, isCreditCard, isIBAN, isByteLength, isHash, isRFC3339, isMilitaryTime, isLatitude, isLongitude, isEthereumAddress, isBtcAddress, isISO4217CurrencyCode, isPhoneNumber, isStrongPassword, isTaxId, isULID, isCUID2, } from './string';
 export type { IsURLOptions, IsBase64Options, IsMACAddressOptions, IsIBANOptions, IsISSNOptions, IsFQDNOptions, IsISO8601Options, IsNumberStringOptions, IsStrongPasswordOptions, } from './string';
 export { arrayContains, arrayNotContains, arrayMinSize, arrayMaxSize, arrayUnique, arrayNotEmpty } from './array';
 export { isNotEmptyObject, isInstance } from './object';

package/dist/src/rules/index.js

@@ -1,8 +1,9 @@
-export { isString, isNumber, isBoolean, isDate, isEnum, isInt, isArray, isObject } from './typechecker.js';
+export { isString, isNumber, isBoolean, isDate, isEnum, isInt, isArray, isObject, isRegExp, isFunction } from './typechecker.js';
+export { oneOf, arrayEvery } from './combinators.js';
 export { min, max, isPositive, isNegative, isDivisibleBy } from './number.js';
 export { minDate, maxDate } from './date.js';
 export { equals, notEquals, isEmpty, isNotEmpty, isIn, isNotIn } from './common.js';
-export { minLength, maxLength, length, contains, notContains, matches, isLowercase, isUppercase, isAscii, isAlpha, isAlphanumeric, isHttpToken, isBooleanString, isNumberString, isDecimal, isFullWidth, isHalfWidth, isVariableWidth, isMultibyte, isSurrogatePair, isHexadecimal, isOctal, isEmail, isURL, isUUID, isIP, isHexColor, isRgbColor, isHSL, isMACAddress, isISBN, isISIN, isISO8601, isISRC, isISSN, isJWT, isLatLong, isLocale, isDataURI, isFQDN, isPort, isEAN, isISO31661Alpha2, isISO31661Alpha3, isBIC, isFirebasePushId, isSemVer, isMongoId, isJSON, isBase32, isBase58, isBase64, isDateString, isMimeType, isCurrency, isMagnetURI, isCreditCard, isIBAN, isByteLength, isHash, isRFC3339, isMilitaryTime, isLatitude, isLongitude, isEthereumAddress, isBtcAddress, isISO4217CurrencyCode, isPhoneNumber, isStrongPassword, isTaxId, isULID, isCUID2, } from './string.js';
+export { minLength, maxLength, length, contains, notContains, matches, isLowercase, isUppercase, isAscii, isAlpha, isAlphanumeric, isHttpToken, isOrigin, isCorsOrigin, isBooleanString, isNumberString, isDecimal, isFullWidth, isHalfWidth, isVariableWidth, isMultibyte, isSurrogatePair, isHexadecimal, isOctal, isEmail, isURL, isUUID, isIP, isHexColor, isRgbColor, isHSL, isMACAddress, isISBN, isISIN, isISO8601, isISRC, isISSN, isJWT, isLatLong, isLocale, isDataURI, isFQDN, isPort, isEAN, isISO31661Alpha2, isISO31661Alpha3, isBIC, isFirebasePushId, isSemVer, isMongoId, isJSON, isBase32, isBase58, isBase64, isDateString, isMimeType, isCurrency, isMagnetURI, isCreditCard, isIBAN, isByteLength, isHash, isRFC3339, isMilitaryTime, isLatitude, isLongitude, isEthereumAddress, isBtcAddress, isISO4217CurrencyCode, isPhoneNumber, isStrongPassword, isTaxId, isULID, isCUID2, } from './string.js';
 export { arrayContains, arrayNotContains, arrayMinSize, arrayMaxSize, arrayUnique, arrayNotEmpty } from './array.js';
 export { isNotEmptyObject, isInstance } from './object.js';
 export { isMobilePhone, isPostalCode, isIdentityCard, isPassportNumber } from './locales.js';

