Snap Validate ⚡

A lightning-fast, lightweight validation library for common patterns without heavy dependencies. Perfect for client-side and server-side validation with zero external dependencies and built-in protection against ReDoS (Regular Expression Denial of Service) attacks.

Features

⚡ Lightning Fast: Optimized for speed and performance
🚀 Lightweight: No external dependencies, minimal footprint
🔧 Flexible: Chainable validation rules and custom validators
📧 Common Patterns: Email, phone, credit card, URL, password validation
🌍 International: Support for different formats (US/International phone, postal codes)
🔄 Async Support: Full async validation support for database checks and API calls
🎯 Conditional: Advanced conditional validation with when() and optional()
🛠️ Custom Validators: Add your own sync and async validation logic
🔒 Security First: Built-in protection against ReDoS attacks and unsafe regex patterns
🛡️ Timeout Protection: Configurable timeout for regex operations to prevent DoS attacks
🧪 Well Tested: Comprehensive test suite with high coverage
📦 Easy Integration: Works in Node.js and browsers
🔗 Chainable API: Intuitive fluent interface
📘 TypeScript Support: Complete TypeScript definitions with full IntelliSense support

Installation

npm install snap-validate

TypeScript

For TypeScript projects, types are included automatically:

npm install snap-validate
# Types are included - no need for @types/snap-validate

Quick Start

const { validators, validate } = require('snap-validate');

// Single field validation
const emailResult = validators.email('user@example.com').validate();
console.log(emailResult.isValid); // true

// Schema validation
const schema = {
  email: validators.email,
  phone: (value) => validators.phone(value, 'us'),
  password: validators.password
};

const data = {
  email: 'user@example.com',
  phone: '(555) 123-4567',
  password: 'SecurePass123'
};

const result = validate(schema, data);
console.log(result.isValid); // true

TypeScript Support

Snap Validate includes comprehensive TypeScript definitions for enhanced developer experience:

import { BaseValidator, validators, validate, ValidationResult } from 'snap-validate';

// Full type safety and auto-completion
const validator = new BaseValidator('test-value')
  .required('This field is required')
  .min(5, 'Must be at least 5 characters')
  .pattern(/^[a-zA-Z]+$/, 'Only letters allowed');

// Type-safe result handling
const result: ValidationResult = validator.validate();

// Schema validation with types
interface UserData {
  email: string;
  phone: string;
  password: string;
}

const userData: UserData = {
  email: 'john@example.com',
  phone: '1234567890',
  password: 'StrongPass123'
};

const schema = {
  email: validators.email,
  phone: (value: string) => validators.phone(value, 'us'),
  password: validators.password
};

const result = validate(schema, userData);

Features:

Complete type definitions for all classes and functions
IntelliSense support in VS Code, WebStorm, and other editors
Compile-time validation prevents common usage errors
Generic support for flexible validation workflows
Rich JSDoc comments for comprehensive documentation

Security Features

ReDoS Protection

Snap Validate includes built-in protection against Regular Expression Denial of Service (ReDoS) attacks:

Regex Safety Detection: Automatically detects and prevents potentially dangerous regex patterns
Input Length Limits: Protects against extremely long input strings (10,000 character limit)
Timeout Protection: Configurable timeout for regex operations (default: 1 second)
Safe Defaults: All predefined validators use safe, optimized regex patterns

// Set custom timeout for regex operations
const validator = new BaseValidator(value)
  .setRegexTimeout(2000) // 2 second timeout
  .pattern(/your-pattern/, 'Error message');

// Use async pattern validation for complex patterns with timeout protection
const validator = new BaseValidator(value)
  .patternAsync(/complex-pattern/, 'Error message');

const result = await validator.validateAsync();

Available Validators

Email Validation

validators.email('user@example.com').validate();

Phone Number Validation

// US format (default)
validators.phone('(555) 123-4567').validate();

// International format
validators.phone('+1234567890', 'international').validate();

// Simple numeric
validators.phone('1234567890', 'simple').validate();

Credit Card Validation

// Uses Luhn algorithm
validators.creditCard('4532015112830366').validate();

URL Validation

validators.url('https://example.com').validate();

Password Validation

// Default: min 8 chars, requires upper, lower, numbers
validators.password('SecurePass123').validate();

// Custom options
validators.password('MyPass123!', {
  minLength: 10,
  requireUppercase: true,
  requireLowercase: true,
  requireNumbers: true,
  requireSpecialChars: true
}).validate();

Alphanumeric Validation

validators.alphanumeric('ABC123').validate();

