schema-components 1.19.0 → 1.20.0

package/dist/core/adapter.d.mts

@@ -1,5 +1,5 @@
-import { T as SchemaMeta, m as JsonObject } from "../types-D_5ST7SS.mjs";
-import { i as DiagnosticsOptions } from "../diagnostics-VgEKI_Ct.mjs";
+import { T as SchemaMeta, m as JsonObject } from "../types-C9zw9wbX.mjs";
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
 
 //#region src/core/adapter.d.ts
 type SchemaInput = Record<string, unknown>;

package/dist/core/adapter.mjs

@@ -3,7 +3,7 @@ import { SchemaNormalisationError } from "./errors.mjs";
 import { emitDiagnostic } from "./diagnostics.mjs";
 import { dereference } from "./ref.mjs";
 import { detectOpenApiVersion, inferJsonSchemaDraftWithReason, isSwagger2, matchJsonSchemaDraftUri } from "./version.mjs";
-import { a as normaliseOpenApiSchemas, i as normaliseJsonSchema$1 } from "../normalise-C0ofw3W6.mjs";
+import { a as normaliseOpenApiSchemas, i as normaliseJsonSchema$1 } from "../normalise-CMMEl4cd.mjs";
 import { z } from "zod";
 //#region src/core/adapter.ts
 /**
@@ -39,9 +39,19 @@ function detectSchemaKind(input) {
 * - Nested Zod 3 schemas inside a Zod 4 tree (which surface as
 *   "Cannot read properties of undefined (reading 'def')") → zod3-unsupported
 * - Transforms ("Transforms cannot be represented") → zod-transform-unsupported
-* - Unrepresentable types ("BigInt cannot be represented", "Date cannot be
-*   represented", etc.) → zod-type-unrepresentable
+* - Dynamic catch values whose handler throws ("Dynamic catch values are not
+*   supported") → zod-type-unrepresentable with zodType "dynamic-catch"
+* - Unrepresentable types — bigint, date, map, set, symbol, function, custom,
+*   undefined, void, NaN, and the literal-only forms `z.literal(undefined)`
+*   ("undefined-literal") and `z.literal(<bigint>)` ("bigint-literal") →
+*   zod-type-unrepresentable
+* - The catch-all "Non-representable type encountered: <type>" fallback Zod
+*   emits for any new schema kind without a registered processor →
+*   zod-type-unrepresentable with zodType set to the offending def.type
 * - Anything else → zod-conversion-failed
+*
+* The original error is preserved on each classified error via the `cause`
+* field so consumers can still inspect the Zod stack trace.
 */
 function callToJsonSchema(schema) {
 	try {
@@ -55,20 +65,53 @@ function callToJsonSchema(schema) {
 * Mapping is exact-prefix on the message and the corresponding Zod type name
 * surfaced to the consumer via SchemaNormalisationError.zodType.
 *
-* Source: zod/src/v4/core/to-json-schema.ts ("cannot be represented" messages).
+* Sources (verbatim message prefixes):
+* - zod/src/v4/core/json-schema-processors.ts L104 (bigint), L110 (symbol),
+*   L126 (undefined), L132 (void), L150 (date), L169 (literal-undefined),
+*   L175 (literal-bigint), L204 (NaN), L246 (custom), L252 (function),
+*   L264 (map), L270 (set), L521 (dynamic catch).
+* - zod/src/v4/core/to-json-schema.ts L182 (non-representable type fallback).
+*
+* The kept message prefix is the shortest substring that uniquely identifies
+* the source — the test in tests/zod-error-wording-contract.unit.test.ts
+* asserts each prefix is still present in the live Zod output so a Zod
+* patch upgrade that changes wording fails the build.
+*
+* Note: the more specific literal-* prefixes precede the generic "BigInt"
+* prefix so the literal classifications win. JavaScript object iteration
+* order preserves insertion order, and the loop short-circuits on first
+* match, so ordering here is load-bearing.
 */
 const UNREPRESENTABLE_ZOD_TYPES = [
+	["Literal `undefined` cannot be represented", "undefined-literal"],
+	["BigInt literals cannot be represented", "bigint-literal"],
 	["BigInt cannot be represented", "bigint"],
 	["Date cannot be represented", "date"],
 	["Map cannot be represented", "map"],
 	["Set cannot be represented", "set"],
 	["Symbols cannot be represented", "symbol"],
 	["Function types cannot be represented", "function"],
+	["Custom types cannot be represented", "custom"],
 	["Undefined cannot be represented", "undefined"],
 	["Void cannot be represented", "void"],
 	["NaN cannot be represented", "nan"]
 ];
 /**
+* Marker for Zod's catch-all message when a brand-new schema type has no
+* registered processor (e.g. ahead of a Zod patch adding a new schema kind).
+*
+* Source: zod/src/v4/core/to-json-schema.ts L182
