DEV Community: Nehonix Inc The latest articles on DEV Community by Nehonix Inc (@nehonix). https://dev.to/nehonix https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2691276%2F04bdb5af-010b-4963-abb4-c901597eb717.jpg DEV Community: Nehonix Inc https://dev.to/nehonix en Fortify Schema: Interface-Style TypeScript Validation with Conditional Logic Nehonix Inc Thu, 26 Jun 2025 17:57:58 +0000 https://dev.to/nehonix/fortify-schema-interface-style-typescript-validation-with-conditional-logic-48ak https://dev.to/nehonix/fortify-schema-interface-style-typescript-validation-with-conditional-logic-48ak <h1> Fortify Schema: Interface-Style TypeScript Validation with Conditional Logic </h1> <p><em>A TypeScript validation library designed around familiar interface syntax and advanced conditional validation capabilities.</em></p> <p>When building TypeScript applications that handle external data, validation becomes essential. Whether you're processing API requests, user forms, or configuration files, you need a way to ensure data integrity while maintaining type safety.</p> <p>Fortify Schema addresses this need by providing a validation library that uses interface-like syntax familiar to TypeScript developers, combined with advanced conditional validation capabilities for complex business logic.</p> <h2> Core Design Principles </h2> <p><strong>Interface-Native Syntax</strong>: Schema definitions use a string-based syntax that mirrors TypeScript interface declarations, making validation rules intuitive for TypeScript developers.</p> <p><strong>Conditional Validation</strong>: Built-in support for runtime conditional logic, allowing fields to be required, optional, or have different validation rules based on other data properties.</p> <p><strong>Type Integration</strong>: Complete TypeScript inference ensures validated data maintains proper typing without additional type assertions.</p> <h2> Basic Schema Definition </h2> <p>Here's how you define a schema in Fortify Schema:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Interface</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">fortify-schema</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">UserSchema</span> <span class="o">=</span> <span class="nc">Interface</span><span class="p">({</span> <span class="na">id</span><span class="p">:</span> <span class="dl">"</span><span class="s2">uuid</span><span class="dl">"</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string(2,50)</span><span class="dl">"</span><span class="p">,</span> <span class="na">age</span><span class="p">:</span> <span class="dl">"</span><span class="s2">number(18,120)?</span><span class="dl">"</span><span class="p">,</span> <span class="na">role</span><span class="p">:</span> <span class="dl">"</span><span class="s2">admin|user|guest</span><span class="dl">"</span><span class="p">,</span> <span class="na">tags</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string[]?</span><span class="dl">"</span><span class="p">,</span> <span class="na">createdAt</span><span class="p">:</span> <span class="dl">"</span><span class="s2">date</span><span class="dl">"</span> <span class="p">});</span> <span class="c1">// Validation with full type inference</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="nx">UserSchema</span><span class="p">.</span><span class="nf">safeParse</span><span class="p">(</span><span class="nx">userData</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">success</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// result.data is properly typed</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">data</span><span class="p">.</span><span class="nx">email</span><span class="p">);</span> <span class="c1">// string</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">data</span><span class="p">.</span><span class="nx">age</span><span class="p">);</span> <span class="c1">// number | undefined</span> <span class="p">}</span> </code></pre> </div> <h2> Comprehensive Type Support </h2> <p>Fortify Schema supports a wide range of validation types:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">ComprehensiveSchema</span> <span class="o">=</span> <span class="nc">Interface</span><span class="p">({</span> <span class="c1">// Basic types</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string</span><span class="dl">"</span><span class="p">,</span> <span class="na">count</span><span class="p">:</span> <span class="dl">"</span><span class="s2">number</span><span class="dl">"</span><span class="p">,</span> <span class="na">active</span><span class="p">:</span> <span class="dl">"</span><span class="s2">boolean</span><span class="dl">"</span><span class="p">,</span> <span class="na">timestamp</span><span class="p">:</span> <span class="dl">"</span><span class="s2">date</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Constrained types</span> <span class="na">username</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string(3,20)</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// 3-20 characters</span> <span class="na">score</span><span class="p">:</span> <span class="dl">"</span><span class="s2">number(0,100)</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Range validation</span> <span class="c1">// Format validation</span> <span class="na">email</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="na">website</span><span class="p">:</span> <span class="dl">"</span><span class="s2">url</span><span class="dl">"</span><span class="p">,</span> <span class="na">phone</span><span class="p">:</span> <span class="dl">"</span><span class="s2">phone</span><span class="dl">"</span><span class="p">,</span> <span class="na">userId</span><span class="p">:</span> <span class="dl">"</span><span class="s2">uuid</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Arrays with constraints</span> <span class="na">tags</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string[]</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Required array</span> <span class="na">scores</span><span class="p">:</span> <span class="dl">"</span><span class="s2">number[]?</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Optional array</span> <span class="na">limitedTags</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string[](1,5)</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// 1-5 items</span> <span class="c1">// Union types</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">active|inactive|pending</span><span class="dl">"</span><span class="p">,</span> <span class="na">priority</span><span class="p">:</span> <span class="dl">"</span><span class="s2">low|medium|high</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Literal values</span> <span class="na">version</span><span class="p">:</span> <span class="dl">"</span><span class="s2">2.0</span><span class="dl">"</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">user</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Optional fields</span> <span class="na">description</span><span class="p">:</span> <span class="dl">"</span><span class="se">\"</span><span class="s2">string?</span><span class="se">\"</span><span class="s2">,</span><span class="dl">"</span> <span class="na">metadata</span><span class="p">:</span> <span class="dl">"</span><span class="s2">any?</span><span class="dl">"</span> <span class="p">});</span> </code></pre> </div> <h2> Nested Object Validation </h2> <p>Complex nested structures are handled naturally:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">ProfileSchema</span> <span class="o">=</span> <span class="nc">Interface</span><span class="p">({</span> <span class="na">user</span><span class="p">:</span> <span class="p">{</span> <span class="na">id</span><span class="p">:</span> <span class="dl">"</span><span class="s2">uuid</span><span class="dl">"</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="na">profile</span><span class="p">:</span> <span class="p">{</span> <span class="na">firstName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string(1,50)</span><span class="dl">"</span><span class="p">,</span> <span class="na">lastName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string(1,50)</span><span class="dl">"</span><span class="p">,</span> <span class="na">avatar</span><span class="p">:</span> <span class="dl">"</span><span class="s2">url?</span><span class="dl">"</span><span class="p">,</span> <span class="na">settings</span><span class="p">:</span> <span class="p">{</span> <span class="na">theme</span><span class="p">:</span> <span class="dl">"</span><span class="s2">light|dark|auto</span><span class="dl">"</span><span class="p">,</span> <span class="na">language</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string(/^[a-z]{2}$/)</span><span class="dl">"</span><span class="p">,</span> <span class="na">notifications</span><span class="p">:</span> <span class="p">{</span> <span class="na">email</span><span class="p">:</span> <span class="dl">"</span><span class="s2">boolean</span><span class="dl">"</span><span class="p">,</span> <span class="na">push</span><span class="p">:</span> <span class="dl">"</span><span class="s2">boolean</span><span class="dl">"</span><span class="p">,</span> <span class="na">sms</span><span class="p">:</span> <span class="dl">"</span><span class="s2">boolean</span><span class="dl">"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">},</span> <span class="na">metadata</span><span class="p">:</span> <span class="p">{</span> <span class="na">createdAt</span><span class="p">:</span> <span class="dl">"</span><span class="s2">date</span><span class="dl">"</span><span class="p">,</span> <span class="na">lastUpdated</span><span class="p">:</span> <span class="dl">"</span><span class="s2">date</span><span class="dl">"</span><span class="p">,</span> <span class="na">version</span><span class="p">:</span> <span class="dl">"</span><span class="s2">number</span><span class="dl">"</span> <span class="p">}</span> <span class="p">});</span> </code></pre> </div> <h2> Conditional Validation Logic </h2> <p>The conditional validation system allows you to express complex business rules directly in schema definitions:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">ConditionalSchema</span> <span class="o">=</span> <span class="nc">Interface</span><span class="p">({</span> <span class="c1">// Context objects for conditional logic</span> <span class="na">config</span><span class="p">:</span> <span class="dl">"</span><span class="s2">any?