schema-shield 0.0.3 → 0.0.4

package/lib/formats.ts

@@ -1,62 +1,190 @@
-import isMyIpValid from 'is-my-ip-valid';
-import { FormatFunction } from './index';
-import { ValidationError } from './utils';
-
-// The datetime 1990-02-31T15:59:60.123-08:00 must be rejected.
-const RegExps = {
-  'date-time': /^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})(\.\d+)?(Z|([+-])(\d{2}):(\d{2}))$/,
-  time: /^(\d{2}):(\d{2}):(\d{2})(\.\d+)?(Z|([+-])(\d{2}):(\d{2}))$/,
-  uri: /^[a-zA-Z][a-zA-Z0-9+\-.]*:[^\s]*$/,
-  email:
-    /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/,
-  hostname: /^[a-zA-Z0-9][a-zA-Z0-9-]{0,62}(\.[a-zA-Z0-9][a-zA-Z0-9-]{0,62})*[a-zA-Z0-9]$/,
-  date: /^(\d{4})-(\d{2})-(\d{2})$/,
-  'json-pointer': /^\/(?:[^~]|~0|~1)*$/,
-  'relative-json-pointer': /^([0-9]+)(#|\/(?:[^~]|~0|~1)*)?$/,
-};
+import { FormatFunction } from "./index";
 
 export const Formats: Record<string, FormatFunction | false> = {
-  ['date-time'](data) {
-    const upperCaseData = data.toUpperCase();
-    if (!RegExps['date-time'].test(upperCaseData)) {
+  ["date-time"](data) {
+    const match = data.match(
+      /^(\d{4})-(0[0-9]|1[0-2])-(\d{2})T(0[0-9]|1\d|2[0-3]):([0-5]\d):((?:[0-5]\d|60))(?:.\d+)?(?:([+-])(0[0-9]|1\d|2[0-3]):([0-5]\d)|Z)?$/i
+    );
+
+    if (!match) {
+      return false;
+    }
+
+    let day = Number(match[3]);
+
+    if (match[2] === "02" && day > 29) {
+      return false;
+    }
+
+    const [
+      ,
+      yearStr,
+      monthStr,
+      ,
+      hourStr,
+      minuteStr,
+      secondStr,
+      timezoneSign,
+      timezoneHourStr,
+      timezoneMinuteStr
+    ] = match;
+
+    let year = Number(yearStr);
+    let month = Number(monthStr);
+    let hour = Number(hourStr);
+    let minute = Number(minuteStr);
+    let second = Number(secondStr);
+
+    if (timezoneSign === "-" || timezoneSign === "+") {
+      const timezoneHour = Number(timezoneHourStr);
+      const timezoneMinute = Number(timezoneMinuteStr);
+
+      if (timezoneSign === "-") {
+        hour += timezoneHour;
+        minute += timezoneMinute;
+      } else if (timezoneSign === "+") {
+        hour -= timezoneHour;
+        minute -= timezoneMinute;
+      }
+
+      if (minute > 59) {
+        hour += 1;
+        minute -= 60;
+      } else if (minute < 0) {
+        hour -= 1;
+        minute += 60;
+      }
+
+      if (hour > 23) {
+        day += 1;
+        hour -= 24;
+      } else if (hour < 0) {
+        day -= 1;
+        hour += 24;
+      }
+
+      if (day > 31) {
+        month += 1;
+        day -= 31;
+      } else if (day < 1) {
+        month -= 1;
+        day += 31;
+      }
+
+      if (month > 12) {
+        year += 1;
+        month -= 12;
+      } else if (month < 1) {
+        year -= 1;
+        month += 12;
+      }
+
+      if (year < 0) {
+        return false;
+      }
+    }
+
+    const daysInMonth = [31, , 31, 30, 31, 30, 31, 31, 30, 31, 30, 31];
+    const maxDays =
+      month === 2
+        ? year % 4 === 0 && (year % 100 !== 0 || year % 400 === 0)
+          ? 29
+          : 28
+        : daysInMonth[month - 1];
+
+    if (day > maxDays) {
+      return false;
+    }
+
+    // Leap seconds
+    if (second === 60 && (minute !== 59 || hour !== 23)) {
       return false;
     }
 
