schema-components 1.19.0 → 1.21.0

package/dist/core/adapter.d.mts

@@ -1,10 +1,17 @@
-import { T as SchemaMeta, m as JsonObject } from "../types-D_5ST7SS.mjs";
-import { i as DiagnosticsOptions } from "../diagnostics-VgEKI_Ct.mjs";
+import { T as SchemaMeta, m as JsonObject } from "../types-BnxPEElk.mjs";
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
 
 //#region src/core/adapter.d.ts
 type SchemaInput = Record<string, unknown>;
 type SchemaKind = "zod4" | "zod3" | "jsonSchema" | "openapi";
 declare function detectSchemaKind(input: unknown): SchemaKind;
+/**
+ * Exposed for unit testing — lets the contract test enumerate every rule's
+ * `prefix` value and assert mutual non-prefixing.
+ */
+declare const __CLASSIFIER_RULES_FOR_TEST: readonly {
+  readonly prefix: string;
+}[];
 interface NormalisedSchema {
   /** JSON Schema object — the authoritative schema for rendering. */
   jsonSchema: JsonObject;
@@ -21,4 +28,4 @@ interface NormaliseOptions {
 }
 declare function normaliseSchema(input: unknown, ref?: string, options?: NormaliseOptions): NormalisedSchema;
 //#endregion
-export { type JsonObject, NormaliseOptions, NormalisedSchema, SchemaInput, SchemaKind, type SchemaMeta, detectSchemaKind, normaliseSchema };
+export { type JsonObject, NormaliseOptions, NormalisedSchema, SchemaInput, SchemaKind, type SchemaMeta, __CLASSIFIER_RULES_FOR_TEST, detectSchemaKind, normaliseSchema };