package/dist/src/rules/string.d.ts

@@ -11,6 +11,8 @@ declare const isAscii: EmittableRule;
 declare const isAlpha: EmittableRule;
 declare const isAlphanumeric: EmittableRule;
 declare const isHttpToken: EmittableRule;
+declare const isOrigin: import("../types").InternalRule;
+declare const isCorsOrigin: import("../types").InternalRule;
 declare const isBooleanString: import("../types").InternalRule;
 interface IsNumberStringOptions {
     no_symbols?: boolean;
@@ -104,5 +106,5 @@ declare function isStrongPassword(options?: IsStrongPasswordOptions): EmittableR
 declare function isTaxId(locale: string): EmittableRule;
 declare function isULID(): EmittableRule;
 declare function isCUID2(): EmittableRule;
-export { minLength, maxLength, length, contains, notContains, matches, isLowercase, isUppercase, isAscii, isAlpha, isAlphanumeric, isHttpToken, isBooleanString, isNumberString, isDecimal, isFullWidth, isHalfWidth, isVariableWidth, isMultibyte, isSurrogatePair, isHexadecimal, isOctal, isEmail, isURL, isUUID, isIP, isHexColor, isRgbColor, isHSL, isMACAddress, isISBN, isISIN, isISO8601, isISRC, isISSN, isJWT, isLatLong, isLocale, isDataURI, isFQDN, isPort, isEAN, isISO31661Alpha2, isISO31661Alpha3, isBIC, isFirebasePushId, isSemVer, isMongoId, isJSON, isBase32, isBase58, isBase64, isDateString, isMimeType, isCurrency, isMagnetURI, isCreditCard, isIBAN, isByteLength, isHash, isRFC3339, isMilitaryTime, isLatitude, isLongitude, isEthereumAddress, isBtcAddress, isISO4217CurrencyCode, isPhoneNumber, isStrongPassword, isTaxId, isULID, isCUID2, };
+export { minLength, maxLength, length, contains, notContains, matches, isLowercase, isUppercase, isAscii, isAlpha, isAlphanumeric, isHttpToken, isOrigin, isCorsOrigin, isBooleanString, isNumberString, isDecimal, isFullWidth, isHalfWidth, isVariableWidth, isMultibyte, isSurrogatePair, isHexadecimal, isOctal, isEmail, isURL, isUUID, isIP, isHexColor, isRgbColor, isHSL, isMACAddress, isISBN, isISIN, isISO8601, isISRC, isISSN, isJWT, isLatLong, isLocale, isDataURI, isFQDN, isPort, isEAN, isISO31661Alpha2, isISO31661Alpha3, isBIC, isFirebasePushId, isSemVer, isMongoId, isJSON, isBase32, isBase58, isBase64, isDateString, isMimeType, isCurrency, isMagnetURI, isCreditCard, isIBAN, isByteLength, isHash, isRFC3339, isMilitaryTime, isLatitude, isLongitude, isEthereumAddress, isBtcAddress, isISO4217CurrencyCode, isPhoneNumber, isStrongPassword, isTaxId, isULID, isCUID2, };
 export type { IsNumberStringOptions, IsURLOptions, IsMACAddressOptions, IsISO8601Options, IsISSNOptions, IsFQDNOptions, IsBase64Options, IsIBANOptions, IsStrongPasswordOptions, };