-    const date = new Date(upperCaseData);
-    return !isNaN(date.getTime());
+    return true;
   },
   uri(data) {
-    return RegExps.uri.test(data);
+    return /^[a-zA-Z][a-zA-Z0-9+\-.]*:[^\s]*$/.test(data);
   },
   email(data) {
-    if (!RegExps.email.test(data)) {
+    return /^(?!\.)(?!.*\.$)[a-z0-9!#$%&'*+/=?^_`{|}~-]{1,20}(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]{1,21}){0,2}@[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?(?:\.[a-z0-9](?:[a-z0-9-]{0,60}[a-z0-9])?){0,3}$/i.test(
+      data
+    );
+  },
+  ipv4(data) {
+    // Matches a string formed by 4 numbers between 0 and 255 separated by dots without leading zeros
+    // /^((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])$/
+    return /^(?:(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])$/.test(
+      data
+    );
+  },
+
+  // ipv6: isMyIpValid({ version: 6 }),
+  ipv6(data) {
+    if (data === "::") {
+      return true;
+    }
+
+    if (
+      data.indexOf(":") === -1 ||
+      /(?:\s+|:::+|^\w{5,}|\w{5}$|^:{1}\w|\w:{1}$)/.test(data)
+    ) {
       return false;
     }
 
-    const [local, domain] = data.split('@');
+    const hasIpv4 = data.indexOf(".") !== -1;
+    let addressParts = data;
 
-    if (local.length > 64 || local.indexOf('..') !== -1 || local[0] === '.' || local[local.length - 1] === '.') {
-      return false;
+    if (hasIpv4) {
+      addressParts = data.split(":");
+      const ipv4Part = addressParts.pop();
+      if (
+        !/^(?:(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])$/.test(
+          ipv4Part
+        )
+      ) {
+        return false;
+      }
     }
 
-    if (domain.length > 255 || domain.indexOf('..') !== -1 || domain[0] === '.' || domain[domain.length - 1] === '.') {
-      return false;
+    const isShortened = data.indexOf("::") !== -1;
+    const ipv6Part = hasIpv4 ? addressParts.join(":") : data;
+
+    if (isShortened) {
+      if (ipv6Part.split("::").length - 1 > 1) {
+        return false;
+      }
+
+      if (!/^[0-9a-fA-F:.]*$/.test(ipv6Part)) {
+        return false;
+      }
+
+      return /^(?:(?:(?:[0-9a-fA-F]{1,4}(?::|$)){1,6}))|(?:::(?:[0-9a-fA-F]{1,4})){0,5}$/.test(
+        ipv6Part
+      );
     }
 
-    return true;
+    const isIpv6Valid =
+      /^(?:(?:[0-9a-fA-F]{1,4}:){7}(?:[0-9a-fA-F]{1,4}|:))$/.test(ipv6Part);
+
+    const hasInvalidChar = /(?:[0-9a-fA-F]{5,}|\D[0-9a-fA-F]{3}:)/.test(
+      ipv6Part
+    );
+
+    if (hasIpv4) {
+      return isIpv6Valid || !hasInvalidChar;
+    }
+
+    return isIpv6Valid && !hasInvalidChar;
   },
-  ipv4: isMyIpValid({ version: 4 }),
-  ipv6: isMyIpValid({ version: 6 }),
 
   hostname(data) {
-    return RegExps.hostname.test(data);
+    return /^[a-z0-9][a-z0-9-]{0,62}(?:\.[a-z0-9][a-z0-9-]{0,62})*[a-z0-9]$/i.test(
+      data
+    );
   },
   date(data) {
-    if (typeof data !== 'string') {
-      return false;
-    }
-
-    if (RegExps.date.test(data) === false) {
+    if (/^(\d{4})-(\d{2})-(\d{2})$/.test(data) === false) {
       return false;
     }
 
@@ -70,31 +198,45 @@ export const Formats: Record<string, FormatFunction | false> = {
       return false;
     }
   },
-  'json-pointer'(data) {
-    if (data === '') {
+  "json-pointer"(data) {
+    if (data === "") {
       return true;
     }
 
-    return RegExps['json-pointer'].test(data);
+    return /^\/(?:[^~]|~0|~1)*$/.test(data);
   },
-  'relative-json-pointer'(data) {
-    if (data === '') {
+  "relative-json-pointer"(data) {
+    if (data === "") {
       return true;
     }
 