+*   `[toJSONSchema]: Non-representable type encountered: ${def.type}`
+*/
+const NON_REPRESENTABLE_TYPE_MARKER = "[toJSONSchema]: Non-representable type encountered:";
+/**
+* Marker for dynamic catch failures — Zod throws when `def.catchValue(...)`
+* itself throws while building the JSON Schema default.
+*
+* Source: zod/src/v4/core/json-schema-processors.ts L521
+*/
+const DYNAMIC_CATCH_MARKER = "Dynamic catch values are not supported";
+/**
 * The cryptic error produced when z.toJSONSchema encounters a nested Zod 3
 * schema (one without `_zod.def`). Reproduced verbatim from Node's TypeError
 * for property access on undefined.
@@ -76,10 +119,17 @@ const UNREPRESENTABLE_ZOD_TYPES = [
 const NESTED_ZOD3_MARKER = "Cannot read properties of undefined";
 function classifyZodConversionError(err, schema) {
 	const message = err instanceof Error ? err.message : String(err);
-	if (message.includes(NESTED_ZOD3_MARKER)) return new SchemaNormalisationError("A nested Zod 3 schema was found inside a Zod 4 schema. schema-components requires Zod 4 throughout the schema tree. See the Zod 4 migration guide at https://zod.dev/v4/migration or run: pnpm add zod@^4", schema, "zod3-unsupported");
-	if (message.includes("Transforms cannot be represented")) return new SchemaNormalisationError("Zod transforms cannot be represented in JSON Schema. Remove the .transform() call, or pre-transform the input before passing it to the component.", schema, "zod-transform-unsupported");
-	for (const [prefix, typeName] of UNREPRESENTABLE_ZOD_TYPES) if (message.includes(prefix)) return new SchemaNormalisationError(`Zod type ${typeName} cannot be represented in JSON Schema and is not supported by schema-components. Original message: ${message}`, schema, "zod-type-unrepresentable", typeName);
-	return new SchemaNormalisationError(`z.toJSONSchema() failed: ${message}`, schema, "zod-conversion-failed");
+	if (message.includes(NESTED_ZOD3_MARKER)) return new SchemaNormalisationError("A nested Zod 3 schema was found inside a Zod 4 schema. schema-components requires Zod 4 throughout the schema tree. See the Zod 4 migration guide at https://zod.dev/v4/migration or run: pnpm add zod@^4", schema, "zod3-unsupported", void 0, err);
+	if (message.includes("Transforms cannot be represented")) return new SchemaNormalisationError("Zod transforms cannot be represented in JSON Schema. Remove the .transform() call, or pre-transform the input before passing it to the component.", schema, "zod-transform-unsupported", void 0, err);
+	if (message.includes(DYNAMIC_CATCH_MARKER)) return new SchemaNormalisationError("Zod catch values that depend on runtime computation cannot be represented in JSON Schema. Provide a static catch value or remove the .catch() call.", schema, "zod-type-unrepresentable", "dynamic-catch", err);
+	for (const [prefix, typeName] of UNREPRESENTABLE_ZOD_TYPES) if (message.includes(prefix)) return new SchemaNormalisationError(`Zod type ${typeName} cannot be represented in JSON Schema and is not supported by schema-components. Original message: ${message}`, schema, "zod-type-unrepresentable", typeName, err);
+	const nonReprIndex = message.indexOf(NON_REPRESENTABLE_TYPE_MARKER);
+	if (nonReprIndex !== -1) {
+		const trailing = message.slice(nonReprIndex + 51).trim();
+		const typeName = trailing.length > 0 ? trailing.split(/\s+/)[0] : void 0;
+		return new SchemaNormalisationError(`Zod encountered a schema kind${typeName !== void 0 ? ` "${typeName}"` : ""} with no JSON Schema processor registered. This usually means Zod added a new schema type that schema-components does not yet support. Original message: ${message}`, schema, "zod-type-unrepresentable", typeName, err);
+	}
+	return new SchemaNormalisationError(`z.toJSONSchema() failed: ${message}`, schema, "zod-conversion-failed", void 0, err);
 }
 function normaliseSchema(input, ref, options) {
 	if (ref === void 0 && isObject(input)) {
@@ -206,7 +256,7 @@ function resolveOpenApiRef(doc, ref) {
 		if (!isObject(resolved)) throw new Error(`OpenAPI ref not found: ${ref}`);
 		return resolved;
 	}
-	const pathMatch = /^\/(.+)\/(get|post|put|patch|delete)$/.exec(ref);
+	const pathMatch = /^\/(.+)\/(get|post|put|patch|delete|head|options|trace)$/.exec(ref);
 	if (pathMatch?.[1] !== void 0 && pathMatch[2] !== void 0) {
 		const pathStr = pathMatch[1];
 		const method = pathMatch[2];