package/dist/core/adapter.mjs

@@ -3,7 +3,7 @@ import { SchemaNormalisationError } from "./errors.mjs";
 import { emitDiagnostic } from "./diagnostics.mjs";
 import { dereference } from "./ref.mjs";
 import { detectOpenApiVersion, inferJsonSchemaDraftWithReason, isSwagger2, matchJsonSchemaDraftUri } from "./version.mjs";
-import { a as normaliseOpenApiSchemas, i as normaliseJsonSchema$1 } from "../normalise-C0ofw3W6.mjs";
+import { a as normaliseOpenApiSchemas, i as normaliseJsonSchema$1 } from "../normalise-DaSrnr8g.mjs";
 import { z } from "zod";
 //#region src/core/adapter.ts
 /**
@@ -36,12 +36,36 @@ function detectSchemaKind(input) {
 * SchemaNormalisationError so the caller does not have to re-parse error
 * message strings. The classification covers:
 *
-* - Nested Zod 3 schemas inside a Zod 4 tree (which surface as
-*   "Cannot read properties of undefined (reading 'def')") → zod3-unsupported
-* - Transforms ("Transforms cannot be represented") → zod-transform-unsupported
-* - Unrepresentable types ("BigInt cannot be represented", "Date cannot be
-*   represented", etc.) → zod-type-unrepresentable
-* - Anything else → zod-conversion-failed
+* - Nested Zod 3 schemas inside a Zod 4 tree → zod3-unsupported.
+*   Detected structurally (presence of `_def.typeName` markers anywhere
+*   in the schema tree) so the check works across V8, JavaScriptCore,
+*   and SpiderMonkey, none of which agree on the wording of
+*   "Cannot read properties of undefined".
+* - Transforms → zod-transform-unsupported. This also catches `z.codec(…)`
+*   because Zod implements codecs as a pipe + transform internally, so
+*   they trip the same processor when round-tripping is forced. (Plain
+*   `z.toJSONSchema(codec)` itself does NOT throw because Zod picks one
+*   side of the codec; the static rejection in `typeInference.ts` is the
+*   compile-time guard.)
+* - Dynamic catch values whose handler throws → zod-type-unrepresentable
+*   with zodType "dynamic-catch".
+* - Unrepresentable types — bigint, date, map, set, symbol, function, custom,
+*   undefined, void, NaN, and the literal-only forms `z.literal(undefined)`
+*   ("undefined-literal") and `z.literal(<bigint>)` ("bigint-literal") →
+*   zod-type-unrepresentable.
+* - The catch-all "Non-representable type encountered: <type>" fallback Zod
+*   emits for any new schema kind without a registered processor →
+*   zod-type-unrepresentable with zodType set to the offending def.type.
+* - Cycle detected (`cycles: "throw"`) → zod-cycle-detected.
+* - Duplicate schema id → zod-duplicate-id.
+* - "Unprocessed schema. This is a bug in Zod." → zod-conversion-bug.
+* - "Error converting schema to JSON." → zod-conversion-failed (explicit
+*   classification rather than the generic fallback so the contract test
+*   protects the prefix from drift).
+* - Anything else → zod-conversion-failed.
+*
+* The original error is preserved on each classified error via the `cause`
+* field so consumers can still inspect the Zod stack trace.
 */
 function callToJsonSchema(schema) {
 	try {
@@ -51,36 +75,218 @@ function callToJsonSchema(schema) {
 	}
 }
 /**
-* Error messages emitted by Zod 4's z.toJSONSchema for unrepresentable types.
-* Mapping is exact-prefix on the message and the corresponding Zod type name
-* surfaced to the consumer via SchemaNormalisationError.zodType.
+* Escape a string for inclusion in a `RegExp`. Required because Zod
+* messages contain `[`, `]`, `.`, `(`, and `)` characters which have regex
+* meaning. The set covers every character with special meaning in a
+* JavaScript regular-expression source — RegExp.escape is not yet widely
+* available so we escape manually.
+*/
+function escapeRegExp(literal) {
+	return literal.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+/**
+* Compile a prefix into an anchored regex that captures any trailing text
+* (used by rules that need to extract dynamic data such as the duplicate id
+* or the def.type that tripped the non-representable fallback).
+*/
+function anchored(prefix) {
+	return new RegExp(`^${escapeRegExp(prefix)}(.*)$`, "s");
+}
+/**
+* Build the message body shared by every unrepresentable-type rule.
+*/
+function unrepresentableMessage(typeName, fullMessage) {
+	return `Zod type ${typeName} cannot be represented in JSON Schema and is not supported by schema-components. Original message: ${fullMessage}`;
+}
+/**
+* Classifier rules ordered most-specific first. Order is load-bearing:
+* `Literal \`undefined\` cannot be represented` must precede the broader
+* `Undefined cannot be represented` so the literal classification wins
+* even when both share a leading word. A consistency check in the unit
+* test suite asserts no two `prefix` values are prefixes of each other —
+* any future rule that breaks the invariant fails the build.
 *
-* Source: zod/src/v4/core/to-json-schema.ts ("cannot be represented" messages).
+* Verbatim sources (kept aligned with `tests/zod-error-wording-contract.unit.test.ts`):
+* - zod/src/v4/core/json-schema-processors.ts L104 (bigint), L110 (symbol),
+*   L126 (undefined), L132 (void), L150 (date), L169 (literal-undefined),
+*   L175 (literal-bigint), L204 (NaN), L246 (custom), L252 (function),
+*   L258 (transforms), L264 (map), L270 (set), L521 (dynamic catch).
+* - zod/src/v4/core/to-json-schema.ts L182 (non-representable type fallback),
+*   L225 + L364 (unprocessed schema), L235 (duplicate id), L307 (cycle),
+*   L522 (error converting).
 */
-const UNREPRESENTABLE_ZOD_TYPES = [
-	["BigInt cannot be represented", "bigint"],
-	["Date cannot be represented", "date"],