</span><span class="dl">"</span><span class="p">,</span> <span class="na">user</span><span class="p">:</span> <span class="dl">"</span><span class="s2">any?</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Core data</span> <span class="na">id</span><span class="p">:</span> <span class="dl">"</span><span class="s2">uuid</span><span class="dl">"</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="dl">"</span><span class="s2">individual|business</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Conditional fields based on runtime properties</span> <span class="na">businessName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when type=business *? string(2,100) : =null</span><span class="dl">"</span><span class="p">,</span> <span class="na">taxId</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when type=business *? string : =null</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Conditional validation based on configuration</span> <span class="na">requiresApproval</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when config.strictMode.$exists() *? boolean : =false</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Default values based on conditions</span> <span class="na">permissions</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when user.role=admin *? string[] : =[</span><span class="se">\"</span><span class="s2">read</span><span class="se">\"</span><span class="s2">]</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Complex nested conditions</span> <span class="na">advancedFeatures</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when user.plan=premium &amp;&amp; config.enableAdvanced.$exists() *? object : =null</span><span class="dl">"</span> <span class="p">});</span> </code></pre> </div> <h3> Runtime Validation Methods </h3> <p>The conditional system includes several runtime validation methods:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">RuntimeValidationSchema</span> <span class="o">=</span> <span class="nc">Interface</span><span class="p">({</span> <span class="na">data</span><span class="p">:</span> <span class="dl">"</span><span class="s2">any?</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Property existence</span> <span class="na">hasProfile</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when data.profile.$exists() *? boolean : =false</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Empty state checking</span> <span class="na">hasItems</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when data.items.$empty() *? boolean : =true</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Null validation</span> <span class="na">isConfigured</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when data.config.$null() *? boolean : =false</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// String operations</span> <span class="na">hasKeyword</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when data.title.$contains(important) *? boolean : =false</span><span class="dl">"</span><span class="p">,</span> <span class="na">isPrefixed</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when data.code.$startsWith(PRE-) *? boolean : =false</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Numeric range validation</span> <span class="na">inValidRange</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when data.score.$between(0,100) *? boolean : =false</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Value inclusion</span> <span class="na">hasValidStatus</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when data.status.$in(active,pending,completed) *? boolean : =false</span><span class="dl">"</span> <span class="p">});</span> </code></pre> </div> <h2> Practical Application: API Request Validation </h2> <p>Here's a real-world example for validating API requests:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">CreateProductRequestSchema</span> <span class="o">=</span> <span class="nc">Interface</span><span class="p">({</span> <span class="c1">// Request context</span> <span class="na">user</span><span class="p">:</span> <span class="dl">"</span><span class="s2">any?</span><span class="dl">"</span><span class="p">,</span> <span class="na">permissions</span><span class="p">:</span> <span class="dl">"</span><span class="s2">any?</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Product data</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string(1,200)</span><span class="dl">"</span><span class="p">,</span> <span class="na">description</span><span class="p">:</span> <span class="dl">"</span><span class="se">\"</span><span class="s2">string(,2000)?</span><span class="se">\"</span><span class="s2">,</span><span class="dl">"</span> <span class="na">price</span><span class="p">:</span> <span class="dl">"</span><span class="s2">number(0.01,999999.99)</span><span class="dl">"</span><span class="p">,</span> <span class="na">category</span><span class="p">:</span> <span class="dl">"</span><span class="s2">electronics|books|clothing|home|sports</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Inventory</span> <span class="na">initialStock</span><span class="p">:</span> <span class="dl">"</span><span class="s2">number(0,)</span><span class="dl">"</span><span class="p">,</span> <span class="na">trackInventory</span><span class="p">:</span> <span class="dl">"</span><span class="s2">boolean</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Conditional validation based on user permissions</span> <span class="na">bulkDiscount</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when permissions.canSetBulkPricing.$exists() *? object? : =null</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Admin-only fields</span> <span class="na">internalNotes</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when user.role=admin *? string? : =null</span><span class="dl">"</span><span class="p">,</span> <span class="na">costPrice</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when user.role=admin *? number(0,) : =null</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Category-specific requirements</span> <span class="na">isbn</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when category=books *? string : =null</span><span class="dl">"</span><span class="p">,</span> <span class="na">size</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when category=clothing *? string : =null</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Media uploads</span> <span class="na">images</span><span class="p">:</span> <span class="dl">"</span><span class="s2">url[](1,10)</span><span class="dl">"</span><span class="p">,</span> <span class="na">documents</span><span class="p">:</span> <span class="dl">"</span><span class="s2">when category=books *? url[] : =[]</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Metadata</span> <span class="na">tags</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string[](0,20)</span><span class="dl">"</span><span class="p">,</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">draft|active</span><span class="dl">"</span><span class="p">,</span> <span class="na">publishAt</span><span class="p">:</span> <span class="dl">"</span><span class="s2">date?</span><span class="dl">"</span> <span class="p">});</span> </code></pre> </div> <h2> Schema Transformations </h2> <p>Fortify Schema provides utilities for creating schema variations:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">BaseUserSchema</span> <span class="o">=</span> <span class="nc">Interface</span><span class="p">({</span> <span class="na">id</span><span class="p">:</span> <span class="dl">"</span><span class="s2">uuid</span><span class="dl">"</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="na">firstName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string</span><span class="dl">"</span><span class="p">,</span> <span class="na">lastName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string</span><span class="dl">"</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string</span><span class="dl">"</span><span class="p">,</span> <span class="na">role</span><span class="p">:</span> <span class="dl">"</span><span class="s2">user|admin</span><span class="dl">"</span><span class="p">,</span> <span class="na">createdAt</span><span class="p">:</span> <span class="dl">"</span><span class="s2">date</span><span class="dl">"</span> <span class="p">});</span> <span class="c1">// Schema transformations</span> <span class="kd">const</span> <span class="nx">PublicUserSchema</span> <span class="o">=</span> <span class="nx">Mod</span><span class="p">.</span><span class="nf">omit</span><span class="p">(</span><span class="nx">BaseUserSchema</span><span class="p">,</span> <span class="p">[</span><span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">]);</span> <span class="kd">const</span> <span class="nx">UpdateUserSchema</span> <span class="o">=</span> <span class="nx">Mod</span><span class="p">.</span><span class="nf">partial</span><span class="p">(</span><span class="nx">Mod</span><span class="p">.</span><span class="nf">omit</span><span class="p">(</span><span class="nx">BaseUserSchema</span><span class="p">,</span> <span class="p">[</span><span class="dl">"</span><span class="s2">id</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">createdAt</span><span class="dl">"</span><span class="p">]));</span> <span class="kd">const</span> <span class="nx">AdminUserSchema</span> <span class="o">=</span> <span class="nx">Mod</span><span class="p">.</span><span class="nf">extend</span><span class="p">(</span><span class="nx">BaseUserSchema</span><span class="p">,</span> <span class="p">{</span> <span class="na">permissions</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string[]</span><span class="dl">"</span><span class="p">,</span> <span class="na">lastLogin</span><span class="p">:</span> <span class="dl">"</span><span class="s2">date?</span><span class="dl">"</span><span class="p">,</span> <span class="na">adminNotes</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string?