npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

restrict-v

v0.1.0

Published

A lightweight, extensible set of tools for applying limitations to runtime values

Downloads

3

Readme

restrict-v

A lightweight, extensible set of tools for applying limitations to runtime values.

Use with security-critical applications or when accepting external arguments.

NPM

NPM NPM NPM NPM NPM NPM

Index

Restriction

Usage Summary


type Predicate<T> = (...value: T[]) => boolean;
type Assertion<T> = (...value: T[]) => void;
interface PassthroughValidator<T> {
  <U extends T>(value: U): U;
  <U extends T[]>(...value: U): U;
}

type Conditional<T> =
  | Predicate<T>
  | Assertion<T>
  | PassthroughValidator<T>
  | Restriction<T>;

type SchemaValueType<T> =
  | Conditional<T>
  | Schema<T>;

type Schema<T extends SchemaTarget> = {
  [key in keyof T]: SchemaValueType<T[key]>
};

class Restriction<T> {
  constructor(message: string, ...conditionals: Array<Conditional<T>>);
  constructor(message: string, ...schemas: Array<Schema<T>>);
  constructor(
    message: string,
    ...conditionalsOrSchemas: Array<Conditional<T> | Schema<T>>
  );
  constructor(...conditionals: Array<Conditional<T>>);
  constructor(...schemas: Array<Schema<T>>);
  constructor(...conditionalsOrSchemas: Array<Conditional<T> | Schema<T>>);
}

Restriction instances are functions that either return the value(s) passed to them or throw a RestrictionError. They can be created using an optional message and a list of functions. When a restriction instance is called, any value(s) passed will be passed to the provided functions. If any of these functions return a falsy value or throw, the restriction will throw.

Restrictions may also be constructed with a Schema- an Object or Array whose values are either Restrictions or Schemas. Schema Restrictions will throw if a passed value's structure differs from the Schema or if any of the values fail the Schema's restrictions.

Restrictions may be combined or extended with new Conditional functions with .and and .or. Both of these methods may be used in the same way as the base constructor.

Restriction messages may be changed using the .msg method or with restriction.message = assignment.


import { restrict, Restriction } from 'restrict-v';

const rOddNumber = new Restriction(
  "Must be an odd 'number'",
  restrict.number,
  (v: number) => v % 2 === 1
);

// myOddNumber === 41
const myOddNumber = rOddNumber(41);

// throws RestrictionError [ERR_RESTRICTION]: Must be an odd 'number'
//   code: 'ERR_RESTRICTION',
//   messageStack: [ "Must be an odd 'number'" ],
//   value: 42,
//   root: 42
// }
rOddNumber(42);

const rUserData = new Restriction(
  "Must be a UserData object",
  {
    name: restrict.string,
    age: restrict.integer
      .and(
        'Must be a valid age < 200',
        restrict.range(1, 200)
      )
  }
);

// { name: 'John Smith', age: 20 }
rUserData({ name: 'John Smith', age: 20 });

// throws RestrictionError [ERR_RESTRICTION]: Must be a UserData object
//   code: 'ERR_RESTRICTION',
//   messageStack: [
//     'Must be a valid age < 200',
//     'Must be a UserData object'
//   ],
//   value: 2000,
//   root: { name: 'John Smith', age: 2000 }
// }
rUserData({ name: 'John Smith', age: 2000 });

Examples

Presets and Factories

The exported restrict object contains some preset Restriction instances and factories.

Presets are standard Restrictions; Factories create Restrictions given some input.

import { restrict } from 'restrict-v';

// int === 24
const int: number = restrict.integer(24);

// intA === 11
// intB === 23
const [ intA, intB ]: [ number, number ] = restrict.integer(11, 23);

// throws RestrictionError: Must be an integer
const int: number = restrict.integer(24.42);

// TS compiler error:
//   Argument of type '"24.42"' is not assignable to parameter of type 'number'.
const int = restrict.integer("24.42");

// value === 10;
const value = restrict.lt(15)(10);

// throws RestrictionError [ERR_RESTRICTION]: Must be a 'number' greater than or equal to 15
const value = restrict.gte(15)(10);

List of Presets


   Preset             Message
   ------             -------
 - restrict.string    // Must be a 'string'
 - restrict.number    // Must be a 'number'
 - restrict.bigint    // Must be a 'bigint'
 - restrict.boolean   // Must be a 'boolean'
 - restrict.null      // Must be null
 - restrict.undefined // Must be undefined
 - restrict.symbol    // Must be a 'symbol'
 - restrict.integer   // Must be an integer
 - restrict.positive  // Must be a positive 'number' or 'bigint'
 - restrict.negative  // Must be a negative 'number' or 'bigint'
 - restrict.Object    // Must be an instance of Object
 - restrict.Array     // Must be an instance of Array