-	["Map cannot be represented", "map"],
-	["Set cannot be represented", "set"],
-	["Symbols cannot be represented", "symbol"],
-	["Function types cannot be represented", "function"],
-	["Undefined cannot be represented", "undefined"],
-	["Void cannot be represented", "void"],
-	["NaN cannot be represented", "nan"]
+const CLASSIFIER_RULES = [
+	{
+		prefix: "Literal `undefined` cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "undefined-literal",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("undefined-literal", full), schema, "zod-type-unrepresentable", "undefined-literal", cause)
+	},
+	{
+		prefix: "BigInt literals cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "bigint-literal",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("bigint-literal", full), schema, "zod-type-unrepresentable", "bigint-literal", cause)
+	},
+	{
+		prefix: "BigInt cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "bigint",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("bigint", full), schema, "zod-type-unrepresentable", "bigint", cause)
+	},
+	{
+		prefix: "Date cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "date",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("date", full), schema, "zod-type-unrepresentable", "date", cause)
+	},
+	{
+		prefix: "Map cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "map",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("map", full), schema, "zod-type-unrepresentable", "map", cause)
+	},
+	{
+		prefix: "Set cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "set",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("set", full), schema, "zod-type-unrepresentable", "set", cause)
+	},
+	{
+		prefix: "Symbols cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "symbol",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("symbol", full), schema, "zod-type-unrepresentable", "symbol", cause)
+	},
+	{
+		prefix: "Function types cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "function",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("function", full), schema, "zod-type-unrepresentable", "function", cause)
+	},
+	{
+		prefix: "Custom types cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "custom",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("custom", full), schema, "zod-type-unrepresentable", "custom", cause)
+	},
+	{
+		prefix: "Undefined cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "undefined",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("undefined", full), schema, "zod-type-unrepresentable", "undefined", cause)
+	},
+	{
+		prefix: "Void cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "void",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("void", full), schema, "zod-type-unrepresentable", "void", cause)
+	},
+	{
+		prefix: "NaN cannot be represented",
+		kind: "zod-type-unrepresentable",
+		zodType: "nan",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(unrepresentableMessage("nan", full), schema, "zod-type-unrepresentable", "nan", cause)
+	},
+	{
+		prefix: "Transforms cannot be represented",
+		kind: "zod-transform-unsupported",
+		build: (_m, cause, schema) => new SchemaNormalisationError("Zod transforms cannot be represented in JSON Schema. Remove the .transform() call, or pre-transform the input before passing it to the component. (Note: z.codec(...) is implemented as a transform internally — codecs that force round-tripping trip this same rule.)", schema, "zod-transform-unsupported", void 0, cause)
+	},
+	{
+		prefix: "Dynamic catch values are not supported",
+		kind: "zod-type-unrepresentable",
+		zodType: "dynamic-catch",
+		build: (_m, cause, schema) => new SchemaNormalisationError("Zod catch values that depend on runtime computation cannot be represented in JSON Schema. Provide a static catch value or remove the .catch() call.", schema, "zod-type-unrepresentable", "dynamic-catch", cause)
+	},
+	{
+		prefix: "[toJSONSchema]: Non-representable type encountered:",
+		kind: "zod-type-unrepresentable",
+		build: (match, cause, schema, full) => {
+			const trailing = match[1]?.trim() ?? "";
+			const typeName = trailing.length > 0 ? trailing.split(/\s+/)[0] : void 0;
+			return new SchemaNormalisationError(`Zod encountered a schema kind${typeName !== void 0 ? ` "${typeName}"` : ""} with no JSON Schema processor registered. This usually means Zod added a new schema type that schema-components does not yet support. Original message: ${full}`, schema, "zod-type-unrepresentable", typeName, cause);
+		}
+	},
+	{
+		prefix: "Cycle detected: ",
+		kind: "zod-cycle-detected",
+		build: (match, cause, schema, full) => {
+			return new SchemaNormalisationError(`Zod detected a cycle in the schema graph at ${(match[1] ?? "").split(/\s+/)[0] ?? ""}. Cycles can only be converted when z.toJSONSchema is called with { cycles: "ref" } — schema-components calls it without options for cache safety, so the cycle surfaces as an error. Restructure the schema to break the cycle, or use a $ref-based definition. Original message: ${full}`, schema, "zod-cycle-detected", void 0, cause);
+		}
+	},
+	{
+		prefix: "Duplicate schema id \"",
+		kind: "zod-duplicate-id",
+		build: (match, cause, schema, full) => {
+			const trailing = match[1] ?? "";
+			const closing = trailing.indexOf("\"");
+			return new SchemaNormalisationError(`Two different Zod schemas share the same id "${closing === -1 ? trailing : trailing.slice(0, closing)}". JSON Schema requires distinct ids when multiple schemas are bundled together. Give each schema its own .meta({ id: ... }) or remove the duplicate. Original message: ${full}`, schema, "zod-duplicate-id", void 0, cause);