</span><span class="dl">"</span> <span class="p">});</span> <span class="c1">// Combining schemas</span> <span class="kd">const</span> <span class="nx">UserWithProfileSchema</span> <span class="o">=</span> <span class="nx">Mod</span><span class="p">.</span><span class="nf">extend</span><span class="p">(</span><span class="nx">BaseUserSchema</span><span class="p">,</span> <span class="p">{</span> <span class="na">profile</span><span class="p">:</span> <span class="p">{</span> <span class="na">avatar</span><span class="p">:</span> <span class="dl">"</span><span class="s2">url?</span><span class="dl">"</span><span class="p">,</span> <span class="na">bio</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string(,500)?</span><span class="dl">"</span><span class="p">,</span> <span class="na">website</span><span class="p">:</span> <span class="dl">"</span><span class="s2">url?</span><span class="dl">"</span><span class="p">,</span> <span class="na">location</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string?</span><span class="dl">"</span> <span class="p">}</span> <span class="p">});</span> </code></pre> </div> <h2> Error Handling and Debugging </h2> <p>Fortify Schema provides detailed error information for debugging:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="nx">UserSchema</span><span class="p">.</span><span class="nf">safeParse</span><span class="p">(</span><span class="nx">invalidData</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">result</span><span class="p">.</span><span class="nx">success</span><span class="p">)</span> <span class="p">{</span> <span class="nx">result</span><span class="p">.</span><span class="nx">errors</span><span class="p">.</span><span class="nf">forEach</span><span class="p">(</span><span class="nx">error</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`Field: </span><span class="p">${</span><span class="nx">error</span><span class="p">.</span><span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="dl">'</span><span class="s1">.</span><span class="dl">'</span><span class="p">)}</span><span class="s2">`</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`Error: </span><span class="p">${</span><span class="nx">error</span><span class="p">.</span><span class="nx">message</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`Code: </span><span class="p">${</span><span class="nx">error</span><span class="p">.</span><span class="nx">code</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`Expected: </span><span class="p">${</span><span class="nx">error</span><span class="p">.</span><span class="nx">expected</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`Received: </span><span class="p">${</span><span class="nx">error</span><span class="p">.</span><span class="nx">received</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <h2> Performance Considerations </h2> <p>Fortify Schema is designed for production use with several performance optimizations:</p> <ul> <li> <strong>Schema Compilation</strong>: Schemas are optimized at creation time rather than during validation</li> <li> <strong>Caching</strong>: Repeated validations benefit from intelligent caching of constraint checks</li> <li> <strong>Memory Efficiency</strong>: Minimal memory overhead per validation operation</li> <li> <strong>Early Termination</strong>: Validation stops on first error for faster feedback</li> </ul> <h2> Development Tooling </h2> <p>A VS Code extension provides enhanced development experience:</p> <ul> <li>Syntax highlighting for schema definitions</li> <li>IntelliSense with type and method completion</li> <li>Real-time validation with inline error detection</li> <li>Documentation on hover for validation types</li> </ul> <h2> Installation and Setup </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>fortify-schema </code></pre> </div> <p>Basic usage:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Interface</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">fortify-schema</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">schema</span> <span class="o">=</span> <span class="nc">Interface</span><span class="p">({</span> <span class="na">email</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">string(2,100)</span><span class="dl">"</span><span class="p">,</span> <span class="na">age</span><span class="p">:</span> <span class="dl">"</span><span class="s2">number(18,)?</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="nx">schema</span><span class="p">.</span><span class="nf">safeParse</span><span class="p">(</span><span class="nx">data</span><span class="p">);</span> </code></pre> </div> <h2> Use Cases </h2> <p>Fortify Schema is well-suited for:</p> <ul> <li> <strong>API Request Validation</strong>: Complex request schemas with role-based field requirements</li> <li> <strong>Configuration Management</strong>: Validating application configuration with conditional settings</li> <li> <strong>Form Processing</strong>: Multi-step forms with conditional field requirements</li> <li> <strong>Data Pipeline Validation</strong>: Ensuring data integrity in processing workflows</li> <li> <strong>Business Rule Enforcement</strong>: Expressing complex validation logic in a readable format</li> </ul> <h2> Technical Architecture </h2> <p>The library provides several validation methods:</p> <ul> <li> <code>parse(data)</code>: Synchronous validation with exceptions</li> <li> <code>safeParse(data)</code>: Safe validation returning result objects</li> <li> <code>parseAsync(data)</code>: Asynchronous validation with promises</li> <li> <code>safeParseAsync(data)</code>: Safe asynchronous validation</li> </ul> <p>All methods maintain full TypeScript type inference, ensuring validated data is properly typed without additional assertions.</p> <p>Fortify Schema offers TypeScript developers a validation solution that integrates naturally with existing codebases while providing advanced conditional validation capabilities. The interface-like syntax reduces the learning curve, while the conditional validation system handles complex business logic requirements.</p> <p><strong>Resources:</strong></p> <ul> <li><a href="https://lab.nehonix.space" rel="noopener noreferrer">Documentation</a></li> <li><a href="https://github.com/Nehonix-Team/fortify-schema" rel="noopener noreferrer">GitHub Repository</a></li> <li><a href="https://sdk.nehonix.space/pkgs/mods/vscode/latest/fortify-schema.vsix" rel="noopener noreferrer">VS Code Extension</a></li> </ul> <p><em>Have you worked with conditional validation requirements in your TypeScript projects? What approaches have you found most effective?</em></p> [Boost] Nehonix Inc Mon, 02 Jun 2025 07:03:06 +0000 https://dev.to/nehonix/-4088 https://dev.to/nehonix/-4088 <div class="ltag__link--embedded"> <div class="crayons-story "> <a href="https://dev.to/nehonix/nehonix-fortifyjs-transform-javascript-functions-into-enterprise-grade-security-powerhouses-with-3g7e" class="crayons-story__hidden-navigation-link">Nehonix FortifyJS: Transform JavaScript Functions into Enterprise-Grade Security Powerhouses with Zero Configuration</a> <div class="crayons-story__body crayons-story__body-full_post"> <div class="crayons-story__top"> <div class="crayons-story__meta"> <div class="crayons-story__author-pic"> <a href="/nehonix" class="crayons-avatar crayons-avatar--l "> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2691276%2F04bdb5af-010b-4963-abb4-c901597eb717.jpg" alt="nehonix profile" class="crayons-avatar__image"> </a> </div> <div> <div> <a href="/nehonix" class="crayons-story__secondary fw-medium m:hidden"> Nehonix Inc </a> <div class="profile-preview-card relative mb-4 s:mb-0 fw-medium hidden m:inline-block"> Nehonix Inc <div id="story-author-preview-content-2548108" class="profile-preview-card__content crayons-dropdown branded-7 p-4 pt-0"> <div class="gap-4 grid"> <div class="-mt-4"> <a href="/nehonix" class="flex"> <span class="crayons-avatar crayons-avatar--xl mr-2 shrink-0"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2691276%2F04bdb5af-010b-4963-abb4-c901597eb717.jpg" class="crayons-avatar__image" alt=""> </span> <span class="crayons-link crayons-subtitle-2 mt-5">Nehonix Inc</span> </a> </div> <div class="print-hidden"> Follow </div> <div class="author-preview-metadata-container"></div> </div> </div> </div> </div> <a href="https://dev.to/nehonix/nehonix-fortifyjs-transform-javascript-functions-into-enterprise-grade-security-powerhouses-with-3g7e" class="crayons-story__tertiary fs-xs"><time>May 31 '25</time><span class="time-ago-indicator-initial-placeholder"></span></a> </div> </div> </div> <div class="crayons-story__indention"> <h2 class="crayons-story__title crayons-story__title-full_post"> <a href="https://dev.to/nehonix/nehonix-fortifyjs-transform-javascript-functions-into-enterprise-grade-security-powerhouses-with-3g7e" id="article-link-2548108"> Nehonix FortifyJS: Transform JavaScript Functions into Enterprise-Grade Security Powerhouses with Zero Configuration </a> </h2> <div class="crayons-story__tags"> </div> <div class="crayons-story__bottom"> <div class="crayons-story__details"> <a href="https://dev.to/nehonix/nehonix-fortifyjs-transform-javascript-functions-into-enterprise-grade-security-powerhouses-with-3g7e#comments" class="crayons-btn crayons-btn--s crayons-btn--ghost crayons-btn--icon-left flex items-center"> Comments <span class="hidden s:inline">Add Comment</span> </a> </div> <div class="crayons-story__save"> <small class="crayons-story__tertiary fs-xs mr-2"> 6 min read </small> <span class="bm-initial"> </span> <span class="bm-success"> </span> </div> </div> </div> </div> </div> </div> javascript security softwareengineering Nehonix FortifyJS: Transform JavaScript Functions into Enterprise-Grade Security Powerhouses with Zero Configuration Nehonix Inc Sat, 31 May 2025 10:24:51 +0000 https://dev.to/nehonix/nehonix-fortifyjs-transform-javascript-functions-into-enterprise-grade-security-powerhouses-with-3g7e https://dev.to/nehonix/nehonix-fortifyjs-transform-javascript-functions-into-enterprise-grade-security-powerhouses-with-3g7e <h2> The Problem Every Developer Faces </h2> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// Standard JavaScript - Vulnerable and Unoptimized</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">processUserData</span><span class="p">(</span><span class="nx">userData</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// ❌ No caching - executes every time</span> <span class="c1">// ❌ No security - parameters exposed</span> <span class="c1">// ❌ No optimization - same performance always</span> <span class="c1">// ❌ No monitoring - no insights</span> <span class="c1">// ❌ Manual error handling required</span> <span class="kd">const</span> <span class="nx">validated</span> <span class="o">=</span> <span class="nf">validateUser</span><span class="p">(</span><span class="nx">userData</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">expensiveAPICall</span><span class="p">(</span><span class="nx">validated</span><span class="p">);</span> <span class="k">return</span> <span class="nx">result</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>What if I told you that you could transform this ordinary function into an enterprise-grade, self-optimizing, security-hardened powerhouse with <strong>literally zero configuration</strong>?