Numeric Validation

validators.numeric('12345').validate();

Zip Code Validation

// US zip code
validators.zipCode('12345').validate();
validators.zipCode('12345-6789').validate();

// Canadian postal code
validators.zipCode('K1A 0A6', 'ca').validate();

// UK postal code
validators.zipCode('SW1A 1AA', 'uk').validate();

Advanced Validation Features

Conditional Validation

const { BaseValidator } = require('snap-validate');

// Validate only when condition is met
const validator = new BaseValidator(value)
  .when(user.isAdmin, validators.required('Admin field required'))
  .min(5, 'Must be at least 5 characters');

// Optional validation - skip if empty/null/undefined
const optionalValidator = new BaseValidator(value)
  .optional()
  .email('Must be a valid email if provided');

// Function-based conditions
const conditionalValidator = new BaseValidator(value)
  .when(() => user.role === 'admin', validators.required())
  .max(100);

Custom Validators

const { BaseValidator } = require('snap-validate');

// Synchronous custom validation
const customValidator = new BaseValidator(value)
  .custom((val) => val !== 'forbidden', 'Value cannot be forbidden')
  .custom((val) => {
    if (val.includes('admin') && !user.isAdmin) {
      return 'Only admins can use this value';
    }
    return true;
  });

// Asynchronous custom validation
const asyncValidator = new BaseValidator(email)
  .email()
  .customAsync(async (email) => {
    const exists = await checkEmailExists(email);
    return !exists || 'Email already exists';
  }, 'Email validation failed');

// Use async validation
const result = await asyncValidator.validateAsync();

Async Validation

// Async validation for single field
const validator = new BaseValidator(username)
  .required()
  .min(3)
  .customAsync(async (username) => {
    const available = await checkUsernameAvailable(username);
    return available || 'Username is already taken';
  });

const result = await validator.validateAsync();

// Async schema validation
const asyncSchema = {
  username: (value) => new BaseValidator(value)
    .required()
    .customAsync(async (val) => {
      const available = await checkUsernameAvailable(val);
      return available || 'Username taken';
    }),
  
  email: (value) => validators.email(value)
    .customAsync(async (val) => {
      const exists = await checkEmailExists(val);
      return !exists || 'Email already registered';
    })
};

const asyncResult = await validate.async(asyncSchema, userData);

Security and Pattern Validation

Safe Pattern Validation

const { BaseValidator } = require('snap-validate');

// Synchronous pattern validation with built-in safety checks
const validator = new BaseValidator(value)
  .pattern(/^[a-zA-Z0-9]+$/, 'Only alphanumeric characters allowed');

// Asynchronous pattern validation with timeout protection
const asyncValidator = new BaseValidator(value)
  .patternAsync(/^[a-zA-Z0-9]+$/, 'Only alphanumeric characters allowed')
  .setRegexTimeout(5000); // 5 second timeout

const result = await asyncValidator.validateAsync();

Configurable Security Settings

const validator = new BaseValidator(value)
  .setRegexTimeout(3000) // Set custom timeout (3 seconds)
  .pattern(/your-pattern/, 'Error message');

// The library automatically:
// - Detects unsafe regex patterns
// - Limits input length to prevent ReDoS
// - Applies timeout protection for complex patterns
// - Provides clear error messages for security violations

Custom Validation

Using BaseValidator

const { BaseValidator } = require('snap-validate');

const customValidator = new BaseValidator('test-value')
  .required('This field is required')
  .min(5, 'Must be at least 5 characters')
  .max(20, 'Must be no more than 20 characters')
  .pattern(/^[a-zA-Z]+$/, 'Only letters allowed');

const result = customValidator.validate();

Schema Validation with Custom Rules

const schema = {
  username: (value) => new BaseValidator(value)
    .required()
    .min(3)
    .max(20)
    .pattern(/^[a-zA-Z0-9_]+$/, 'Username can only contain letters, numbers, and underscores'),
  
  email: validators.email,
  
  age: (value) => new BaseValidator(value)
    .required()
    .pattern(/^\d+$/, 'Age must be a number')
    .custom((val) => parseInt(val) >= 18, 'Must be 18 or older')
};

const userData = {
  username: 'john_doe',
  email: 'john@example.com',
  age: '25'
};

const result = validate(schema, userData);

Error Handling

const result = validators.email('invalid-email').validate();

if (!result.isValid) {
  console.log('Validation errors:', result.errors);
  // Output: ['Invalid email format']
}