package/dist/core/constraints.d.mts

@@ -1,5 +1,5 @@
-import { D as StringConstraints, f as FileConstraints, t as ArrayConstraints, x as ObjectConstraints, y as NumberConstraints } from "../types-D_5ST7SS.mjs";
-import { i as DiagnosticsOptions } from "../diagnostics-VgEKI_Ct.mjs";
+import { D as StringConstraints, f as FileConstraints, t as ArrayConstraints, x as ObjectConstraints, y as NumberConstraints } from "../types-C9zw9wbX.mjs";
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
 
 //#region src/core/constraints.d.ts
 declare function extractStringConstraints(schema: Record<string, unknown>, diagnostics?: DiagnosticsOptions, pointer?: string): StringConstraints;

package/dist/core/diagnostics.d.mts

@@ -1,2 +1,2 @@
-import { a as appendPointer, i as DiagnosticsOptions, n as DiagnosticCode, o as emitDiagnostic, r as DiagnosticSink, t as Diagnostic } from "../diagnostics-VgEKI_Ct.mjs";
+import { a as appendPointer, i as DiagnosticsOptions, n as DiagnosticCode, o as emitDiagnostic, r as DiagnosticSink, t as Diagnostic } from "../diagnostics-CbBPsxSt.mjs";
 export { Diagnostic, DiagnosticCode, DiagnosticSink, DiagnosticsOptions, appendPointer, emitDiagnostic };

package/dist/core/errors.d.mts

@@ -1,2 +1,2 @@
-import { i as SchemaRenderError, n as SchemaFieldError, r as SchemaNormalisationError, t as SchemaError } from "../errors-CnGjT1cg.mjs";
+import { i as SchemaRenderError, n as SchemaFieldError, r as SchemaNormalisationError, t as SchemaError } from "../errors-C2iABcn9.mjs";
 export { SchemaError, SchemaFieldError, SchemaNormalisationError, SchemaRenderError };

package/dist/core/errors.mjs

@@ -37,11 +37,19 @@ var SchemaNormalisationError = class extends SchemaError {
 	* (e.g. "bigint", "date", "map", "set"). `undefined` for other kinds.
 	*/
 	zodType;
-	constructor(message, schema, kind, zodType) {
+	/**
+	* The original underlying error, when this normalisation error wraps
+	* another exception (typically the error thrown by `z.toJSONSchema()`).
+	* Preserves the source stack trace so the root cause is not lost when
+	* the classifier translates the message.
+	*/
+	cause;
+	constructor(message, schema, kind, zodType, cause) {
 		super(message, schema);
 		this.name = "SchemaNormalisationError";
 		this.kind = kind;
 		this.zodType = zodType;
+		this.cause = cause;
 	}
 };
 /**

package/dist/core/fieldOrder.d.mts

@@ -1,4 +1,4 @@
-import { M as WalkedField } from "../types-D_5ST7SS.mjs";
+import { M as WalkedField } from "../types-C9zw9wbX.mjs";
 
 //#region src/core/fieldOrder.d.ts
 /**

package/dist/core/formats.d.mts

@@ -1,18 +1,14 @@
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
+
 //#region src/core/formats.d.ts
 /**
- * Built-in format patterns for JSON Schema string validation.
- *
- * Maps standard JSON Schema/OpenAPI `format` values to RegExp patterns
- * or predicate validators. Used by the constraint extractor to derive
- * `formatPattern` alongside the existing `format` string, and by the
- * `validate` helper for runtime format checking.
- *
- * Formats that cannot be validated by regex (iri, regex) use predicate
- * functions instead. `validateFormat` dispatches to whichever is available.
- *
- * The user's explicit `pattern` constraint always takes precedence —
- * `formatPattern` is exposed as a separate field for renderers.
+ * Maximum length of a string that will be compiled by `new RegExp(...)`.
+ * Patterns that exceed this cap are rejected without compilation. A
+ * pathological pattern (e.g. `(a+)+`) doesn't need to be long to hang,
+ * but the cap is cheap defence and stops obviously hostile input before
+ * it reaches the regex engine.
  */
+declare const MAX_REGEX_PATTERN_LENGTH = 500;
 /**
  * A format validator: either a RegExp pattern or a predicate function.
  */
@@ -21,13 +17,24 @@ type FormatValidator = RegExp | ((value: string) => boolean);
  * Recognised JSON Schema formats with their validation patterns.
  * Unknown formats emit an `unknown-format` diagnostic and skip derivation.
  */
+/**
+ * Email format pattern, exported as a named const so callers that need a
+ * guaranteed `RegExp` (rather than the `RegExp | undefined` shape of
+ * `FORMAT_PATTERNS[name]` under `noUncheckedIndexedAccess`) can import it
+ * directly. Used by the URI safety helpers for mailto address checks.
+ */
+declare const EMAIL_FORMAT_PATTERN: RegExp;
 declare const FORMAT_PATTERNS: Readonly<Record<string, RegExp>>;
 /**
  * Validate a string value against format constraints.
  * Returns `true` when the value matches the format,
  * `false` when it does not, and `undefined` when the format
  * is not recognised (no validator available).
+ *
+ * `diagnostics` and `pointer` are forwarded to validators that can
+ * surface structured diagnostics — currently the `regex` format, which
+ * emits `pattern-invalid` for over-length or malformed input.
  */
-declare function validateFormat(value: string, format: string): boolean | undefined;
+declare function validateFormat(value: string, format: string, diagnostics?: DiagnosticsOptions, pointer?: string): boolean | undefined;
 //#endregion
-export { FORMAT_PATTERNS, FormatValidator, validateFormat };
+export { EMAIL_FORMAT_PATTERN, FORMAT_PATTERNS, FormatValidator, MAX_REGEX_PATTERN_LENGTH, validateFormat };