</p> <h2> Meet Nehonix FortifyJS: The Zero-Config Security Revolution </h2> <p>Nehonix FortifyJS is a game-changing JavaScript library that transforms your ordinary functions and data structures into enterprise-grade, production-ready components with automatic security, intelligent caching, and comprehensive monitoring.</p> <h3> 🚀 The Magic of <code>func()</code> - Zero Configuration Required </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">func</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">fortify2-js</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Transform ANY function with zero configuration</span> <span class="kd">const</span> <span class="nx">processUserData</span> <span class="o">=</span> <span class="nf">func</span><span class="p">(</span><span class="k">async </span><span class="p">(</span><span class="nx">userData</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">validated</span> <span class="o">=</span> <span class="nf">validateUser</span><span class="p">(</span><span class="nx">userData</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">expensiveAPICall</span><span class="p">(</span><span class="nx">validated</span><span class="p">);</span> <span class="k">return</span> <span class="nx">result</span><span class="p">;</span> <span class="p">});</span> <span class="c1">// Execute normally - get extraordinary results</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">processUserData</span><span class="p">(</span><span class="nx">userData</span><span class="p">);</span> </code></pre> </div> <p><strong>What just happened?</strong> Your function now has:</p> <ul> <li>✅ <strong>50-80% faster execution</strong> (intelligent caching)</li> <li>✅ <strong>Military-grade encryption</strong> (automatic parameter protection)</li> <li>✅ <strong>Self-optimization</strong> (learns usage patterns)</li> <li>✅ <strong>Threat detection</strong> (blocks suspicious patterns)</li> <li>✅ <strong>Memory management</strong> (automatic cleanup)</li> <li>✅ <strong>Real-time analytics</strong> (performance insights)</li> <li>✅ <strong>Intelligent retry logic</strong> (handles failures gracefully)</li> </ul> <h2> 🎯 Core Philosophy: Security by Default, Performance by Design </h2> <h3> Traditional Approach (Painful) </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// Manual implementation nightmare</span> <span class="kd">const</span> <span class="nx">cache</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Map</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">rateLimiter</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">RateLimiter</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">monitor</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">PerformanceMonitor</span><span class="p">();</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">secureFunction</span><span class="p">(</span><span class="nx">data</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// 50+ lines of boilerplate code</span> <span class="c1">// Cache management logic</span> <span class="c1">// Security validation</span> <span class="c1">// Error handling</span> <span class="c1">// Performance monitoring</span> <span class="c1">// Memory cleanup</span> <span class="c1">// Retry logic</span> <span class="c1">// ...</span> <span class="p">}</span> </code></pre> </div> <h3> FortifyJS Approach (Effortless) </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">secureFunction</span> <span class="o">=</span> <span class="nf">func</span><span class="p">(</span><span class="k">async </span><span class="p">(</span><span class="nx">data</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// Your business logic only</span> <span class="k">return</span> <span class="nf">processData</span><span class="p">(</span><span class="nx">data</span><span class="p">);</span> <span class="p">});</span> <span class="c1">// Done. Everything else is automatic.</span> </code></pre> </div> <h2> 🔐 Secure Data Structures That Actually Work </h2> <h3> SecureArray - Arrays with Military-Grade Protection </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">fArray</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">fortify2-js</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Create secure array with automatic encryption</span> <span class="kd">const</span> <span class="nx">sensitiveData</span> <span class="o">=</span> <span class="nf">fArray</span><span class="p">([</span><span class="dl">"</span><span class="s2">api-key</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">token</span><span class="dl">"</span><span class="p">]);</span> <span class="c1">// Set encryption (optional - can be automatic)</span> <span class="nx">sensitiveData</span><span class="p">.</span><span class="nf">setEncryptionKey</span><span class="p">(</span><span class="dl">"</span><span class="s2">your-secure-key</span><span class="dl">"</span><span class="p">);</span> <span class="nx">sensitiveData</span><span class="p">.</span><span class="nf">encryptAll</span><span class="p">();</span> <span class="c1">// Use like normal array - security is transparent</span> <span class="nx">sensitiveData</span><span class="p">.</span><span class="nf">push</span><span class="p">(</span><span class="dl">"</span><span class="s2">new-secret</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">value</span> <span class="o">=</span> <span class="nx">sensitiveData</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="mi">0</span><span class="p">);</span> <span class="c1">// Automatically decrypted</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">sensitiveData</span><span class="p">.</span><span class="nf">toArray</span><span class="p">());</span> <span class="c1">// All decrypted</span> <span class="c1">// Bonus: Raw encrypted data verification</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">sensitiveData</span><span class="p">.</span><span class="nf">getRawEncryptedData</span><span class="p">());</span> <span class="c1">// Output: ['[ENCRYPTED:AES256:base64data...]', '[ENCRYPTED:AES256:base64data...]']</span> </code></pre> </div> <h3> SecureObject - Objects with Automatic Threat Detection </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">fObject</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">fortify2-js</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Automatic sensitive key detection</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">fObject</span><span class="p">({</span> <span class="na">username</span><span class="p">:</span> <span class="dl">"</span><span class="s2">admin</span><span class="dl">"</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="dl">"</span><span class="s2">secret123</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// ✅ Automatically marked sensitive</span> <span class="na">apiKey</span><span class="p">:</span> <span class="dl">"</span><span class="s2">sk-1234567890</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// ✅ Automatically marked sensitive</span> <span class="na">email</span><span class="p">:</span> <span class="dl">"</span><span class="s2">admin@company.com</span><span class="dl">"</span> <span class="p">});</span> <span class="c1">// Automatic encryption for sensitive data</span> <span class="nx">config</span><span class="p">.</span><span class="nf">encryptAll</span><span class="p">();</span> <span class="c1">// Access with automatic decryption</span> <span class="kd">const</span> <span class="nx">password</span> <span class="o">=</span> <span class="nx">config</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// Decrypted automatically</span> </code></pre> </div> <h3> SecureString - Strings with Memory Fragmentation </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">fString</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">fortify2-js</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Maximum protection for credit cards, passwords, etc.</span> <span class="kd">const</span> <span class="nx">creditCard</span> <span class="o">=</span> <span class="nf">fString</span><span class="p">(</span><span class="dl">"</span><span class="s2">4532-1234-5678-9012</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">protectionLevel</span><span class="p">:</span> <span class="dl">"</span><span class="s2">maximum</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// Military-grade security</span> <span class="na">enableFragmentation</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="c1">// Scatter across memory</span> <span class="na">enableEncryption</span><span class="p">:</span> <span class="kc">true</span> <span class="c1">// AES-256 encryption</span> <span class="p">});</span> <span class="c1">// Multi-pass secure wiping when destroyed</span> <span class="nx">creditCard</span><span class="p">.</span><span class="nf">destroy</span><span class="p">();</span> <span class="c1">// 7-pass military-grade wiping</span> </code></pre> </div> <h2> 🎯 Real-World Performance Comparison </h2> <h3> Express.js API Route - Before &amp; After </h3> <p><strong>Before (Standard Express):</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/users/:id</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// No caching - database hit every time</span> <span class="c1">// No security - parameters exposed</span> <span class="c1">// No monitoring - no insights</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">database</span><span class="p">.