+		}
+	},
+	{
+		prefix: "Unprocessed schema. This is a bug in Zod.",
+		kind: "zod-conversion-bug",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(`Zod failed to process this schema during JSON Schema conversion and reports it as an internal bug. File an issue on the Zod tracker with a reproduction. Original message: ${full}`, schema, "zod-conversion-bug", void 0, cause)
+	},
+	{
+		prefix: "Error converting schema to JSON.",
+		kind: "zod-conversion-failed",
+		build: (_m, cause, schema, full) => new SchemaNormalisationError(`z.toJSONSchema() failed to produce a Standard Schema payload. Inspect the underlying cause for the original error. Original message: ${full}`, schema, "zod-conversion-failed", void 0, cause)
+	}
 ];
 /**
-* The cryptic error produced when z.toJSONSchema encounters a nested Zod 3
-* schema (one without `_zod.def`). Reproduced verbatim from Node's TypeError
-* for property access on undefined.
+* Compiled regex form of {@link CLASSIFIER_RULES} — built once at module
+* load. Avoids per-error compilation.
+*/
+const COMPILED_CLASSIFIER_RULES = CLASSIFIER_RULES.map((rule) => ({
+	rule,
+	pattern: anchored(rule.prefix)
+}));
+/**
+* Walk an arbitrary value looking for Zod 3 markers (`_def.typeName`).
+* Zod 4 schemas always carry a `_zod.def`; Zod 3 schemas carry `_def`
+* with a `typeName` field. Presence of the latter anywhere in the tree
+* means a Zod 3 schema was nested inside a Zod 4 input, which is what
+* trips the V8 `"Cannot read properties of undefined"` failure.
+*
+* Engine-agnostic by construction — the detector inspects schema shape
+* instead of pattern-matching against the runtime's TypeError message,
+* so it works equivalently under V8, JavaScriptCore (Bun/Safari), and
+* SpiderMonkey (Firefox) — none of which agree on the wording.
+*
+* The walk is bounded by an explicit `visited` set so cyclical references
+* cannot cause stack overflow. The recursion follows both array elements
+* and own enumerable properties of every object encountered.
 */
-const NESTED_ZOD3_MARKER = "Cannot read properties of undefined";
+function containsNestedZod3(value, visited) {
+	if (value === null || typeof value !== "object") return false;
+	if (visited.has(value)) return false;
+	visited.add(value);
+	if (Array.isArray(value)) {
+		for (const item of value) if (containsNestedZod3(item, visited)) return true;
+		return false;
+	}
+	if (!isObject(value)) return false;
+	const def = value._def;
+	if (value._zod === void 0 && isObject(def) && typeof def.typeName === "string") return true;
+	for (const key of Object.keys(value)) if (containsNestedZod3(value[key], visited)) return true;
+	return false;
+}
 function classifyZodConversionError(err, schema) {
 	const message = err instanceof Error ? err.message : String(err);
-	if (message.includes(NESTED_ZOD3_MARKER)) return new SchemaNormalisationError("A nested Zod 3 schema was found inside a Zod 4 schema. schema-components requires Zod 4 throughout the schema tree. See the Zod 4 migration guide at https://zod.dev/v4/migration or run: pnpm add zod@^4", schema, "zod3-unsupported");
-	if (message.includes("Transforms cannot be represented")) return new SchemaNormalisationError("Zod transforms cannot be represented in JSON Schema. Remove the .transform() call, or pre-transform the input before passing it to the component.", schema, "zod-transform-unsupported");
-	for (const [prefix, typeName] of UNREPRESENTABLE_ZOD_TYPES) if (message.includes(prefix)) return new SchemaNormalisationError(`Zod type ${typeName} cannot be represented in JSON Schema and is not supported by schema-components. Original message: ${message}`, schema, "zod-type-unrepresentable", typeName);
-	return new SchemaNormalisationError(`z.toJSONSchema() failed: ${message}`, schema, "zod-conversion-failed");
+	if (containsNestedZod3(schema, /* @__PURE__ */ new Set())) return new SchemaNormalisationError("A nested Zod 3 schema was found inside a Zod 4 schema. schema-components requires Zod 4 throughout the schema tree. See the Zod 4 migration guide at https://zod.dev/v4/migration or run: pnpm add zod@^4", schema, "zod3-unsupported", void 0, err);
+	for (const { rule, pattern } of COMPILED_CLASSIFIER_RULES) {
+		const match = pattern.exec(message);
+		if (match !== null) return rule.build(match, err, schema, message);
+	}
+	return new SchemaNormalisationError(`z.toJSONSchema() failed: ${message}`, schema, "zod-conversion-failed", void 0, err);
 }
+/**
+* Exposed for unit testing — lets the contract test enumerate every rule's
+* `prefix` value and assert mutual non-prefixing.
+*/
+const __CLASSIFIER_RULES_FOR_TEST = CLASSIFIER_RULES;
 function normaliseSchema(input, ref, options) {
 	if (ref === void 0 && isObject(input)) {
 		const cached = schemaCache.get(input);
@@ -206,7 +412,7 @@ function resolveOpenApiRef(doc, ref) {
 		if (!isObject(resolved)) throw new Error(`OpenAPI ref not found: ${ref}`);
 		return resolved;
 	}
-	const pathMatch = /^\/(.+)\/(get|post|put|patch|delete)$/.exec(ref);
+	const pathMatch = /^\/(.+)\/(get|post|put|patch|delete|head|options|trace)$/.exec(ref);
 	if (pathMatch?.[1] !== void 0 && pathMatch[2] !== void 0) {
 		const pathStr = pathMatch[1];
 		const method = pathMatch[2];
@@ -244,4 +450,4 @@ function extractRootMetaFromJson(jsonSchema) {
 	return Object.keys(meta).length > 0 ? meta : void 0;
 }
 //#endregion
-export { detectSchemaKind, normaliseSchema };
+export { __CLASSIFIER_RULES_FOR_TEST, detectSchemaKind, normaliseSchema };