List of Factories


   Factory                           Message
   -------                           -------
 - restrict.eq(any)                  // Must be strictly equal to ${v}
 - restrict.neq(any)                 // Must not be strictly equal to ${v}
 - restrict.gt<                      // Must be a '${T}' greater than ${v}
     T extends number | bigint
   >(T)
 - restrict.lt<                      // Must be a '${T}' less than ${v}
     T extends number | bigint
   >(T)
 - restrict.gte<                     // Must be a '${T}' greater than or equal to ${v}
     T extends number | bigint
   >(T)
 - restrict.lte<                     // Must be a '${T}' less than or equal to ${v}
     T extends number | bigint
   >(T)
 - restrict.range<                   // Must be a '${T}' within the range ${'['|'('}${v0},${v1}${']'|')'}
     T extends number | bigint
   >(
     T, T,
     lowInclusive: boolean = true,
     upInclusive: boolean = false
   )
 - restrict.instanceof(new() => any) // Must be an instance of '${v.name}'
 - restrict.match(string | RegExp)   // Must be a 'string' matching ${v}

Custom


import { Restriction } from 'restrict-v';

const rOddNumber = new Restriction(
  "Must be an odd 'number'",
  restrict.number,
  (v: number) => v % 2 === 1
)

const myOddNumber = rOddNumber(41);

// throws RestrictionError [ERR_RESTRICTION]: Must be an odd 'number'
rOddNumber(42)

Schemas


import {
  restrict,
  Restriction,
  RestrictionTargetType,
  SchemaTargetType
} from 'restrict-v';

const SITE_CREATION_TIME = 1548174793502;
const rTimeWithinSiteExistence = restrict.range(SITE_CREATION_TIME, Date.now());

const sUserData = {
  name: restrict.string,
  age: restrict.number,
  joined: rTimeWithinSiteExistence,
  credentials: {
    sessionToken: restrict.match(
      /^[0-9A-F]{8}-[0-9A-F]{4}-4[0-9A-F]{3}-[89AB][0-9A-F]{3}-[0-9A-F]{12}$/m
    )
  },
  history: {
    lastThreeVisits: [
      rTimeWithinSiteExistence,
      rTimeWithinSiteExistence,
      rTimeWithinSiteExistence
    ]
  }
};

const rUserData = new Restriction(sUserData)
  .and(
    (v: SchemaTargetType<typeof sUserData>) => // use SchemaTargetType to get
                                               // type from Schema object
      v.history.lastThreeVisits[2] >= v.joined &&
      v.history.lastThreeVisits[2] < v.history.lastThreeVisits[1] &&
      v.history.lastThreeVisits[1] < v.history.lastThreeVisits[0]
  )
  .msg("Must be a valid user data object");

// use RestrictionTargetType to get type from Restriction instance
type UserData = RestrictionTargetType<typeof rUserData>;

// --- //

const scaryUnknownJSONResponse = await (await fetch(...)).json();

const trustedExpectedResponse: UserData = rExpectedResponse(
  scaryUnknownJSONResponse
)

Combinations


const rNumberLike = restrict.number
  .or(restrict.bigint)
  .or(restrict.boolean)
  .msg("Must be a 'number', 'bigint', or 'boolean'")

// rNumberLike: Restriction<number | bigint | boolean>

// THROWS RestrictionError [ERR_RESTRICTION]: Must be a 'number', 'bigint', or 'boolean'
// @ts-ignore
rNumberLike('not any of those')

// ------------------ //
// Without .msg

// THROWS RestrictionError [ERR_RESTRICTION]: ((Must be a 'number' || Must be a 'bigint') || Must be a 'boolean')
restrict.number
  .or(restrict.bigint)
  .or(restrict.boolean)
  // @ts-ignore
  ('still not any of those')

RestrictionErrors


class RestrictionError<T> extends Error {
  name: "RestrictionError"; // Error name
  code: "ERR_RESTRICTION";  // Error code
  message: string;          // Error message
  value: T;                 // Value responsible for throw
  root: any;                // Root Schema target object (.value if non-schema)
  messageStack: string[];   // Stack of parent restrictions; deepest first
}

DeepFreeze

DeepFreeze is a small class that deeply freezes properties and prototypes without freezing any global objects.


import { DeepFreeze } from 'restrict-v';

// Whitelist all deep properties and prototypes attached to globalThis
const deepFreeze = new DeepFreeze();

// foo is attached to globalThis via module.exports
export const foo = (v: string) => v + '_bar';

// deep freeze globalThis-attached objects and prototypes
// (except for any references found during construction)
deepFreeze(this);

TODO

  • Allow for circular references within Schema objects
  • Add a forEach factory
  • Add property restriction factory method
  • Create RestrictedObject class
  • Add parens simplification for default-generated .and and .or combination messages

Contributing

I'd like to expand this concept without introducing too much bloat. If you have an idea that you'd like to contribute, or if you see any opportunities for better TypeScript usage, please make a pull request.

Rules:

  • All API arguments must be checked independent of TypeScript compiler
    • typeof, instanceof, Restriction, etc...
  • All API objects must be deeply frozen

License

Licensed under GPL-3.0-or-later

Copyright (c) Justin Collier [email protected]

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the internalied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see https://www.gnu.org/licenses/.