</span><span class="nf">findById</span><span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">params</span><span class="p">.</span><span class="nx">id</span><span class="p">);</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">(</span><span class="nx">user</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p><strong>After (FortifyJS Enhanced):</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/users/:id</span><span class="dl">'</span><span class="p">,</span> <span class="nf">func</span><span class="p">(</span><span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">database</span><span class="p">.</span><span class="nf">findById</span><span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">params</span><span class="p">.</span><span class="nx">id</span><span class="p">);</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">(</span><span class="nx">user</span><span class="p">);</span> <span class="p">}));</span> <span class="c1">// Automatic benefits:</span> <span class="c1">// ✅ Smart caching - 50-80% faster response times</span> <span class="c1">// ✅ Request parameters automatically encrypted</span> <span class="c1">// ✅ Circular reference handling (no JSON.stringify errors)</span> <span class="c1">// ✅ Performance monitoring per route</span> <span class="c1">// ✅ Memory leak prevention</span> <span class="c1">// ✅ Automatic retry logic for database failures</span> </code></pre> </div> <h3> Data Processing Pipeline </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Transform your entire data pipeline</span> <span class="kd">const</span> <span class="nx">pipeline</span> <span class="o">=</span> <span class="p">[</span> <span class="nf">func</span><span class="p">(</span><span class="nx">validateInput</span><span class="p">),</span> <span class="nf">func</span><span class="p">(</span><span class="nx">enrichData</span><span class="p">),</span> <span class="nf">func</span><span class="p">(</span><span class="nx">processAnalytics</span><span class="p">),</span> <span class="nf">func</span><span class="p">(</span><span class="nx">generateReport</span><span class="p">)</span> <span class="p">].</span><span class="nf">map</span><span class="p">(</span><span class="nx">step</span> <span class="o">=&gt;</span> <span class="nf">func</span><span class="p">(</span><span class="nx">step</span><span class="p">));</span> <span class="c1">// Double security for critical pipelines</span> <span class="c1">// Each step now has automatic:</span> <span class="c1">// - Caching for repeated operations</span> <span class="c1">// - Security for sensitive data</span> <span class="c1">// - Performance optimization</span> <span class="c1">// - Error recovery</span> </code></pre> </div> <h2> 📊 Memory Management That Actually Works </h2> <h3> The JavaScript Memory Problem </h3> <p>Standard JavaScript strings and objects have a critical flaw: <strong>you cannot securely wipe them from memory</strong>. This leaves sensitive data vulnerable to memory dumps and forensic analysis.</p> <h3> FortifyJS Solution: Automatic Memory Management </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Automatic memory registration and tracking</span> <span class="kd">const</span> <span class="nx">secureData</span> <span class="o">=</span> <span class="nf">fObject</span><span class="p">({</span> <span class="na">password</span><span class="p">:</span> <span class="dl">"</span><span class="s2">super-secret</span><span class="dl">"</span><span class="p">,</span> <span class="na">apiKey</span><span class="p">:</span> <span class="dl">"</span><span class="s2">🤣😋</span><span class="dl">"</span> <span class="p">});</span> <span class="c1">// Behind the scenes (AUTOMATIC):</span> <span class="c1">// ✅ Memory tracking enabled</span> <span class="c1">// ✅ Leak detection monitoring</span> <span class="c1">// ✅ Pressure handling configured</span> <span class="c1">// ✅ Pool optimization active</span> <span class="c1">// ✅ Secure wiping prepared</span> <span class="c1">// When memory pressure hits 80%:</span> <span class="c1">// ✅ Automatic cleanup triggered</span> <span class="c1">// ✅ Unused buffers securely wiped</span> <span class="c1">// ✅ Memory pools optimized</span> <span class="c1">// ✅ Garbage collection optimized</span> <span class="c1">// Get real-time memory insights</span> <span class="kd">const</span> <span class="nx">stats</span> <span class="o">=</span> <span class="nx">secureData</span><span class="p">.</span><span class="nf">getMemoryUsage</span><span class="p">();</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">({</span> <span class="na">memory</span><span class="p">:</span> <span class="nx">stats</span><span class="p">.</span><span class="nx">formattedMemory</span><span class="p">,</span> <span class="c1">// "2.5 B"</span> <span class="na">buffers</span><span class="p">:</span> <span class="nx">stats</span><span class="p">.</span><span class="nx">bufferCount</span><span class="p">,</span> <span class="c1">// 3</span> <span class="na">hitRate</span><span class="p">:</span> <span class="nx">stats</span><span class="p">.</span><span class="nx">poolStats</span><span class="p">.</span><span class="nx">hitRate</span> <span class="c1">// 0.85 (85% efficiency)</span> <span class="p">});</span> </code></pre> </div> <h2> 🛡️ Security Features That Set FortifyJS Apart </h2> <h3> 1. Automatic Sensitive Data Detection </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">userData</span> <span class="o">=</span> <span class="nf">fObject</span><span class="p">({</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">John Doe</span><span class="dl">"</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="dl">"</span><span class="s2">john@example.com</span><span class="dl">"</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="dl">"</span><span class="s2">secret123</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// ✅ Auto-detected as sensitive (to get default keys: use `getSensitiveKeys()` method )</span> <span class="na">socialSecurity</span><span class="p">:</span> <span class="dl">"</span><span class="s2">123-45-6789</span><span class="dl">"</span><span class="p">,</span> <span class="na">apiKey</span><span class="p">:</span> <span class="dl">"</span><span class="s2">sk-1234567890</span><span class="dl">"</span><span class="p">,</span> <span class="na">phoneNumber</span><span class="p">:</span> <span class="dl">"</span><span class="s2">+1-555-0123</span><span class="dl">"</span> <span class="p">});</span> <span class="c1">// Sensitive keys automatically encrypted</span> <span class="c1">// Regular data remains performant</span> </code></pre> </div> <h3> 2. Military-Grade Memory Wiping </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">sensitiveString</span> <span class="o">=</span> <span class="nf">fString</span><span class="p">(</span><span class="dl">"</span><span class="s2">classified-information</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// When destroyed - 7-pass secure wiping:</span> <span class="c1">// Pass 1: Fill with 0x00 (zeros)</span> <span class="c1">// Pass 2: Fill with 0xFF (ones) </span> <span class="c1">// Pass 3: Fill with 0xAA (alternating)</span> <span class="c1">// Pass 4: Fill with 0x55 (inverse)</span> <span class="c1">// Pass 5: Fill with 0x00 (zeros again)</span> <span class="c1">// Pass 6: Cryptographic random data</span> <span class="c1">// Pass 7: Final zero pass</span> <span class="nx">sensitiveString</span><span class="p">.</span><span class="nf">destroy</span><span class="p">();</span> <span class="c1">// Memory forensically unrecoverable</span> </code></pre> </div> <h3> 3. Memory Fragmentation </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">creditCard</span> <span class="o">=</span> <span class="nf">fString</span><span class="p">(</span><span class="dl">"</span><span class="s2">4532-1234-5678-9012</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">enableFragmentation</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="c1">// String automatically split across multiple memory locations</span> <span class="c1">// Even if one fragment is found, others remain secure</span> <span class="c1">// Reconstruction requires all fragments + encryption keys</span> </code></pre> </div> <h2> 📈 Performance Metrics That Prove the Value </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Metric</th> <th>Standard JS</th> <th>FortifyJS</th> <th>Improvement</th> </tr> </thead> <tbody> <tr> <td><strong>Execution Speed</strong></td> <td>Baseline</td> <td>50-80% faster</td> <td>Intelligent caching</td> </tr> <tr> <td><strong>Memory Efficiency</strong></td> <td>Manual</td> <td>95% efficiency</td> <td>Pool management</td> </tr> <tr> <td><strong>Security Vulnerabilities</strong></td> <td>High</td> <td>Zero*</td> <td>Automatic protection</td> </tr> <tr> <td><strong>Memory Leaks</strong></td> <td>Common</td> <td>Prevented</td> <td>Auto-detection</td> </tr> <tr> <td><strong>Development Time</strong></td> <td>100%</td> <td>30%</td> <td>Zero config</td> </tr> </tbody> </table></div> <p>*With proper key management</p> <h2> 🚀 Getting Started (Seriously, It's This Simple) </h2> <h3> Installation </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>fortify2-js <span class="c"># or</span> yarn add fortify2-js </code></pre> </div> <h3> Basic Usage </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">func</span><span class="p">,</span> <span class="nx">fArray</span><span class="p">,</span> <span class="nx">fObject</span><span class="p">,</span> <span class="nx">fString</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">fortify2-js</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Transform functions</span> <span class="kd">const</span> <span class="nx">smartFunction</span> <span class="o">=</span> <span class="nf">func</span><span class="p">(</span><span class="nx">yourFunction</span><span class="p">);</span> <span class="c1">// Secure data structures</span> <span class="kd">const</span> <span class="nx">secureArray</span> <span class="o">=</span> <span class="nf">fArray</span><span class="p">([</span><span class="dl">"</span><span class="s2">sensitive</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">data</span><span class="dl">"</span><span class="p">]);</span> <span class="kd">const</span> <span class="nx">secureObject</span> <span class="o">=</span> <span class="nf">fObject</span><span class="p">({</span> <span class="na">password</span><span class="p">:</span> <span class="dl">"</span><span class="s2">secret</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">secureString</span> <span class="o">=</span> <span class="nf">fString</span><span class="p">(</span><span class="dl">"</span><span class="s2">classified-info</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// Execute normally - get extraordinary results</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">smartFunction</span><span class="p">(</span><span class="nx">data</span><span class="p">);</span> </code></pre> </div> <h3> Express.js Integration </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">func</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">fortify2-js</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="c1">// Transform ALL your routes with zero configuration</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/users/:id</span><span class="dl">'</span><span class="p">,</span> <span class="nf">func</span><span class="p">(</span><span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">getUserById</span><span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">params</span><span class="p">.