package/dist/core/constraints.d.mts

@@ -1,5 +1,5 @@
-import { D as StringConstraints, f as FileConstraints, t as ArrayConstraints, x as ObjectConstraints, y as NumberConstraints } from "../types-D_5ST7SS.mjs";
-import { i as DiagnosticsOptions } from "../diagnostics-VgEKI_Ct.mjs";
+import { D as StringConstraints, f as FileConstraints, t as ArrayConstraints, x as ObjectConstraints, y as NumberConstraints } from "../types-BnxPEElk.mjs";
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
 
 //#region src/core/constraints.d.ts
 declare function extractStringConstraints(schema: Record<string, unknown>, diagnostics?: DiagnosticsOptions, pointer?: string): StringConstraints;

package/dist/core/constraints.mjs

@@ -61,8 +61,6 @@ function extractArrayConstraints(schema) {
 	const maxItems = getNumber(schema, "maxItems");
 	if (maxItems !== void 0) c.maxItems = maxItems;
 	if (schema.uniqueItems === true) c.uniqueItems = true;
-	const contains = getObject(schema, "contains");
-	if (contains !== void 0) c.contains = contains;
 	const minContains = getNumber(schema, "minContains");
 	if (minContains !== void 0) c.minContains = minContains;
 	const maxContains = getNumber(schema, "maxContains");

package/dist/core/diagnostics.d.mts

@@ -1,2 +1,2 @@
-import { a as appendPointer, i as DiagnosticsOptions, n as DiagnosticCode, o as emitDiagnostic, r as DiagnosticSink, t as Diagnostic } from "../diagnostics-VgEKI_Ct.mjs";
+import { a as appendPointer, i as DiagnosticsOptions, n as DiagnosticCode, o as emitDiagnostic, r as DiagnosticSink, t as Diagnostic } from "../diagnostics-CbBPsxSt.mjs";
 export { Diagnostic, DiagnosticCode, DiagnosticSink, DiagnosticsOptions, appendPointer, emitDiagnostic };

package/dist/core/errors.d.mts

@@ -1,2 +1,2 @@
-import { i as SchemaRenderError, n as SchemaFieldError, r as SchemaNormalisationError, t as SchemaError } from "../errors-CnGjT1cg.mjs";
+import { i as SchemaRenderError, n as SchemaFieldError, r as SchemaNormalisationError, t as SchemaError } from "../errors-QEwOtQAA.mjs";
 export { SchemaError, SchemaFieldError, SchemaNormalisationError, SchemaRenderError };