package/dist/core/formats.mjs

@@ -1,11 +1,27 @@
+import { emitDiagnostic } from "./diagnostics.mjs";
 //#region src/core/formats.ts
 /**
+* Maximum length of a string that will be compiled by `new RegExp(...)`.
+* Patterns that exceed this cap are rejected without compilation. A
+* pathological pattern (e.g. `(a+)+`) doesn't need to be long to hang,
+* but the cap is cheap defence and stops obviously hostile input before
+* it reaches the regex engine.
+*/
+const MAX_REGEX_PATTERN_LENGTH = 500;
+/**
 * Recognised JSON Schema formats with their validation patterns.
 * Unknown formats emit an `unknown-format` diagnostic and skip derivation.
 */
+/**
+* Email format pattern, exported as a named const so callers that need a
+* guaranteed `RegExp` (rather than the `RegExp | undefined` shape of
+* `FORMAT_PATTERNS[name]` under `noUncheckedIndexedAccess`) can import it
+* directly. Used by the URI safety helpers for mailto address checks.
+*/
+const EMAIL_FORMAT_PATTERN = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
 const FORMAT_PATTERNS = {
 	uuid: /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i,
-	email: /^[^\s@]+@[^\s@]+\.[^\s@]+$/,
+	email: EMAIL_FORMAT_PATTERN,
 	"date-time": /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\.\d+)?(Z|[+-]\d{2}:\d{2})$/,
 	date: /^\d{4}-\d{2}-\d{2}$/,
 	time: /^\d{2}:\d{2}:\d{2}(\.\d+)?(Z|[+-]\d{2}:\d{2})?$/,
@@ -27,11 +43,22 @@ const FORMAT_PATTERNS = {
 	cidrv6: /^(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|::|([0-9a-fA-F]{1,4})?::([0-9a-fA-F]{1,4}:?){0,6})\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])$/,
 	base64: /^$|^(?:[0-9a-zA-Z+/]{4})*(?:(?:[0-9a-zA-Z+/]{2}==)|(?:[0-9a-zA-Z+/]{3}=))?$/,
 	base64url: /^[A-Za-z0-9_-]*$/,
-	e164: /^\+[1-9]\d{6,14}$/
+	e164: /^\+[1-9]\d{6,14}$/,
+	emoji: /^(\p{Extended_Pictographic}|\p{Emoji_Component})+$/u,
+	ulid: /^[0-9A-HJKMNP-TV-Za-hjkmnp-tv-z]{26}$/,
+	xid: /^[0-9a-vA-V]{20}$/,
+	ksuid: /^[A-Za-z0-9]{27}$/,
+	lowercase: /^[^A-Z]*$/,
+	uppercase: /^[^a-z]*$/,
+	jwt: /^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]*$/
 };
 /**
 * Format validators that use predicate functions instead of regex.
 * These are checked in `validateFormat` when no regex pattern exists.
+*
+* The `regex` format is intentionally absent here — it requires a
+* length cap and structured diagnostic emission and is handled via
+* {@link validateRegexFormat} directly from {@link validateFormat}.
 */
 const PREDICATE_VALIDATORS = {
 	iri: (value) => {
@@ -57,19 +84,76 @@ const PREDICATE_VALIDATORS = {
 		} catch {
 			return false;
 		}
+	},
+	"json-string": (value) => {
+		try {
+			JSON.parse(value);
+			return true;
+		} catch {
+			return false;
+		}
 	}
 };
 /**
+* Validate that a string is a syntactically valid regular expression.
+*
+* Hardened against ReDoS-style abuse:
+* - Values longer than {@link MAX_REGEX_PATTERN_LENGTH} are treated as
+*   "format unmatched" without ever being compiled.
+* - Any `SyntaxError` thrown by `new RegExp(...)` (malformed pattern,
+*   invalid flags, unbalanced groups) is caught and treated as "format
+*   unmatched".
+*
+* In both cases a diagnostic is emitted when a sink is supplied so
+* callers can surface the offending value to the schema author.
+*/
+function validateRegexFormat(value, diagnostics, pointer) {
+	if (value.length > 500) {
+		emitDiagnostic(diagnostics, {
+			code: "pattern-invalid",
+			message: `Pattern length (${String(value.length)}) exceeds maximum (${String(500)}); treating as unmatched`,
+			pointer,
+			detail: {
+				reason: "length-exceeded",
+				length: value.length,
+				maxLength: 500
+			}
+		});
+		return false;
+	}
+	try {
+		new RegExp(value);
+		return true;
+	} catch (error) {
+		const message = error instanceof Error ? error.message : String(error);
+		emitDiagnostic(diagnostics, {
+			code: "pattern-invalid",
+			message: `Failed to compile pattern as RegExp: ${message}; treating as unmatched`,
+			pointer,
+			detail: {
+				reason: "compile-error",
+				error: message
+			}
+		});
+		return false;
+	}
+}
+/**
 * Validate a string value against format constraints.
 * Returns `true` when the value matches the format,
 * `false` when it does not, and `undefined` when the format
 * is not recognised (no validator available).
+*
+* `diagnostics` and `pointer` are forwarded to validators that can
+* surface structured diagnostics — currently the `regex` format, which
+* emits `pattern-invalid` for over-length or malformed input.
 */
-function validateFormat(value, format) {
+function validateFormat(value, format, diagnostics, pointer = "") {
 	const pattern = FORMAT_PATTERNS[format];
 	if (pattern !== void 0) return pattern.test(value);
+	if (format === "regex") return validateRegexFormat(value, diagnostics, pointer);
 	const predicate = PREDICATE_VALIDATORS[format];
 	if (predicate !== void 0) return predicate(value);
 }
 //#endregion
-export { FORMAT_PATTERNS, validateFormat };
+export { EMAIL_FORMAT_PATTERN, FORMAT_PATTERNS, MAX_REGEX_PATTERN_LENGTH, validateFormat };