</span><span class="nx">id</span><span class="p">);</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">(</span><span class="nx">user</span><span class="p">);</span> <span class="p">}));</span> <span class="c1">// Every route now has enterprise-grade security and performance</span> </code></pre> </div> <h2> 🎨 Advanced Features for Power Users </h2> <h3> Real-Time Analytics </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">smartFunction</span> <span class="o">=</span> <span class="nf">func</span><span class="p">(</span><span class="k">async</span><span class="p">(</span><span class="nx">s</span><span class="p">:</span> <span class="kr">string</span><span class="p">)</span><span class="o">=&gt;</span><span class="p">{</span> <span class="k">return</span> <span class="k">await </span><span class="p">(</span><span class="nf">fString</span><span class="p">(</span><span class="nx">s</span><span class="p">).</span><span class="nf">hash</span><span class="p">(</span><span class="dl">"</span><span class="s2">SHA-256</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">uint8array</span><span class="dl">"</span><span class="p">))</span> <span class="p">});</span> <span class="nf">func</span><span class="p">(</span><span class="k">async</span><span class="p">()</span><span class="o">=&gt;</span><span class="p">{</span> <span class="c1">// Execute operations</span> <span class="k">await</span> <span class="nf">smartFunction</span><span class="p">(</span><span class="dl">"</span><span class="s2">data1</span><span class="dl">"</span><span class="p">);</span> <span class="k">await</span> <span class="nf">smartFunction</span><span class="p">(</span><span class="dl">"</span><span class="s2">data2</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// Access rich analytics</span> <span class="kd">const</span> <span class="nx">analytics</span> <span class="o">=</span> <span class="nx">smartFunction</span><span class="p">.</span><span class="nf">getAnalyticsData</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">suggestions</span> <span class="o">=</span> <span class="nx">smartFunction</span><span class="p">.</span><span class="nf">getOptimizationSuggestions</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">trends</span> <span class="o">=</span> <span class="nx">smartFunction</span><span class="p">.</span><span class="nf">getPerformanceTrends</span><span class="p">();</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">analytics result:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">analytics</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">suggestions:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">suggestions</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">trends: </span><span class="dl">"</span><span class="p">,</span> <span class="nx">trends</span><span class="p">);</span> <span class="p">})()</span> </code></pre> </div> <h3> Snapshot Management </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code> <span class="kd">const</span> <span class="nx">versionedArray</span> <span class="o">=</span> <span class="nf">fArray</span><span class="p">([</span><span class="dl">"</span><span class="s2">v1-data</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">v1-config</span><span class="dl">"</span><span class="p">]);</span> <span class="c1">// Create snapshot</span> <span class="kd">const</span> <span class="nx">snapshotId</span> <span class="o">=</span> <span class="nx">versionedArray</span><span class="p">.</span><span class="nf">createSnapshot</span><span class="p">();</span> <span class="c1">// Modify data</span> <span class="nx">versionedArray</span><span class="p">.</span><span class="nf">push</span><span class="p">(</span><span class="dl">"</span><span class="s2">v2-data</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// logging before restore</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">versionedArray: </span><span class="dl">"</span><span class="p">,</span> <span class="nx">versionedArray</span><span class="p">.</span><span class="nf">toArray</span><span class="p">());</span> <span class="c1">// Restore to previous state</span> <span class="nx">versionedArray</span><span class="p">.</span><span class="nf">restoreFromSnapshot</span><span class="p">(</span><span class="nx">snapshotId</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">snapshotId: </span><span class="dl">"</span><span class="p">,</span> <span class="nx">snapshotId</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">versionedArray: </span><span class="dl">"</span><span class="p">,</span> <span class="nx">versionedArray</span><span class="p">.</span><span class="nf">toArray</span><span class="p">());</span> </code></pre> </div> <h3> Event-Driven Security </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">secureData</span> <span class="o">=</span> <span class="nf">fObject</span><span class="p">({</span> <span class="na">sensitive</span><span class="p">:</span> <span class="dl">"</span><span class="s2">data</span><span class="dl">"</span> <span class="p">});</span> <span class="c1">// Listen for security events</span> <span class="nx">secureData</span><span class="p">.</span><span class="nf">addEventListener</span><span class="p">(</span><span class="dl">"</span><span class="s2">filtered</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">event</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">Data filtered:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">event</span><span class="p">);</span> <span class="p">});</span> <span class="c1">// filter</span> <span class="nx">secureData</span><span class="p">.</span><span class="nf">filter</span><span class="p">((</span><span class="nx">item</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">item</span><span class="p">.</span><span class="nf">includes</span><span class="p">(</span><span class="dl">"</span><span class="s2">sensitive</span><span class="dl">"</span><span class="p">));</span> </code></pre> </div> <h2> 🏆 Why FortifyJS Is a Game-Changer </h2> <h3> For Startups </h3> <ul> <li> <strong>Zero learning curve</strong> - works with existing code</li> <li> <strong>Instant security</strong> - no security expertise required</li> <li> <strong>Performance boost</strong> - faster apps with less effort</li> <li> <strong>Cost savings</strong> - reduce infrastructure needs</li> </ul> <h3> For Enterprises </h3> <ul> <li> <strong>Compliance ready</strong> - military-grade encryption</li> <li> <strong>Audit friendly</strong> - comprehensive logging</li> <li> <strong>Scalable</strong> - handles enterprise workloads</li> <li> <strong>Zero maintenance</strong> - automatic optimization</li> </ul> <h3> For Developers </h3> <ul> <li> <strong>No boilerplate</strong> - focus on business logic</li> <li> <strong>Type safety</strong> - full TypeScript support</li> <li> <strong>Rich analytics</strong> - understand your app's performance</li> <li> <strong>Peace of mind</strong> - security handled automatically</li> </ul> <h2> 🔮 The Future of Secure JavaScript </h2> <p>FortifyJS represents a paradigm shift from "security as an afterthought" to "security by default." By automatically handling the complex security and performance challenges that plague modern applications, it allows developers to focus on what matters most: building great products.</p> <h3> What's Next? </h3> <p>The library is actively developed with upcoming features:</p> <ul> <li>Quantum-resistant encryption</li> <li>Advanced threat intelligence</li> <li>Cloud integration</li> <li>AI-powered optimization</li> </ul> <h2> 🤝 Join the Community </h2> <p>FortifyJS is more than a library - it's a movement toward making JavaScript applications secure by default.</p> <p><strong>Get involved:</strong></p> <ul> <li>⭐ Star the repository</li> <li>🐛 Report issues and feature requests</li> <li>💬 Join discussions</li> <li>🤝 Contribute to the codebase</li> </ul> <h2> 📚 Resources </h2> <ul> <li> <strong>Documentation</strong>: Comprehensive guides and API references</li> <li> <strong>Examples</strong>: Real-world usage patterns</li> <li> <strong>Best Practices</strong>: Security and performance recommendations</li> <li> <strong>Migration Guides</strong>: Easy transition from standard JavaScript</li> </ul> <h2> Contribute now: <a href="https://github.com/nehonix/fortifyjs" rel="noopener noreferrer">https://github.com/nehonix/fortifyjs</a> </h2> <p>for full doc, check: <a href="https://lab.nehonix.space/nehonix_viewer/_doc/Nehonix%20FortifyJs/readme.md" rel="noopener noreferrer">https://lab.nehonix.space</a></p> <p><strong>Ready to transform your JavaScript applications?</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>fortify2-js </code></pre> </div> <p>Your functions will never be the same again. 