package/dist/src/rules/string.js

@@ -129,6 +129,43 @@ const isHttpToken = makeStringRule('isHttpToken', v => HTTP_TOKEN_RE.test(v), (v
     const i = ctx.addRegex(HTTP_TOKEN_RE);
     return `if (!re[${i}].test(${varName})) ${ctx.fail('isHttpToken')};`;
 });
+// RFC 6454 §6.2 serialized origin — a string equal to WHATWG URL `.origin`.
+// The opaque-origin literal 'null' is matched explicitly because `new URL('null')` throws.
+// '*' (CORS wildcard) is rejected here; use isCorsOrigin for the CORS superset.
+const isOriginValue = (value) => {
+    if (value === 'null') {
+        return true;
+    }
+    try {
+        return new URL(value).origin === value;
+    }
+    catch {
+        return false;
+    }
+};
+const isOrigin = makeRule({
+    name: 'isOrigin',
+    requiresType: 'string',
+    constraints: { format: 'origin' },
+    validate: value => typeof value === 'string' && isOriginValue(value),
+    emit: (varName, ctx) => {
+        const i = ctx.addRef(isOriginValue);
+        return `if (!(refs[${i}](${varName}))) ${ctx.fail('isOrigin')};`;
+    },
+});
+// CORS superset of isOrigin: additionally accepts the '*' wildcard literal
+// (Access-Control-Allow-Origin). Keep '*' out of the general isOrigin.
+const isCorsOriginValue = (value) => value === '*' || isOriginValue(value);
+const isCorsOrigin = makeRule({
+    name: 'isCorsOrigin',
+    requiresType: 'string',
+    constraints: { format: 'origin', allowWildcard: true },
+    validate: value => typeof value === 'string' && isCorsOriginValue(value),
+    emit: (varName, ctx) => {
+        const i = ctx.addRef(isCorsOriginValue);
+        return `if (!(refs[${i}](${varName}))) ${ctx.fail('isCorsOrigin')};`;
+    },
+});
 // BooleanString: 'true' | 'false' | '1' | '0'
 const isBooleanString = makeRule({
     name: 'isBooleanString',
@@ -1995,4 +2032,4 @@ function isCUID2() {
         return `if (!re[${i}].test(${varName})) ${ctx.fail('isCUID2')};`;
     }, 'string', { format: 'cuid2' });
 }
-export { minLength, maxLength, length, contains, notContains, matches, isLowercase, isUppercase, isAscii, isAlpha, isAlphanumeric, isHttpToken, isBooleanString, isNumberString, isDecimal, isFullWidth, isHalfWidth, isVariableWidth, isMultibyte, isSurrogatePair, isHexadecimal, isOctal, isEmail, isURL, isUUID, isIP, isHexColor, isRgbColor, isHSL, isMACAddress, isISBN, isISIN, isISO8601, isISRC, isISSN, isJWT, isLatLong, isLocale, isDataURI, isFQDN, isPort, isEAN, isISO31661Alpha2, isISO31661Alpha3, isBIC, isFirebasePushId, isSemVer, isMongoId, isJSON, isBase32, isBase58, isBase64, isDateString, isMimeType, isCurrency, isMagnetURI, isCreditCard, isIBAN, isByteLength, isHash, isRFC3339, isMilitaryTime, isLatitude, isLongitude, isEthereumAddress, isBtcAddress, isISO4217CurrencyCode, isPhoneNumber, isStrongPassword, isTaxId, isULID, isCUID2, };
+export { minLength, maxLength, length, contains, notContains, matches, isLowercase, isUppercase, isAscii, isAlpha, isAlphanumeric, isHttpToken, isOrigin, isCorsOrigin, isBooleanString, isNumberString, isDecimal, isFullWidth, isHalfWidth, isVariableWidth, isMultibyte, isSurrogatePair, isHexadecimal, isOctal, isEmail, isURL, isUUID, isIP, isHexColor, isRgbColor, isHSL, isMACAddress, isISBN, isISIN, isISO8601, isISRC, isISSN, isJWT, isLatLong, isLocale, isDataURI, isFQDN, isPort, isEAN, isISO31661Alpha2, isISO31661Alpha3, isBIC, isFirebasePushId, isSemVer, isMongoId, isJSON, isBase32, isBase58, isBase64, isDateString, isMimeType, isCurrency, isMagnetURI, isCreditCard, isIBAN, isByteLength, isHash, isRFC3339, isMilitaryTime, isLatitude, isLongitude, isEthereumAddress, isBtcAddress, isISO4217CurrencyCode, isPhoneNumber, isStrongPassword, isTaxId, isULID, isCUID2, };

package/dist/src/rules/typechecker.d.ts

@@ -12,3 +12,5 @@ export declare function isEnum(entity: object): EmittableRule;
 export declare const isInt: import("../types").InternalRule;
 export declare const isArray: import("../types").InternalRule;
 export declare const isObject: import("../types").InternalRule;
+export declare const isRegExp: import("../types").InternalRule;
+export declare const isFunction: import("../types").InternalRule;

package/dist/src/rules/typechecker.js

@@ -141,3 +141,21 @@ export const isObject = makeRule({
     validate: value => typeof value === 'object' && value !== null && !Array.isArray(value),
     emit: (varName, ctx) => `if (typeof ${varName} !== 'object' || ${varName} === null || Array.isArray(${varName})) ${ctx.fail('isObject')};`,
 });
+// ─────────────────────────────────────────────────────────────────────────────
+// isRegExp — instanceof RegExp (self-narrowing, no typeof gate needed)
+// ─────────────────────────────────────────────────────────────────────────────
+export const isRegExp = makeRule({
+    name: 'isRegExp',
+    constraints: {},
+    validate: value => value instanceof RegExp,
+    emit: (varName, ctx) => `if (!(${varName} instanceof RegExp)) ${ctx.fail('isRegExp')};`,
+});
+// ─────────────────────────────────────────────────────────────────────────────
+// isFunction — typeof check (accepts arrow fns, unlike isInstance(Function))
+// ─────────────────────────────────────────────────────────────────────────────
+export const isFunction = makeRule({
+    name: 'isFunction',
+    constraints: {},
+    validate: value => typeof value === 'function',
+    emit: (varName, ctx) => `if (typeof ${varName} !== 'function') ${ctx.fail('isFunction')};`,
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zipbul/baker",
-  "version": "3.0.1",
+  "version": "3.2.0",
   "description": "Bun-only AOT decorator-based DTO validation & serialization. class-validator DX, sealed code generation, zero reflect-metadata.",
   "keywords": [
     "aot",