package/dist/core/merge.d.mts

@@ -1,4 +1,4 @@
-import { i as DiagnosticsOptions } from "../diagnostics-VgEKI_Ct.mjs";
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
 
 //#region src/core/merge.d.ts
 /**

package/dist/core/normalise.d.mts

@@ -1,5 +1,5 @@
-import { i as DiagnosticsOptions } from "../diagnostics-VgEKI_Ct.mjs";
-import { n as JsonSchemaDraft, r as OpenApiVersionInfo } from "../version-XNH7PRGP.mjs";
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
+import { i as OpenApiVersionInfo, r as JsonSchemaDraft } from "../version-D-u7aMfy.mjs";
 
 //#region src/core/normalise.d.ts
 type NodeTransform = (node: Record<string, unknown>) => Record<string, unknown>;

package/dist/core/normalise.mjs

@@ -1,2 +1,2 @@
-import { a as normaliseOpenApiSchemas, i as normaliseJsonSchema, n as deepNormaliseWithContext, r as normaliseDraft04Node, t as deepNormalise } from "../normalise-C0ofw3W6.mjs";
+import { a as normaliseOpenApiSchemas, i as normaliseJsonSchema, n as deepNormaliseWithContext, r as normaliseDraft04Node, t as deepNormalise } from "../normalise-CMMEl4cd.mjs";
 export { deepNormalise, deepNormaliseWithContext, normaliseDraft04Node, normaliseJsonSchema, normaliseOpenApiSchemas };

package/dist/core/openapi30.mjs

@@ -1,2 +1,2 @@
-import { c as deepNormaliseOpenApiDoc, d as normaliseOpenApi30Node, l as normaliseOpenApi30Combined, s as deepNormaliseOpenApi30Doc, u as normaliseOpenApi30Discriminator } from "../normalise-C0ofw3W6.mjs";
+import { c as deepNormaliseOpenApiDoc, d as normaliseOpenApi30Node, l as normaliseOpenApi30Combined, s as deepNormaliseOpenApi30Doc, u as normaliseOpenApi30Discriminator } from "../normalise-CMMEl4cd.mjs";
 export { deepNormaliseOpenApi30Doc, deepNormaliseOpenApiDoc, normaliseOpenApi30Combined, normaliseOpenApi30Discriminator, normaliseOpenApi30Node };

package/dist/core/ref.d.mts

@@ -1,2 +1,2 @@
-import { a as findAnchor, i as dereference, n as RefOptions, o as resolveRef, r as countDistinctRefs, t as ExternalResolver } from "../ref-Bb43ZURY.mjs";
+import { a as findAnchor, i as dereference, n as RefOptions, o as resolveRef, r as countDistinctRefs, t as ExternalResolver } from "../ref-C8JbwfiS.mjs";
 export { ExternalResolver, RefOptions, countDistinctRefs, dereference, findAnchor, resolveRef };

package/dist/core/renderer.d.mts

@@ -1,2 +1,2 @@
-import { a as HtmlRenderProps, c as RenderFunction, d as getHtmlRenderFn, f as getRenderFunction, h as typeToKey, i as HtmlRenderFunction, l as RenderProps, m as mergeResolvers, n as BaseFieldProps, o as HtmlResolver, p as mergeHtmlResolvers, r as ComponentResolver, s as RESOLVER_KEYS, t as AllConstraints, u as buildRenderProps } from "../renderer-BQqiXUYP.mjs";
+import { a as HtmlRenderProps, c as RenderFunction, d as getHtmlRenderFn, f as getRenderFunction, h as typeToKey, i as HtmlRenderFunction, l as RenderProps, m as mergeResolvers, n as BaseFieldProps, o as HtmlResolver, p as mergeHtmlResolvers, r as ComponentResolver, s as RESOLVER_KEYS, t as AllConstraints, u as buildRenderProps } from "../renderer-SOIbJBtk.mjs";
 export { AllConstraints, BaseFieldProps, ComponentResolver, HtmlRenderFunction, HtmlRenderProps, HtmlResolver, RESOLVER_KEYS, RenderFunction, RenderProps, buildRenderProps, getHtmlRenderFn, getRenderFunction, mergeHtmlResolvers, mergeResolvers, typeToKey };

package/dist/core/swagger2.d.mts

@@ -1,4 +1,4 @@
-import { i as DiagnosticsOptions } from "../diagnostics-VgEKI_Ct.mjs";
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
 import { NodeTransform } from "./normalise.mjs";
 