🚀</p> <p><em>What do you think? Have you faced similar security or performance challenges in your JavaScript applications? Share your experiences in the comments below!</em></p> <h1> JavaScript #Security #Performance #WebDevelopment #NodeJS #TypeScript </h1> Secure Your URLs with NehonixURIProcessor v2.2.0: The Ultimate TypeScript Library for URI Validation Nehonix Inc Fri, 25 Apr 2025 23:40:01 +0000 https://dev.to/nehonix/secure-your-urls-with-nehonixuriprocessor-v220-the-ultimate-typescript-library-for-uri-validation-3kl5 https://dev.to/nehonix/secure-your-urls-with-nehonixuriprocessor-v220-the-ultimate-typescript-library-for-uri-validation-3kl5 <p>Hey Dev.to community! 👋 I’m thrilled to share <strong>NehonixURIProcessor v2.2.0</strong>, a powerful TypeScript library designed for developers and security enthusiasts who need to validate, decode, and secure URIs like pros. Whether you’re building web apps, testing for vulnerabilities, or just wrestling with tricky URLs, this library has your back. Let’s dive into why it’s a game-changer and how you can start using it today!<br> A full documentation is availlable on <a href="https://lab.nehonix.space/nehonix_viewer/_doc/NehonixUriProcessor/readme" rel="noopener noreferrer">lab.nehonix.space</a></p> <h2> What’s NehonixURIProcessor? </h2> <p>NehonixURIProcessor is a TypeScript-first library for URI processing, offering robust validation, encoding/decoding, and security analysis. It’s built for:</p> <ul> <li> <strong>Security testing</strong>: Detect malicious patterns like XSS or SQL injection.</li> <li> <strong>Web development</strong>: Validate URLs with fine-grained control.</li> <li> <strong>Penetration testing</strong>: Analyze and decode complex URI encodings.</li> </ul> <p>With version 2.2.0, we’ve leveled up the library with new features, better type safety, and enhanced documentation. Here’s the scoop!</p> <h2> Key Features in v2.2.0 </h2> <h3> 1. Advanced URL Validation with <code>checkUrl</code> and <code>asyncCheckUrl</code> </h3> <p>The <code>checkUrl</code> (synchronous) and <code>asyncCheckUrl</code> (asynchronous) methods let you validate URLs against customizable rules. Need to ensure a URL uses HTTPS, has a specific hostname, or avoids duplicate query params? No problem!<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">NehonixURIProcessor</span> <span class="k">as</span> <span class="nx">__processor__</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">nehonix-uri-processor</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">__processor__</span><span class="p">.</span><span class="nf">asyncCheckUrl</span><span class="p">(</span> <span class="dl">"</span><span class="s2">https://example.com?user=&lt;script&gt;</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">httpsOnly</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">detectMaliciousPatterns</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">customValidations</span><span class="p">:</span> <span class="p">[[</span><span class="dl">"</span><span class="s2">hostname</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">===</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">example.com</span><span class="dl">"</span><span class="p">]],</span> <span class="p">}</span> <span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">validationDetails</span><span class="p">.</span><span class="nx">maliciousPatterns</span><span class="p">);</span> <span class="c1">// Output: { isValid: false, message: "Malicious pattern detected", detectedPatterns: [{ type: "XSS", value: "&lt;script&gt;", score: 90 }], ... }</span> </code></pre> </div> <p>New in 2.2.0: <code>asyncCheckUrl</code> now includes malicious pattern results in <code>validationDetails.maliciousPatterns</code>, making it easier to integrate with your security workflows.</p> <h3> 2. Malicious Pattern Detection </h3> <p>Protect your app from attacks with <code>detectMaliciousPatterns</code> and <code>needsDeepScan</code>. These methods analyze URIs for threats like XSS or SQL injection, with configurable sensitivity.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">needsScan</span> <span class="o">=</span> <span class="nx">__processor__</span><span class="p">.</span><span class="nf">needsDeepScan</span><span class="p">(</span> <span class="dl">"</span><span class="s2">https://example.com?user=admin' OR '1'='1</span><span class="dl">"</span> <span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">needsScan</span><span class="p">);</span> <span class="c1">// true</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="nx">__processor__</span><span class="p">.</span><span class="nf">detectMaliciousPatterns</span><span class="p">(</span> <span class="dl">"</span><span class="s2">https://example.com?user=&lt;script&gt;</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">sensitivity</span><span class="p">:</span> <span class="mf">1.0</span> <span class="p">}</span> <span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">);</span> <span class="c1">// Detailed analysis with detected patterns</span> </code></pre> </div> <h3> 3. Auto-Detection and Decoding </h3> <p>Decode complex URIs effortlessly with <code>autoDetectAndDecode</code> or its async counterpart. It handles Base64, percent encoding, JWT, and more, even in nested scenarios.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">decoded</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">__processor__</span><span class="p">.</span><span class="nf">asyncAutoDetectAndDecode</span><span class="p">(</span> <span class="dl">"</span><span class="s2">https://example.com?data=SGVsbG8gV29ybGQ=</span><span class="dl">"</span> <span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">decoded</span><span class="p">);</span> <span class="c1">// https://example.com?data=Hello World</span> </code></pre> </div> <h3> 4. Framework Integrations </h3> <p>Seamlessly integrate with Express or React:</p> <ul> <li> <strong>Express Middleware</strong>: Block malicious URIs automatically.</li> <li> <strong>React Hook</strong>: Validate URLs in your components with <code>useNehonixShield</code>. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">SecurityDemo</span> <span class="o">=</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">scanUrl</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">useNehonixShield</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">handleAnalyze</span> <span class="o">=</span> <span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">scanUrl</span><span class="p">(</span><span class="dl">"</span><span class="s2">https://example.com?category=books</span><span class="dl">"</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">);</span> <span class="p">};</span> <span class="k">return</span> <span class="o">&lt;</span><span class="nx">button</span> <span class="nx">onClick</span><span class="o">=</span><span class="p">{</span><span class="nx">handleAnalyze</span><span class="p">}</span><span class="o">&gt;</span><span class="nx">Analyze</span> <span class="nx">URL</span><span class="o">&lt;</span><span class="sr">/button&gt;</span><span class="err">; </span><span class="p">};</span> </code></pre> </div> <h3> 5. TypeScript Awesomeness </h3> <p>Version 2.2.0 brings enhanced type safety. The new <code>AsyncUrlCheckResult</code> type ensures <code>maliciousPatterns</code> lives in <code>validationDetails</code>, keeping your code clean and predictable.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">type</span> <span class="nx">AsyncUrlCheckResult</span> <span class="o">=</span> <span class="nb">Omit</span><span class="o">&lt;</span><span class="nx">UrlCheckResult</span><span class="p">,</span> <span class="dl">'</span><span class="s1">validationDetails</span><span class="dl">'</span><span class="o">&gt;</span> <span class="o">&amp;</span> <span class="p">{</span> <span class="na">validationDetails</span><span class="p">:</span> <span class="nx">UrlCheckResult</span><span class="p">[</span><span class="dl">'</span><span class="s1">validationDetails</span><span class="dl">'</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">{</span> <span class="nx">maliciousPatterns</span><span class="p">?:</span> <span class="p">{</span> <span class="nx">isValid</span><span class="p">?:</span> <span class="nx">boolean</span><span class="p">;</span> <span class="nl">message</span><span class="p">?:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">detectedPatterns</span><span class="p">?:</span> <span class="nx">DetectedPattern</span><span class="p">[];</span> <span class="p">...</span> <span class="p">};</span> <span class="p">};</span> <span class="p">};</span> </code></pre> </div> <h3> 6. New Methods and Utilities </h3> <ul> <li> <code>asyncIsUrlValid</code>: Async URI validation for non-blocking workflows.</li> <li> <code>sanitizeInput</code>: Strip malicious patterns (use cautiously, it’s still stabilizing).</li> <li> <code>__processor__</code> alias: Import <code>NehonixURIProcessor</code> as <code>__processor__</code> for shorter code.</li> </ul> <h2> What’s New in v2.2.0? </h2> <ul> <li> <strong>Improved Type Structure</strong>: <code>maliciousPatterns</code> now resides in <code>validationDetails</code> for <code>asyncCheckUrl</code>, streamlining security result handling.</li> <li> <strong>New Security Features</strong>: Added <code>needsDeepScan</code> and <code>detectMaliciousPatterns</code> for robust threat detection.</li> <li> <strong>Better Docs</strong>: Updated <code>readme.md</code> and <code>checkUrlMethod.md</code> with clearer examples and detailed type info.</li> <li> <strong>Fixed Bugs</strong>: Corrected <code>analyzeUrl</code> to <code>scanUrl</code> in React Hook examples and improved <code>literalValue</code> type safety.</li> </ul> <p>Check out the full <a href="https://lab.nehonix.space/nehonix_viewer/_doc/NehonixUriProcessor/docs/changelog" rel="noopener noreferrer">changelog</a> for details!</p> <h2> Why You’ll Love It </h2> <ul> <li> <strong>Security-First</strong>: Built for detecting and preventing URI-based attacks.</li> <li> <strong>Flexible</strong>: Supports custom validation rules, international characters, and framework integrations.</li> <li> <strong>Developer-Friendly</strong>: TypeScript types, clear docs, and a short import alias (<code>__processor__</code>).