-    return RegExps['relative-json-pointer'].test(data);
+    return /^([0-9]+)(#|\/(?:[^~]|~0|~1)*)?$/.test(data);
   },
   time(data) {
-    return RegExps.time.test(data);
+    return /^(\d{2}):(\d{2}):(\d{2})(\.\d+)?(Z|([+-])(\d{2}):(\d{2}))$/.test(
+      data
+    );
+  },
+  "uri-reference"(data) {
+    if (/\\/.test(data)) {
+      return false;
+    }
+
+    return /^(([^:/?#]+):)?(\/\/([^/?#]*))?([^?#]*)(\?([^#]*))?(#((?![^#]*\\)[^#]*))?/i.test(
+      data
+    );
+  },
+  "uri-template"(data) {
+    return /^(?:(?:https?:\/\/[\w.-]+)?\/?)?[\w- ;,.\/?%&=]*(?:\{[\w-]+(?::\d+)?\}[\w- ;,.\/?%&=]*)*\/?$/.test(
+      data
+    );
   },
 
   // Not supported yet
   duration: false,
-  'idn-email': false,
-  'idn-hostname': false,
   uuid: false,
-  'uri-reference': false,
+  "idn-email": false,
+  "idn-hostname": false,
   iri: false,
-  'iri-reference': false,
-  'uri-template': false,
+  "iri-reference": false
 };

package/lib/index.ts

@@ -45,10 +45,10 @@ export interface Validator {
 }
 
 export class SchemaShield {
-  types = new Map<string, TypeFunction | false>();
-  formats = new Map<string, FormatFunction | false>();
-  keywords = new Map<string, KeywordFunction | false>();
-  immutable = false;
+  private types: Record<string, TypeFunction | false> = {};
+  private formats: Record<string, FormatFunction | false> = {};
+  private keywords: Record<string, KeywordFunction | false> = {};
+  private immutable = false;
 
   constructor({
     immutable = false
@@ -74,16 +74,37 @@ export class SchemaShield {
     }
   }
 
-  addType(name: string, validator: TypeFunction) {
-    this.types.set(name, validator);
+  addType(name: string, validator: TypeFunction, overwrite = false) {
+    if (this.types[name] && !overwrite) {
+      throw new ValidationError(`Type "${name}" already exists`);
+    }
+    this.types[name] = validator;
+  }
+
+  getType(type: string): TypeFunction | false {
+    return this.types[type];
   }
 
-  addFormat(name: string, validator: FormatFunction) {
-    this.formats.set(name, validator);
+  addFormat(name: string, validator: FormatFunction, overwrite = false) {
+    if (this.formats[name] && !overwrite) {
+      throw new ValidationError(`Format "${name}" already exists`);
+    }
+    this.formats[name] = validator;
   }
 
-  addKeyword(name: string, validator: KeywordFunction) {
-    this.keywords.set(name, validator);
+  getFormat(format: string): FormatFunction | false {
+    return this.formats[format];
+  }
+
+  addKeyword(name: string, validator: KeywordFunction, overwrite = false) {
+    if (this.keywords[name] && !overwrite) {
+      throw new ValidationError(`Keyword "${name}" already exists`);
+    }
+    this.keywords[name] = validator;
+  }
+
+  getKeyword(keyword: string): KeywordFunction | false {
+    return this.keywords[keyword];
   }
 
   compile(schema: any): Validator {
@@ -144,7 +165,7 @@ export class SchemaShield {
         : schema.type.split(",").map((t) => t.trim());
 
       for (const type of types) {
-        const validator = this.types.get(type);
+        const validator = this.getType(type);
         if (validator) {
           typeValidations.push(validator);
           methodName += (methodName ? "_OR_" : "") + validator.name;
@@ -162,10 +183,9 @@ export class SchemaShield {
         compiledSchema.$validate = getNamedFunction<ValidateFunction>(
           methodName,
           (data) => {
-            if (typeValidation(data)) {
-              return;
+            if (!typeValidation(data)) {
+              return defineTypeError("Invalid type", { data });
             }
-            return defineTypeError("Invalid type", { data });
           }
         );
       } else if (typeValidationsLength > 1) {
@@ -189,17 +209,9 @@ export class SchemaShield {
         continue;
       }
 