 //#region src/core/swagger2.d.ts

package/dist/core/swagger2.mjs

@@ -1,2 +1,2 @@
-import { o as normaliseSwagger2Document } from "../normalise-C0ofw3W6.mjs";
+import { o as normaliseSwagger2Document } from "../normalise-CMMEl4cd.mjs";
 export { normaliseSwagger2Document };

package/dist/core/typeInference.d.mts

@@ -1,2 +1,2 @@
-import { a as InferResponseFields, c as PathOfType, d as UnsafeFields, f as __SchemaInferenceFellBack, i as InferRequestBodyFields, l as ResolveOpenAPIRef, n as FromJSONSchema, o as OpenAPIRequestBodyType, r as InferParameterOverrides, s as OpenAPIResponseType, t as DEFAULT_MAX_DEPTH, u as TypeAtPath } from "../typeInference-5JiqIZ8t.mjs";
-export { DEFAULT_MAX_DEPTH, FromJSONSchema, InferParameterOverrides, InferRequestBodyFields, InferResponseFields, OpenAPIRequestBodyType, OpenAPIResponseType, PathOfType, ResolveOpenAPIRef, TypeAtPath, UnsafeFields, __SchemaInferenceFellBack };
+import { a as InferResponseFields, c as PathOfType, d as TypeAtPath, f as UnrepresentableZodSchemaError, h as __SchemaInferenceFellBack, i as InferRequestBodyFields, l as RejectUnrepresentableZod, m as UnsafeFields, n as FromJSONSchema, o as OpenAPIRequestBodyType, p as UnrepresentableZodType, r as InferParameterOverrides, s as OpenAPIResponseType, t as DEFAULT_MAX_DEPTH, u as ResolveOpenAPIRef } from "../typeInference-CDoD_LZ_.mjs";
+export { DEFAULT_MAX_DEPTH, FromJSONSchema, InferParameterOverrides, InferRequestBodyFields, InferResponseFields, OpenAPIRequestBodyType, OpenAPIResponseType, PathOfType, RejectUnrepresentableZod, ResolveOpenAPIRef, TypeAtPath, UnrepresentableZodSchemaError, UnrepresentableZodType, UnsafeFields, __SchemaInferenceFellBack };

package/dist/core/types.d.mts

@@ -1,2 +1,2 @@
-import { A as UnionField, B as isNegationField, C as RecordField, D as StringConstraints, E as SchemaType, F as isConditionalField, G as isRecordField, H as isNullField, I as isDiscriminatedUnionField, J as isTupleField, K as isRecursiveField, L as isEnumField, M as WalkedField, N as isArrayField, O as StringField, P as isBooleanField, R as isFileField, S as ObjectField, T as SchemaMeta, U as isNumberField, V as isNeverField, W as isObjectField, X as isUnknownField, Y as isUnionField, Z as resolveEditability, _ as NeverField, a as DiscriminatedUnionField, b as NumberField, c as FieldBase, d as FieldOverrides, f as FileConstraints, g as NegationField, h as LiteralField, i as ConditionalField, j as UnknownField, k as TupleField, l as FieldConstraints, m as JsonObject, n as ArrayField, o as Editability, p as FileField, q as isStringField, r as BooleanField, s as EnumField, t as ArrayConstraints, u as FieldOverride, v as NullField, w as RecursiveField, x as ObjectConstraints, y as NumberConstraints, z as isLiteralField } from "../types-D_5ST7SS.mjs";
+import { A as UnionField, B as isNegationField, C as RecordField, D as StringConstraints, E as SchemaType, F as isConditionalField, G as isRecordField, H as isNullField, I as isDiscriminatedUnionField, J as isTupleField, K as isRecursiveField, L as isEnumField, M as WalkedField, N as isArrayField, O as StringField, P as isBooleanField, R as isFileField, S as ObjectField, T as SchemaMeta, U as isNumberField, V as isNeverField, W as isObjectField, X as isUnknownField, Y as isUnionField, Z as resolveEditability, _ as NeverField, a as DiscriminatedUnionField, b as NumberField, c as FieldBase, d as FieldOverrides, f as FileConstraints, g as NegationField, h as LiteralField, i as ConditionalField, j as UnknownField, k as TupleField, l as FieldConstraints, m as JsonObject, n as ArrayField, o as Editability, p as FileField, q as isStringField, r as BooleanField, s as EnumField, t as ArrayConstraints, u as FieldOverride, v as NullField, w as RecursiveField, x as ObjectConstraints, y as NumberConstraints, z as isLiteralField } from "../types-C9zw9wbX.mjs";
 export { ArrayConstraints, ArrayField, BooleanField, ConditionalField, DiscriminatedUnionField, Editability, EnumField, FieldBase, FieldConstraints, FieldOverride, FieldOverrides, FileConstraints, FileField, JsonObject, LiteralField, NegationField, NeverField, NullField, NumberConstraints, NumberField, ObjectConstraints, ObjectField, RecordField, RecursiveField, SchemaMeta, SchemaType, StringConstraints, StringField, TupleField, UnionField, UnknownField, WalkedField, isArrayField, isBooleanField, isConditionalField, isDiscriminatedUnionField, isEnumField, isFileField, isLiteralField, isNegationField, isNeverField, isNullField, isNumberField, isObjectField, isRecordField, isRecursiveField, isStringField, isTupleField, isUnionField, isUnknownField, resolveEditability };