</li> <li> <strong>Open-Source</strong>: MIT-licensed, with a welcoming community for contributions.</li> </ul> <h2> Get Started in Minutes </h2> <ol> <li>Install the library: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> npm <span class="nb">install </span>nehonix-uri-processor punycode </code></pre> </div> <ol> <li>Try a quick example: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code> <span class="k">import</span> <span class="p">{</span> <span class="nx">NehonixURIProcessor</span> <span class="k">as</span> <span class="nx">__processor__</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">nehonix-uri-processor</span><span class="dl">"</span><span class="p">;</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">validateUrl</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">__processor__</span><span class="p">.</span><span class="nf">asyncCheckUrl</span><span class="p">(</span> <span class="dl">"</span><span class="s2">https://example.com/login</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">httpsOnly</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">detectMaliciousPatterns</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">}</span> <span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">isValid</span> <span class="p">?</span> <span class="dl">"</span><span class="s2">Safe URL!</span><span class="dl">"</span> <span class="p">:</span> <span class="dl">"</span><span class="s2">Potential threat detected!</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="nf">validateUrl</span><span class="p">();</span> </code></pre> </div> <ol> <li>Explore the <a href="https://lab.nehonix.space" rel="noopener noreferrer">docs</a> and <a href="http://github.com/nehonix/nehonixUriProcessor" rel="noopener noreferrer">GitHub repo</a> for more.</li> </ol> <h2> Join the Community </h2> <p>I’d love for you to try NehonixURIProcessor and share your feedback! Whether you’re securing a web app, testing APIs, or decoding gnarly URIs, this library is here to help. Star the <a href="http://github.com/nehonix/nehonixUriProcessor" rel="noopener noreferrer">GitHub repo</a>, open an issue, or contribute a feature. Let’s make the web safer together! 🚀</p> <p>Have questions or ideas? Drop a comment below. Happy coding, Dev.to fam! 😎</p> <h1> TypeScript #JavaScript #Security #WebDevelopment #OpenSource </h1> Introducing Nehonix URI Processor: Simplify URI Validation and Security in TypeScript Nehonix Inc Tue, 22 Apr 2025 09:26:09 +0000 https://dev.to/nehonix/introducing-nehonix-uri-processor-simplify-uri-validation-and-security-in-typescript-34ef https://dev.to/nehonix/introducing-nehonix-uri-processor-simplify-uri-validation-and-security-in-typescript-34ef <h1> Introducing Nehonix URI Processor: Simplify URI Validation and Security in TypeScript </h1> <p>Hey Dev.to community! 👋 I’m thrilled to share a project I’ve been working on: <strong>nehonix-uri-processor</strong>, a TypeScript library that makes URI validation, decoding, and security analysis a breeze. Whether you’re building a web app, securing an API, or conducting security tests, this library is here to help. Let’s dive in!</p> <h2> What is nehonix-uri-processor? </h2> <p><code>nehonix-uri-processor</code> is a lightweight TypeScript library for handling URIs securely and efficiently. It’s packed with features to validate, decode, and analyze URIs, making it an essential tool for web developers and security researchers.</p> <h3> Key Features </h3> <ul> <li> <strong>Validate URIs</strong>: Check URIs against custom rules (e.g., HTTPS-only, max length).</li> <li> <strong>Auto-Decode URIs</strong>: Automatically detect and decode encodings like Base64, percent encoding, and more.</li> <li> <strong>Security Analysis</strong>: Identify potential vulnerabilities in URIs.</li> <li> <strong>WAF Testing</strong>: Generate encoding variants to test Web Application Firewalls (WAFs).</li> </ul> <p>The library is at version <code>2.1.3</code>, published under the MIT License, so it’s free to use in any project!</p> <h2> Why I Built This </h2> <p>Handling URIs can be tricky—whether it’s validating user inputs, decoding encoded parameters, or checking for security risks. I often found myself writing repetitive code to handle these tasks, and existing solutions either lacked TypeScript support or were too complex. So, I created <code>nehonix-uri-processor</code> to simplify URI processing while keeping security in mind.</p> <h2> Getting Started </h2> <h3> Installation </h3> <p>Install the library via npm:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm i nehonix-uri-processor </code></pre> </div> <p>You’ll also need to install the <code>punycode</code> dependency:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>punycode </code></pre> </div> <h3> A Quick Example </h3> <p>Here’s how you can use <code>nehonix-uri-processor</code> to decode a Base64-encoded URI parameter:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">NehonixURIProcessor</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">nehonix-uri-processor</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Decode a Base64-encoded query parameter</span> <span class="kd">const</span> <span class="nx">encodedUri</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">SGVsbG8gV29ybGQ=</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// "Hello World" in Base64</span> <span class="kd">const</span> <span class="nx">decoded</span> <span class="o">=</span> <span class="nx">NehonixURIProcessor</span><span class="p">.</span><span class="nf">autoDetectAndDecode</span><span class="p">(</span><span class="nx">encodedUri</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">decoded</span><span class="p">);</span> <span class="c1">// Outputs: "Hello World"</span> </code></pre> </div> <p>This example uses the recommended <code>autoDetectAndDecode</code> method, which automatically detects the encoding (Base64 in this case) and decodes it to plaintext.</p> <h2> Use Case: Securing an API Endpoint </h2> <p>Let’s say you’re building an API that accepts URLs as query parameters. You want to validate and decode the URIs before processing them to avoid security issues. Here’s how <code>nehonix-uri-processor</code> can help:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">NehonixURIProcessor</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">nehonix-uri-processor</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Example API endpoint</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">handleRequest</span><span class="p">(</span><span class="nx">queryParam</span><span class="p">:</span> <span class="kr">string</span><span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="c1">// Decode the query parameter</span> <span class="kd">const</span> <span class="nx">decoded</span> <span class="o">=</span> <span class="nx">NehonixURIProcessor</span><span class="p">.</span><span class="nf">autoDetectAndDecode</span><span class="p">(</span><span class="nx">queryParam</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">Decoded:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">decoded</span><span class="p">);</span> <span class="c1">// Validate the URI (e.g., only allow HTTPS URLs)</span> <span class="kd">const</span> <span class="nx">isValid</span> <span class="o">=</span> <span class="nx">NehonixURIProcessor</span><span class="p">.</span><span class="nf">isValidUri</span><span class="p">(</span><span class="nx">decoded</span><span class="p">,</span> <span class="p">{</span> <span class="na">httpsOnly</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">isValid</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Invalid URI</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Process the URI safely</span> <span class="k">return</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">success</span><span class="dl">"</span><span class="p">,</span> <span class="na">data</span><span class="p">:</span> <span class="nx">decoded</span> <span class="p">};</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">error</span><span class="dl">"</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="nx">error</span><span class="p">.</span><span class="nx">message</span> <span class="p">};</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// Test with an encoded URI</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="nf">handleRequest</span><span class="p">(</span><span class="dl">"</span><span class="s2">https://example.com?data=SGVsbG8gV29ybGQ=</span><span class="dl">"</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">);</span> <span class="c1">// { status: "success", data: "https://example.com?data=Hello World" }</span> </code></pre> </div> <p>This code ensures the URI is decoded and validated before being processed, reducing risks like injection attacks or malformed inputs.</p> <h2> What’s New in v2.1.3? </h2> <p>The latest version includes several improvements:</p> <ul> <li>Added MIT License for open-source usage.</li> <li>Fixed circular dependency issues for better reliability.</li> <li>Improved decoding to handle edge cases (e.g., correctly converting <code>Hello+World</code> to <code>Hello World</code>).</li> <li>Switched to named exports for a clearer API (<code>import { NehonixURIProcessor } from "nehonix-uri-processor"</code>).</li> </ul> <h2> Try It Out! </h2> <p>You can install <code>nehonix-uri-processor</code> now and give it a try:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm i nehonix-uri-processor </code></pre> </div> <p>For more examples and details, check out the <a href="https://lab.nehonix.space/nehonix_viewer/_doc/NehonixUriProcessor/readme" rel="noopener noreferrer">documentation</a>. I’d love to hear your feedback—let me know how it works for you in the comments! 😄</p> <h2> Contribute </h2> <p>Want to help make this library even better? Contributions are welcome! Fork the repo on GitHub and submit a pull request.</p> <p>Thanks for reading! If you’re working on a project that involves URIs, I hope <code>nehonix-uri-processor</code> can save you some time and keep your app secure. Let’s discuss in the comments—what’s your go-to tool for URI handling?</p> webdev programming javascript typescript