package/dist/core/errors.mjs

@@ -14,12 +14,17 @@
 /**
 * Base class for all schema-components errors.
 * Catch this to handle any library error uniformly.
+*
+* Forwards the optional `cause` to the native ES2022 `Error` constructor so
+* `error.cause` is wired up by the runtime and rendered correctly by
+* `util.inspect` ("Caused by: ..."). Subclasses that need a typed `cause`
+* field still get it via the platform's own `Error.cause` getter.
 */
 var SchemaError = class extends Error {
 	/** The schema input that caused the error. */
 	schema;
-	constructor(message, schema) {
-		super(message);
+	constructor(message, schema, cause) {
+		super(message, cause !== void 0 ? { cause } : void 0);
 		this.name = "SchemaError";
 		this.schema = schema;
 	}
@@ -37,8 +42,8 @@ var SchemaNormalisationError = class extends SchemaError {
 	* (e.g. "bigint", "date", "map", "set"). `undefined` for other kinds.
 	*/
 	zodType;
-	constructor(message, schema, kind, zodType) {
-		super(message, schema);
+	constructor(message, schema, kind, zodType, cause) {
+		super(message, schema, cause);
 		this.name = "SchemaNormalisationError";
 		this.kind = kind;
 		this.zodType = zodType;
@@ -52,13 +57,10 @@ var SchemaNormalisationError = class extends SchemaError {
 var SchemaRenderError = class extends SchemaError {
 	/** The schema type being rendered when the error occurred. */
 	schemaType;
-	/** The original error from the render function. */
-	cause;
 	constructor(message, schema, schemaType, cause) {
-		super(message, schema);
+		super(message, schema, cause);
 		this.name = "SchemaRenderError";
 		this.schemaType = schemaType;
-		this.cause = cause;
 	}
 };
 /**

package/dist/core/fieldOrder.d.mts

@@ -1,4 +1,4 @@
-import { M as WalkedField } from "../types-D_5ST7SS.mjs";
+import { M as WalkedField } from "../types-BnxPEElk.mjs";
 
 //#region src/core/fieldOrder.d.ts
 /**

package/dist/core/formats.d.mts

@@ -1,18 +1,14 @@
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
+
 //#region src/core/formats.d.ts
 /**
- * Built-in format patterns for JSON Schema string validation.
- *
- * Maps standard JSON Schema/OpenAPI `format` values to RegExp patterns
- * or predicate validators. Used by the constraint extractor to derive
- * `formatPattern` alongside the existing `format` string, and by the
- * `validate` helper for runtime format checking.
- *
- * Formats that cannot be validated by regex (iri, regex) use predicate
- * functions instead. `validateFormat` dispatches to whichever is available.
- *
- * The user's explicit `pattern` constraint always takes precedence —
- * `formatPattern` is exposed as a separate field for renderers.
+ * Maximum length of a string that will be compiled by `new RegExp(...)`.
+ * Patterns that exceed this cap are rejected without compilation. A
+ * pathological pattern (e.g. `(a+)+`) doesn't need to be long to hang,
+ * but the cap is cheap defence and stops obviously hostile input before
+ * it reaches the regex engine.
  */
+declare const MAX_REGEX_PATTERN_LENGTH = 500;
 /**
  * A format validator: either a RegExp pattern or a predicate function.
  */
@@ -21,13 +17,24 @@ type FormatValidator = RegExp | ((value: string) => boolean);
  * Recognised JSON Schema formats with their validation patterns.
  * Unknown formats emit an `unknown-format` diagnostic and skip derivation.
  */
+/**
+ * Email format pattern, exported as a named const so callers that need a
+ * guaranteed `RegExp` (rather than the `RegExp | undefined` shape of
+ * `FORMAT_PATTERNS[name]` under `noUncheckedIndexedAccess`) can import it
+ * directly. Used by the URI safety helpers for mailto address checks.
+ */
+declare const EMAIL_FORMAT_PATTERN: RegExp;
 declare const FORMAT_PATTERNS: Readonly<Record<string, RegExp>>;
 /**
  * Validate a string value against format constraints.
  * Returns `true` when the value matches the format,
  * `false` when it does not, and `undefined` when the format
  * is not recognised (no validator available).
+ *
+ * `diagnostics` and `pointer` are forwarded to validators that can
+ * surface structured diagnostics — currently the `regex` format, which
+ * emits `pattern-invalid` for over-length or malformed input.
  */
-declare function validateFormat(value: string, format: string): boolean | undefined;
+declare function validateFormat(value: string, format: string, diagnostics?: DiagnosticsOptions, pointer?: string): boolean | undefined;
 //#endregion
-export { FORMAT_PATTERNS, FormatValidator, validateFormat };
+export { EMAIL_FORMAT_PATTERN, FORMAT_PATTERNS, FormatValidator, MAX_REGEX_PATTERN_LENGTH, validateFormat };