package/dist/core/uri.d.mts

@@ -0,0 +1,41 @@
+//#region src/core/uri.d.ts
+/**
+ * URI safety helpers shared by HTML and React renderers.
+ *
+ * User-supplied URI values flow into anchor `href` attributes. Without
+ * scheme validation a value such as `javascript:alert(1)` becomes a
+ * clickable XSS sink — HTML escaping does not help, since the dangerous
+ * payload sits inside the scheme rather than the body of the attribute.
+ *
+ * These helpers exist so the HTML renderer (`html/renderers.ts`) and the
+ * React renderer (`react/headlessRenderers.tsx`) apply identical rules
+ * when deciding whether a string is safe to render as an `href`.
+ */
+/**
+ * Decide whether `value` is safe to use as an anchor `href`.
+ *
+ * Returns `true` when the value is either a relative reference (no scheme
+ * component) or an absolute URI using `http`/`https`. Returns `false`
+ * for any other scheme, including dangerous ones like `javascript:` and
+ * `data:`.
+ */
+declare function isSafeHyperlink(value: string): boolean;
+/**
+ * Decide whether `value` is safe to interpolate into a `mailto:` URI.
+ *
+ * The check rejects values that do not match the standard email format
+ * pattern. The format pattern excludes whitespace, which means a CRLF
+ * sequence (or its percent-encoded form embedded by the caller) cannot
+ * pass — eliminating the SMTP/`mailto` header-injection vector.
+ */
+declare function isSafeMailtoAddress(value: string): boolean;
+/**
+ * Decide whether `key` is one of the prototype-polluting property names
+ * (`__proto__`, `constructor`, `prototype`).
+ *
+ * Used by JSON Pointer resolvers and by the JSON Schema `properties`
+ * walker to refuse traversal into these names.
+ */
+declare function isPrototypePollutingKey(key: string): boolean;
+//#endregion
+export { isPrototypePollutingKey, isSafeHyperlink, isSafeMailtoAddress };

package/dist/core/uri.mjs

@@ -0,0 +1,76 @@
+import { EMAIL_FORMAT_PATTERN } from "./formats.mjs";
+//#region src/core/uri.ts
+/**
+* URI safety helpers shared by HTML and React renderers.
+*
+* User-supplied URI values flow into anchor `href` attributes. Without
+* scheme validation a value such as `javascript:alert(1)` becomes a
+* clickable XSS sink — HTML escaping does not help, since the dangerous
+* payload sits inside the scheme rather than the body of the attribute.
+*
+* These helpers exist so the HTML renderer (`html/renderers.ts`) and the
+* React renderer (`react/headlessRenderers.tsx`) apply identical rules
+* when deciding whether a string is safe to render as an `href`.
+*/
+/**
+* Match the scheme portion of an absolute URI (RFC 3986 production
+* `scheme ":"`). Leading ASCII whitespace is tolerated because browsers
+* strip it before parsing the scheme; any other prefix (including raw
+* control characters) keeps the value out of the safe-scheme branch.
+*/
+const ABSOLUTE_URI_SCHEME = /^\s*([a-z][a-z0-9+\-.]*):/i;
+/**
+* Schemes safe to emit unmodified into an `href` attribute. Anything
+* outside this set — most importantly `javascript:`, `data:`, `vbscript:`
+* and `file:` — is rejected and rendered as text.
+*/
+const SAFE_HYPERLINK_SCHEMES = new Set(["http", "https"]);
+/**
+* Decide whether `value` is safe to use as an anchor `href`.
+*
+* Returns `true` when the value is either a relative reference (no scheme
+* component) or an absolute URI using `http`/`https`. Returns `false`
+* for any other scheme, including dangerous ones like `javascript:` and
+* `data:`.
+*/
+function isSafeHyperlink(value) {
+	const match = ABSOLUTE_URI_SCHEME.exec(value);
+	if (match === null) return true;
+	const scheme = match[1];
+	if (scheme === void 0) return false;
+	return SAFE_HYPERLINK_SCHEMES.has(scheme.toLowerCase());
+}
+/**
+* Decide whether `value` is safe to interpolate into a `mailto:` URI.
+*
+* The check rejects values that do not match the standard email format
+* pattern. The format pattern excludes whitespace, which means a CRLF
+* sequence (or its percent-encoded form embedded by the caller) cannot
+* pass — eliminating the SMTP/`mailto` header-injection vector.
+*/
+function isSafeMailtoAddress(value) {
+	return EMAIL_FORMAT_PATTERN.test(value);
+}
+/**
+* Property names that must never be traversed via dynamic indexing on an
+* untrusted object. Walking into any of these returns `Object.prototype`
+* (or similar) and lets an attacker plant fields visible to every plain
+* object in the runtime.
+*/
+const PROTOTYPE_POLLUTING_KEYS = new Set([
+	"__proto__",
+	"constructor",
+	"prototype"
+]);
+/**
+* Decide whether `key` is one of the prototype-polluting property names
+* (`__proto__`, `constructor`, `prototype`).
+*
+* Used by JSON Pointer resolvers and by the JSON Schema `properties`
+* walker to refuse traversal into these names.
+*/
+function isPrototypePollutingKey(key) {
+	return PROTOTYPE_POLLUTING_KEYS.has(key);
+}
+//#endregion
+export { isPrototypePollutingKey, isSafeHyperlink, isSafeMailtoAddress };