// For schema validation
const schemaResult = validate(schema, data);
if (!schemaResult.isValid) {
  const errors = schemaResult.getErrors();
  console.log('Field errors:', errors);
  // Output: { email: ['Invalid email format'], password: ['Password too weak'] }
}

// Async error handling
try {
  const asyncResult = await validator.validateAsync();
  if (!asyncResult.isValid) {
    console.log('Async validation errors:', asyncResult.errors);
  }
} catch (error) {
  console.log('Validation exception:', error.message);
}

// Security-related errors
const unsafeResult = validator.pattern(/potentially-dangerous-pattern/, 'Error').validate();
if (!unsafeResult.isValid) {
  console.log('Security errors:', unsafeResult.errors);
  // Output: ['Potentially unsafe regex pattern detected']
}

Browser Usage

<script src="https://unpkg.com/snap-validate/src/index.js"></script>
<script>
  const { validators } = SnapValidate;
  
  const result = validators.email('user@example.com').validate();
  console.log(result.isValid);
</script>

API Reference

ValidationResult

isValid: boolean - Whether validation passed
errors: string[] - Array of error messages

BaseValidator Methods

required(message?) - Field is required
min(length, message?) - Minimum length validation
max(length, message?) - Maximum length validation
pattern(regex, message?) - Pattern matching validation with safety checks
patternAsync(regex, message?) - Async pattern validation with timeout protection
setRegexTimeout(timeoutMs) - Set custom timeout for regex operations
when(condition, validator) - Conditional validation
optional() - Skip validation if empty/null/undefined
custom(fn, message?) - Custom synchronous validation
customAsync(fn, message?) - Custom asynchronous validation
validate() - Execute synchronous validation
validateAsync() - Execute asynchronous validation

Available Validators

validators.email(value)
validators.phone(value, format?)
validators.creditCard(value)
validators.url(value)
validators.password(value, options?)
validators.alphanumeric(value)
validators.numeric(value)
validators.zipCode(value, country?)

TypeScript Types

ValidationResult - Interface for validation results
ValidatorFunction - Type for validator functions used in schemas
ValidationSchema - Type for validation schema objects
PasswordOptions - Interface for password validation configuration
BaseValidator<T> - Generic base validator class

Validation Functions

validate(schema, data) - Synchronous schema validation
validate.async(schema, data) - Asynchronous schema validation

Security Functions

isRegexSafe(regex) - Check if a regex pattern is safe to use
safeRegexText(regex, str, timeoutMs) - Execute regex with timeout protection

Security Best Practices

Use Built-in Validators: The predefined validators are optimized for security and performance
Validate Input Length: Large inputs are automatically limited to prevent ReDoS attacks
Set Appropriate Timeouts: Configure regex timeouts based on your application's needs
Test Custom Patterns: Use isRegexSafe() to check custom regex patterns before deployment
Handle Async Errors: Always use try-catch blocks with async validation

Contributing

We welcome contributions! Please see our Contributing Guide for details.

Fork the repository
Create your feature branch (git checkout -b feature/amazing-feature)
Commit your changes (git commit -m 'Add some amazing feature')
Push to the branch (git push origin feature/amazing-feature)
Open a Pull Request

Development

# Install dependencies
npm install

# Run tests
npm test

# Run tests in watch mode
npm run test:watch

# Run tests with coverage
npm run test:coverage

# Lint code
npm run lint

# Format code
npm run format

# Security audit
npm audit

# Type checking (for TypeScript users)
npm run type-check

# Validate TypeScript definitions
npm run validate-types

License

This project is licensed under the MIT License - see the LICENSE file for details.

Changelog

See CHANGELOG.md for a detailed history of changes.

Made with ⚡ by Ramachandra Anirudh Vemulapalli

snap-validate

Snap Validate ⚡

Features

Installation

TypeScript

Quick Start

TypeScript Support

Security Features

ReDoS Protection

Available Validators

Email Validation

Phone Number Validation

Credit Card Validation

URL Validation

Password Validation

Alphanumeric Validation

Numeric Validation

Zip Code Validation

Advanced Validation Features

Conditional Validation

Custom Validators

Async Validation

Security and Pattern Validation

Safe Pattern Validation

Configurable Security Settings

Custom Validation

Using BaseValidator

Schema Validation with Custom Rules

Error Handling

Browser Usage

API Reference

ValidationResult

BaseValidator Methods

Available Validators

TypeScript Types

Validation Functions

Security Functions

Security Best Practices

Contributing

Development

License

Changelog

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

DownloadsWeekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

Weekly Downloads