package/dist/core/formats.mjs

@@ -1,11 +1,27 @@
+import { emitDiagnostic } from "./diagnostics.mjs";
 //#region src/core/formats.ts
 /**
+* Maximum length of a string that will be compiled by `new RegExp(...)`.
+* Patterns that exceed this cap are rejected without compilation. A
+* pathological pattern (e.g. `(a+)+`) doesn't need to be long to hang,
+* but the cap is cheap defence and stops obviously hostile input before
+* it reaches the regex engine.
+*/
+const MAX_REGEX_PATTERN_LENGTH = 500;
+/**
 * Recognised JSON Schema formats with their validation patterns.
 * Unknown formats emit an `unknown-format` diagnostic and skip derivation.
 */
+/**
+* Email format pattern, exported as a named const so callers that need a
+* guaranteed `RegExp` (rather than the `RegExp | undefined` shape of
+* `FORMAT_PATTERNS[name]` under `noUncheckedIndexedAccess`) can import it
+* directly. Used by the URI safety helpers for mailto address checks.
+*/
+const EMAIL_FORMAT_PATTERN = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
 const FORMAT_PATTERNS = {
 	uuid: /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i,
-	email: /^[^\s@]+@[^\s@]+\.[^\s@]+$/,
+	email: EMAIL_FORMAT_PATTERN,
 	"date-time": /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\.\d+)?(Z|[+-]\d{2}:\d{2})$/,
 	date: /^\d{4}-\d{2}-\d{2}$/,
 	time: /^\d{2}:\d{2}:\d{2}(\.\d+)?(Z|[+-]\d{2}:\d{2})?$/,
@@ -27,11 +43,22 @@ const FORMAT_PATTERNS = {
 	cidrv6: /^(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|::|([0-9a-fA-F]{1,4})?::([0-9a-fA-F]{1,4}:?){0,6})\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])$/,
 	base64: /^$|^(?:[0-9a-zA-Z+/]{4})*(?:(?:[0-9a-zA-Z+/]{2}==)|(?:[0-9a-zA-Z+/]{3}=))?$/,
 	base64url: /^[A-Za-z0-9_-]*$/,
-	e164: /^\+[1-9]\d{6,14}$/
+	e164: /^\+[1-9]\d{6,14}$/,
+	emoji: /^(\p{Extended_Pictographic}|\p{Emoji_Component})+$/u,
+	ulid: /^[0-9A-HJKMNP-TV-Za-hjkmnp-tv-z]{26}$/,
+	xid: /^[0-9a-vA-V]{20}$/,
+	ksuid: /^[A-Za-z0-9]{27}$/,
+	lowercase: /^[^A-Z]*$/,
+	uppercase: /^[^a-z]*$/,
+	jwt: /^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]*$/
 };
 /**
 * Format validators that use predicate functions instead of regex.
 * These are checked in `validateFormat` when no regex pattern exists.
+*
+* The `regex` format is intentionally absent here — it requires a
+* length cap and structured diagnostic emission and is handled via
+* {@link validateRegexFormat} directly from {@link validateFormat}.
 */
 const PREDICATE_VALIDATORS = {
 	iri: (value) => {
@@ -57,19 +84,76 @@ const PREDICATE_VALIDATORS = {
 		} catch {
 			return false;
 		}
+	},
+	"json-string": (value) => {
+		try {
+			JSON.parse(value);
+			return true;
+		} catch {
+			return false;
+		}
 	}
 };
 /**
+* Validate that a string is a syntactically valid regular expression.
+*
+* Hardened against ReDoS-style abuse:
+* - Values longer than {@link MAX_REGEX_PATTERN_LENGTH} are treated as
+*   "format unmatched" without ever being compiled.
+* - Any `SyntaxError` thrown by `new RegExp(...)` (malformed pattern,
+*   invalid flags, unbalanced groups) is caught and treated as "format
+*   unmatched".
+*
+* In both cases a diagnostic is emitted when a sink is supplied so
+* callers can surface the offending value to the schema author.
+*/
+function validateRegexFormat(value, diagnostics, pointer) {
+	if (value.length > 500) {
+		emitDiagnostic(diagnostics, {
+			code: "pattern-invalid",
+			message: `Pattern length (${String(value.length)}) exceeds maximum (${String(500)}); treating as unmatched`,
+			pointer,
+			detail: {
+				reason: "length-exceeded",
+				length: value.length,
+				maxLength: 500
+			}
+		});
+		return false;
+	}
+	try {
+		new RegExp(value);
+		return true;
+	} catch (error) {
+		const message = error instanceof Error ? error.message : String(error);
+		emitDiagnostic(diagnostics, {
+			code: "pattern-invalid",
+			message: `Failed to compile pattern as RegExp: ${message}; treating as unmatched`,
+			pointer,
+			detail: {
+				reason: "compile-error",
+				error: message
+			}
+		});
+		return false;
+	}
+}
+/**
 * Validate a string value against format constraints.
 * Returns `true` when the value matches the format,
 * `false` when it does not, and `undefined` when the format
 * is not recognised (no validator available).
+*
+* `diagnostics` and `pointer` are forwarded to validators that can
+* surface structured diagnostics — currently the `regex` format, which
+* emits `pattern-invalid` for over-length or malformed input.
 */
-function validateFormat(value, format) {
+function validateFormat(value, format, diagnostics, pointer = "") {
 	const pattern = FORMAT_PATTERNS[format];
 	if (pattern !== void 0) return pattern.test(value);
+	if (format === "regex") return validateRegexFormat(value, diagnostics, pointer);
 	const predicate = PREDICATE_VALIDATORS[format];
 	if (predicate !== void 0) return predicate(value);
 }
 //#endregion
-export { FORMAT_PATTERNS, validateFormat };
+export { EMAIL_FORMAT_PATTERN, FORMAT_PATTERNS, MAX_REGEX_PATTERN_LENGTH, validateFormat };