package/dist/core/version.d.mts

@@ -1,2 +1,2 @@
-import { a as detectOpenApiVersion, c as isOpenApi30, d as matchJsonSchemaDraftUri, i as detectJsonSchemaDraft, l as isOpenApi31, n as JsonSchemaDraft, o as inferJsonSchemaDraft, r as OpenApiVersionInfo, s as inferJsonSchemaDraftWithReason, t as InferredDraft, u as isSwagger2 } from "../version-XNH7PRGP.mjs";
-export { InferredDraft, JsonSchemaDraft, OpenApiVersionInfo, detectJsonSchemaDraft, detectOpenApiVersion, inferJsonSchemaDraft, inferJsonSchemaDraftWithReason, isOpenApi30, isOpenApi31, isSwagger2, matchJsonSchemaDraftUri };
+import { a as detectJsonSchemaDraft, c as inferJsonSchemaDraftWithReason, d as isSwagger2, f as matchJsonSchemaDraftUri, i as OpenApiVersionInfo, l as isOpenApi30, n as JsonSchemaDialectInfo, o as detectOpenApiVersion, p as readJsonSchemaDialect, r as JsonSchemaDraft, s as inferJsonSchemaDraft, t as InferredDraft, u as isOpenApi31 } from "../version-D-u7aMfy.mjs";
+export { InferredDraft, JsonSchemaDialectInfo, JsonSchemaDraft, OpenApiVersionInfo, detectJsonSchemaDraft, detectOpenApiVersion, inferJsonSchemaDraft, inferJsonSchemaDraftWithReason, isOpenApi30, isOpenApi31, isSwagger2, matchJsonSchemaDraftUri, readJsonSchemaDialect };

package/dist/core/version.mjs

@@ -157,5 +157,29 @@ function isOpenApi31(version) {
 function isSwagger2(version) {
 	return version.major === 2;
 }
+/**
+* Inspect an OpenAPI 3.1 document for a `jsonSchemaDialect` declaration.
+*
+* Per the OpenAPI 3.1 spec, an OpenAPI document may declare the default
+* JSON Schema dialect for its Schema Objects via the top-level
+* `jsonSchemaDialect` URI. Real-world 3.1 documents overwhelmingly omit
+* the keyword and rely on the spec-defined Draft 2020-12 default — this
+* helper surfaces the declaration so the normaliser can either honour a
+* known dialect or emit a diagnostic for an unknown one.
+*/
+function readJsonSchemaDialect(doc) {
+	const value = doc.jsonSchemaDialect;
+	if (typeof value !== "string") return { kind: "absent" };
+	const draft = matchJsonSchemaDraftUri(value);
+	if (draft === void 0) return {
+		kind: "unknown",
+		uri: value
+	};
+	return {
+		kind: "known",
+		uri: value,
+		draft
+	};
+}
 //#endregion
-export { detectJsonSchemaDraft, detectOpenApiVersion, inferJsonSchemaDraft, inferJsonSchemaDraftWithReason, isOpenApi30, isOpenApi31, isSwagger2, matchJsonSchemaDraftUri };
+export { detectJsonSchemaDraft, detectOpenApiVersion, inferJsonSchemaDraft, inferJsonSchemaDraftWithReason, isOpenApi30, isOpenApi31, isSwagger2, matchJsonSchemaDraftUri, readJsonSchemaDialect };

package/dist/core/walkBuilders.d.mts

@@ -1,6 +1,6 @@
-import { M as WalkedField, O as StringField, T as SchemaMeta, b as NumberField, c as FieldBase, j as UnknownField, o as Editability, p as FileField, r as BooleanField, v as NullField } from "../types-D_5ST7SS.mjs";
-import { i as DiagnosticsOptions } from "../diagnostics-VgEKI_Ct.mjs";
-import { t as ExternalResolver } from "../ref-Bb43ZURY.mjs";
+import { M as WalkedField, O as StringField, T as SchemaMeta, b as NumberField, c as FieldBase, j as UnknownField, o as Editability, p as FileField, r as BooleanField, v as NullField } from "../types-C9zw9wbX.mjs";
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
+import { t as ExternalResolver } from "../ref-C8JbwfiS.mjs";
 
 //#region src/core/walkBuilders.d.ts
 declare function getString(obj: Record<string, unknown>, key: string): string | undefined;

package/dist/core/walker.d.mts

@@ -1,4 +1,4 @@
-import { M as WalkedField } from "../types-D_5ST7SS.mjs";
+import { M as WalkedField } from "../types-C9zw9wbX.mjs";
 import { WalkOptions } from "./walkBuilders.mjs";
 
 //#region src/core/walker.d.ts