-      const keywordValidator = this.keywords.get(key);
+      const keywordValidator = this.getKeyword(key);
       if (keywordValidator) {
         const defineError = getDefinedErrorFunctionForKey(key, schema[key]);
-        const executeKeywordValidator = (data: any) =>
-          (keywordValidator as KeywordFunction)(
-            compiledSchema,
-            data,
-            defineError,
-            this
-          );
-
         if (compiledSchema.$validate) {
           const prevValidator = compiledSchema.$validate;
           methodName += `_AND_${keywordValidator.name}`;
@@ -210,17 +222,25 @@ export class SchemaShield {
               if (error) {
                 return error;
               }
-              const keywordError = executeKeywordValidator(data);
-              if (keywordError) {
-                return keywordError;
-              }
+              return (keywordValidator as KeywordFunction)(
+                compiledSchema,
+                data,
+                defineError,
+                this
+              );
             }
           );
         } else {
           methodName = keywordValidator.name;
           compiledSchema.$validate = getNamedFunction<ValidateFunction>(
             methodName,
-            executeKeywordValidator
+            (data) =>
+              (keywordValidator as KeywordFunction)(
+                compiledSchema,
+                data,
+                defineError,
+                this
+              )
           );
         }
       }
@@ -252,7 +272,7 @@ export class SchemaShield {
       }
 
       for (let subKey in subSchema) {
-        if (this.keywords.has(subKey)) {
+        if (subKey in this.keywords) {
           return true;
         }
       }

package/lib/keywords/array-keywords.ts

@@ -101,7 +101,7 @@ export const ArrayKeywords: Record<string, KeywordFunction> = {
   },
 
   additionalItems(schema, data, defineError) {
-    if (!Array.isArray(data) || !schema.items || !Array.isArray(schema.items)) {
+    if (!schema.items || isObject(schema.items)) {
       return;
     }
 

package/lib/keywords/string-keywords.ts

@@ -35,24 +35,18 @@ export const StringKeywords: Record<string, KeywordFunction> = {
     return defineError("Value does not match the pattern", { data });
   },
 
-  format(schema, data, defineError, formatInstance) {
+  // Take into account that if we receive a format that is not defined, we
+  // will not throw an error, we just ignore it.
+  format(schema, data, defineError, instance) {
     if (typeof data !== "string") {
       return;
     }
 
-    const formatValidate = formatInstance.formats.get(schema.format);
-    if (formatValidate === false) {
+    const formatValidate = instance.getFormat(schema.format);
+    if (!formatValidate || formatValidate(data)) {
       return;
     }
 
-    if (typeof formatValidate === "function") {
-      if (formatValidate(data)) {
-        return;
-      }
-
-      return defineError("Value does not match the format", { data });
-    }
-
-    return defineError("Format is not supported", { data });
+    return defineError("Value does not match the format", { data });
   }
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "schema-shield",
-  "version": "0.0.3",
+  "version": "0.0.4",
   "description": "A fast library that protects your JSON schema from invalid data.",
   "repository": "git@github.com:Masquerade-Circus/schema-shield.git",
   "author": "Masquerade <christian@masquerade-circus.net>",
@@ -70,7 +70,7 @@
   },
   "scripts": {
     "test": "mocha --bail --recursive --no-timeouts  --forbid-only --exit --require ts-node/register --enable-source-maps tests/**/*.test.ts",
-    "dev:test": "nodemon -e ts,js -w ./tests -w ./lib --exec npm run test",
+    "dev:test": "nodemon -e ts,js -w ./tests -w ./lib --exec mocha --bail --recursive --no-timeouts --exit --require ts-node/register --enable-source-maps tests/**/*.test.ts",
     "dev:source": "NODE_ENV=development nodemon --enable-source-maps -e tsx,ts,json,css -w ./lib -w ./www source.js",
     "build": "node source.js",
     "coverage": "nyc report --reporter=lcov",
@@ -79,13 +79,13 @@
     "release-test": "release-it --dry-run --verbose"
   },
   "dependencies": {
-    "is-my-ip-valid": "^1.0.1",
     "ts-node": "^10.9.1",
     "tsc-prog": "^2.2.1",
     "tslib": "^2.5.0",
     "typescript": "^5.0.2"
   },
   "devDependencies": {
+    "@exodus/schemasafe": "^1.0.0",
     "@release-it/conventional-changelog": "^5.1.1",
     "@typescript-eslint/eslint-plugin": "^5.56.0",
     "@typescript-eslint/parser": "^5.56.0",