package/dist/core/merge.d.mts

@@ -1,4 +1,4 @@
-import { i as DiagnosticsOptions } from "../diagnostics-VgEKI_Ct.mjs";
+import { i as DiagnosticsOptions } from "../diagnostics-CbBPsxSt.mjs";
 
 //#region src/core/merge.d.ts
 /**
@@ -25,8 +25,17 @@ declare function mergeRefSiblings(referencer: Record<string, unknown>, resolvedM
  * When a later branch redefines a keyword with a non-equal value the
  * later value is silently dropped — an `allof-conflict` diagnostic is
  * emitted so the loss is visible to consumers.
+ *
+ * Boolean branches (valid per Draft 06+) collapse the composite:
+ * - `false` makes the entire \`allOf\` unsatisfiable — return \`false\`,
+ *   which the walker turns into a \`NeverField\`.
+ * - \`true\` is the always-valid schema and contributes no constraints —
+ *   skip silently.
+ *
+ * Non-boolean, non-object entries (e.g. arrays, numbers) are malformed
+ * inputs that cannot represent a schema; skip them as before.
  */
-declare function mergeAllOf(schemas: unknown[], diagnostics?: DiagnosticsOptions, pointer?: string): Record<string, unknown>;
+declare function mergeAllOf(schemas: unknown[], diagnostics?: DiagnosticsOptions, pointer?: string): Record<string, unknown> | false;
 interface NormalisedAnyOf {
   inner: Record<string, unknown>;
   isNullable: boolean;

package/dist/core/merge.mjs

@@ -109,12 +109,23 @@ function mergeRefSiblings(referencer, resolvedMeta) {
 * When a later branch redefines a keyword with a non-equal value the
 * later value is silently dropped — an `allof-conflict` diagnostic is
 * emitted so the loss is visible to consumers.
+*
+* Boolean branches (valid per Draft 06+) collapse the composite:
+* - `false` makes the entire \`allOf\` unsatisfiable — return \`false\`,
+*   which the walker turns into a \`NeverField\`.
+* - \`true\` is the always-valid schema and contributes no constraints —
+*   skip silently.
+*
+* Non-boolean, non-object entries (e.g. arrays, numbers) are malformed
+* inputs that cannot represent a schema; skip them as before.
 */
 function mergeAllOf(schemas, diagnostics, pointer = "") {
 	const merged = {};
 	const properties = {};
 	const required = [];
 	for (const entry of schemas) {
+		if (entry === false) return false;
+		if (entry === true) continue;
 		if (!isObject(entry)) continue;
 		const props = getObject(entry, "properties");
 		if (props !== void 0) for (const [key, value] of Object.entries(props)) properties[key] = value;